unattended-upgrades (1.18) experimental; urgency=medium Unattended-upgrades now applies ephemeral pinning (apt_preferences(5)) to install packages only from allowed origins and also for whitelisting and blacklisting packages instead of adjusting package versions to be installed. The ephemeral pins are applied in addition to the pin-priorities set by the local apt_preferences(5) configuration and unattended-upgrades also still honors held packages set by apt-mark(8). In the presence of custom apt_preferences configuration it is advised to run "unattended-upgrades --dry-run --debug --verbose" printing the ephemeral pinning configuration to see if the new behaviour matches expectations. -- Balint Reczey Thu, 20 Feb 2020 18:47:23 +0100 unattended-upgrades (1.8) unstable; urgency=medium When InstallOnShutdown was configured unattended-upgrades in versions before 1.7 installed updates _after_ the shutdown transaction is started by systemd making maintainer scripts restarting services fail or wait in a deadlock until being killed by shutdown's timeout leaving a broken installation behind. Starting with version 1.7 configuring InstallOnShutdown makes unattended-upgrades start package installations _before_ the shutdown transaction is started, when PrepareForShutdown() signal is received via DBus. Unattended-upgrades 1.7 also increases logind's InhibitDelayMaxSec to 30 seconds. This allows more time for unattended-upgrades to shut down gracefully or even install a few packages in InstallOnShutdown mode, but is still a big step back from the 30 minutes allowed for InstallOnShutdown previously. Users enabling InstallOnShutdown mode are advised to increase InhibitDelayMaxSec even further, possibly to 30 minutes. -- Balint Reczey Fri, 09 Nov 2018 18:09:22 +0100 unattended-upgrades (0.99) unstable; urgency=medium Unattended-upgrades in previous versions defaulted to install security updates only on Debian by using the label=Debian-Security origin pattern. Now it is changed to allow updates with label=Debian, which allows applying stable updates in stable releases and following all package updates in testing and unstable. In stable releases this unlocks installation of security updates depending on package versions present only in stable updates. Note that testing and unstable can often contain packages for which installation or upgrade performed by unattended-upgrades fails and requires the administrator to fix the system later. If you would like to prevent unattended-upgrades from performing updates please run "sudo dpkg-reconfigure unattended-upgrades". -- Balint Reczey Tue, 12 Dec 2017 12:13:08 +0100 unattended-upgrades (0.95) unstable; urgency=medium Unattended-upgrades now defaults to installing upgrades in minimal steps to ensure leaving the system in a consistent state when the system starts shutting in the middle of an upgrade. With the previous default of performing all upgrades in one shot the installations could take more than 15 minutes which was the final timeout after which unattended-upgrade and dpkg were killed leaving half-installed packages behind on shutdown. -- Balint Reczey Tue, 01 Aug 2017 19:43:50 +0200 unattended-upgrades (0.50) unstable; urgency=low When running with the --debug switch, previous versions of unattended-upgrades would just print what they do, but not actually perform any dpkg actions like installing or upgrading. This behavior has *changed* in version 0.50 it will now install/upgrade. There is a new option called "--dry-run" to get this behavior back. -- Michael Vogt Fri, 03 Jul 2009 09:15:08 +0200