On 2018-04-02 18:16 +0200, Laurent Lyaudet wrote: > I'm using Stretch. I do security updates daily. > On 29th of march, I had an update for systemd :
> I checked that there was no security update for Systemd. > Moreover, if I look at one package in particular, let's say libsystemd0, > the update log says it is now deb9u3 version but the debian package page > says it is still deb9u2. > https://packages.debian.org/search?keywords=libsystemd0&searchon=names&suite=stretch§ion=all > Today I reinstalled Debian from scratch on my laptop using my net install > CD. > It installed again libsystemd deb9u3, etc. > 2018-04-02 15:19:10 upgrade libsystemd0:amd64 232-25+deb9u1 232-25+deb9u3 > > What is this update that is referenced nowhere ? hacking ? No, this was an upload to stretch-updates, and it has been announced on the list dedicated for such updates: https://lists.debian.org/debian-stable-announce/2018/03/msg00001.html Cheers, Sven
