[ARMedslack] Package auto? downgrade

Christophe Lyon christophe.lyon at gmail.com
Sun Aug 4 07:48:54 UTC 2013 

On Sun, Aug 4, 2013 at 8:44 AM, Davide <louigi600 at yahoo.it> wrote:
>>>> I have release 13.37 according to /etc/slackware-version.
>>>> I have recenly discovered that my mutt package has been downgraded,
>>>> and I don't understand how/why.
>
>>> mutt in 13.37 was last touched in 2010.
>>> However, armedslack-13.1 has
>>>  armedslack-13.1/slackware/n/mutt-1.4.2.3-arm-1
>>> Where is slackpkg configured to download from?
>>> I suspect that you're some how downloading from the wrong tree, or
>>> the mirror you're using has mixed up content.
>
>>The only uncommented line in mirrors is:
>>ftp://mirror.inode.at/slackwarearm/armedslack-13.1/
>>so indeed it looks inconsistent....
>>I certainly didn't intentionally change anything to my mutt install,
>>so what might have caused it to be downgraded?
>
> As far as I know slackpkg should not automatically do any sort of automatic
> package dependencies (unless you use a modified version that also rewuires
> using a repo with managed deps) or other automatic actions that are not
> specifically passed via command line (like upgrade or reinstall).
> Are yo sure you did not accidentally reinstall a package series and
> accidentally checked mutt for reinstall ?

No I am not sure :-)
I remember at some I tried to upgraded to 13.37, but changed my mind.
So maybe a few packages got upgraded, including mutt, and later reverted...

I don't use slackpkg often :-)
So I don't master it and I am a bit scared of loosing my data when
trying to upgrade cleanly....

> Is your system exposed to internet for long periods ?
yes.

> If I were you I'd check the package content to match perfectly (ie some hash
> check not just size) with what should be distributed with the package having
> an unjustified package version on your system could mean your system has
> been hacked. If your system has been hacked you might have other compromised
> bins so you should do your checks from a known good rescue system (ie your
> hash binary might have been hacked to report good hashes for the other bins
> that have been compromised).
>
That's a possibility indeed, but I am more inclined to thinking that I
did something wrong several months ago and have now forgotten :-(

Is there a way I can just install the new mutt without upgrading the
whole system?

Thanks,

Christophe.

More information about the ARMedslack mailing list