On Fri, Jan 25, 2019 at 1:24 PM Paul Sutton <[email protected]> wrote:
> > On 25/01/2019 19:11, Kent West wrote: > > > > > > On Fri, Jan 25, 2019 at 1:10 PM Kent West <[email protected] > > <mailto:[email protected]>> wrote: > > > > > > $ apt update > > $ apt dist-upgrade > > > > > > Sorry, that should have been > > > > # sudo apt update > > # sudo apt dist-upgrade > > > > or, as root, > > > > # apt update > > # apt dist-upgrade > > > > -- > > Kent West <")))>< > > Westing Peacefully - http://kentwest.blogspot.com > > > So in this context what is the differences between upgrade and > dist-upgrade ? I just used apt upgrade and generally use apt > dist-upgrade to go between the main Debian releases, as in 8 -> 9. > > Given the apt bug does dist-upgrade do something else.? > > If the vulnerability to which you refer is the "lateral movement" bug, it's been around quite a while (2009?), but only recently discovered. It's also been fixed (to my understanding) as of apt 1.4.9, which you say you have. So the dist-upgrade does not do anything else "given the apt bug". The basic difference between upgrade and dist-upgrade is that upgrade doesn't remove existing or pull in not-installed stuff, whereas dist-upgrade might. The former is good when you need a box to undergo minimal change; the latter is good when you just want things to "work". The former is probably more suitable for servers, the latter for end-user computers. I usually do "dist-upgrade" out of habit (as I spend most of my time on end-user computers); but "upgrade" might be, at least theoretically, safer. -- Kent West <")))>< Westing Peacefully - http://kentwest.blogspot.com
