Originally Posted by rps63ifid
I'm fairly new to the Debian side of the Linux world, and currently running "testing" on a couple of my boxes. I notice that the Debian site has several security advisories posted lately, but I'm not seeing the versions referred to as resolving the issues as being available for upgrade/installation in the repos. A good example would be DSA-1291 for samba, which indicates that the issues are resolved in 3.0.25-1, but I only see 3.0.24-6 as being available.
Should I be seeing the newer version available? How long should I normally expect it to take for stuff like this to make its way into the repos? Am I missing something simple?
If you have the line for security updates in your sources.list then if the programs have been uploaded there you should see newer version, I believe it should be something like this for the line(s).
## Testing security
deb http://security.debian.org testing/updates main contrib non-free
deb-src http://security.debian.org testing/updates main contrib non-free
If the package has no bugs filed against it then it takes 10 days for a version uploaded to unstable to move to the testing branch this assuming that all the packages that depend on it can also make the move to testing as well. An example of the excuses for samba is here
if you ever need to find out why a package is not entering testing that site is a good place to check.