On Sun 03 Jun 2018 at 20:05:39 (-0400), Kenneth Parker wrote:
> On Fri, May 25, 2018 at 10:02 PM, Kenneth Parker <sea7k...@gmail.com> wrote:
>
> >
> > <snip>
> >>
> >> > dist-upgrade
> >> > dist-upgrade in addition to performing the function of
> >> upgrade, also intelligently
> >> > handles changing dependencies with new versions of packages;
> >> apt-get has a "smart"
> >> > conflict resolution system, and it will attempt to upgrade
> >> the most important packages
> >> > at the expense of less important ones if necessary. The
> >> dist-upgrade command may
> >> > therefore remove some packages. The /etc/apt/sources.list
> >> file contains a list of
> >> > locations from which to retrieve desired package files. See
> >> also apt_preferences(5)
> >> > for a mechanism for overriding the general settings for
> >> individual packages.
> >>
> >> Warning: Ubuntu ("close enough" to Debian to confuse me, multiple years)
> > regularly requires dist-upgrade to do their frequent Kernel Upgrades,
> > because they change Version Numbers on, among other things, the vmlinuz
> > file. So, when I do "apt-get upgrade" on the remaining Ubuntu Laptop, I
> > regularly see things like,
> >
> > <snip>
>
> Wow! I said "bad things" about Ubuntu regarding this topic but, just
> today, experienced the same kind of thing, with Debian Stretch, regarding
> the vlc "uber Package". Seems it's replacing libvlccore8 with libvlccore9,
> along with several other replacements! So Debian also uses this technique
> (dist-upgrade) for, other than "Upgrading the Distribution".
>
> Sorry about that, Ubuntu. :-)
>
> Kenneth Parker
Your criticism of Debian is unjustified. apt-get dist-upgrade is
required to upgrade libvlccore8 to libvlccore9 because, of course, the
latter is a different package.
libvlccore8 is based on VLC version 2 and libvlccore9 is based on VLC 3.
VLC is susceptible to DSA-4203 (CVE-2017-17670), so VLC 3 has been fixed
in 3.0.2. As VLC 2.x will not get fixed, stretch had no alternative
but to move from version 2 to 3.
Cheers,
David.
