On Mon 02 Apr 2018 at 18:16:15 (+0200), Laurent Lyaudet wrote: > I'm using Stretch. I do security updates daily. > On 29th of march, I had an update for systemd : > > 2018-03-29 21:53:53 startup archives unpack > 2018-03-29 21:53:59 upgrade libsystemd0:amd64 232-25+deb9u2 232-25+deb9u3 > 2018-03-29 21:53:59 status triggers-pending libc-bin:amd64 2.24-11+deb9u3 […] > 2018-03-29 21:54:13 status installed libpam-systemd:amd64 232-25+deb9u3 > 2018-03-29 21:54:13 trigproc initramfs-tools:all 0.130 <aucune> > 2018-03-29 21:54:13 status half-configured initramfs-tools:all 0.130 > 2018-03-29 21:54:24 status installed initramfs-tools:all 0.130 > > I checked that there was no security update for Systemd. > Moreover, if I look at one package in particular, let's say libsystemd0, > the update log says it is now deb9u3 version but the debian package page > says it is still deb9u2. > https://packages.debian.org/search?keywords=libsystemd0&searchon=names&suite=stretch§ion=all > > Today I reinstalled Debian from scratch on my laptop using my net install > CD. > It installed again libsystemd deb9u3, etc. > 2018-04-02 15:19:10 upgrade libsystemd0:amd64 232-25+deb9u1 232-25+deb9u3 > > What is this update that is referenced nowhere ? hacking ?
It might be more pleasant to look at /var/log/apt/history.log rather than /var/log/dpkg.log which looks more like debug output than a log. (Both logs should have been rotated since the above, so .1 will have been appended to the previous month's filenames.) Cheers, David.
