I noticed that often, when I got a notification about new software, the versions of the packages to be updated are just new builds.
I will use the package digikam as an example: right now in my system the version 4.5.0-29.2 is installed, while the repository has a newer 4.5.0-30.8 available. If I got it correctly, this means that the package version is 4.5.0, while 30.8 is just the build version, is that right?
I’d like to set up my system so that I get noticed of new packages only when a new version of the said package is available, and not for every single build; every time I upgrade my system, in just a couple of days I’m presented with newer upgrades of the same packages. It is a bit annoying, especially because I do not have a very fast internet connection, and checking each time which packages have had an actual upgrade an not just a new build is time consuming and not very funny.
Is it possible to setup all the package managers (Yast, zypper, PackageKit) to not consider new builds as new versions?
Besides that, does my request makes any sense at all? Should I consider build upgrades as important as major packages upgrades? Are there security or stability concerns about that?
These new builds (in the Update repos) contain the security and recommended patches. During the lifetime of an openSUSE version (say 13.2) no versions of the software that belongs to 13.2 (and that are tested together during the test cycle of 13.2) will be replaced with new versions. Only the security and recommened patches are retrofitted to the version of the package that belongs to 13.2. This to have a stable 13.2 with none of the (positive or negative) surprises that you can experience when you get a new version where you only want the security bugs fixed.
The are execptions, the most noticable being Firedox.
> Is it possible to setup all the package managers (Yast, zypper,
> PackageKit) to not consider new builds as new versions?
No, it is not possible.
What you have to do, if your network is limited, not do “updates”, only
“patches”. These are smaller, because the packagers create smaller,
special rpms that only contain the modifications.
Ie, run “zypper patch” or yast online update module, not “zypper up” or
apper or equivalent.
Most security patches come that way. All the official ones. And it is
important to not only care for the version, but also for the release,
because it is SUSE policy to backport security changes from next
versions into the one originally published by the distribution. Which
can confuse a bit, if you see in places that certain security problem is
solved in version 9, and you see you have 8.9.5, so you think you are
vulnerable — no, you are not
Then, now and then, perhaps once a month, do a “zypper up” to update the
rest. Or be selective, and update only some repos or packages.
–
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)
