[ Please Cc me: I'm not subscribed ] Hi,
I might have missed something obvious, but I don't think I understand how security updates of linux are managed in terms of suites. On 2019-11-24, due to https://lists.debian.org/debian-security-announce/2019/msg00215.html, linux was updated to 4.9.189-3+deb9u2 in oldstable. However, this resulted in a new binary package: linux-image-4.9.0-11-amd64. The linux-latest source package was not updated in oldstable-security, so linux-image-amd64=4.9+80+deb9u6 still depends on linux-image-4.9.0-8-amd64. Later, on 2020-01-30, linux-latest was updated to 80+deb9u10 in oldstable. For systems that rely on normal apt-get (dist-)upgrades, I think that it means that the kernel was not updated automatically before 2020-01-30. For systems relying on unattended-upgrades, which only upgrades from debian-security, it means that they are stuck with linux-image-4.9.0-8-amd64. Is that the expected behaviour? Shouldn't linux-latest be updated at the same time as linux? Thanks Lucas
