Ok I think I finally know where we are misunderstanding each other: I am *NOT* using the URL to determine whether it is a security update!
I am talking about the fact that the user interface of aptitude has a category "Security updates" and "Upgradable packages". The package is displayed at "Upgradable packages" instead of "Security updates". The KDE "Muon" thing also does not show anything about security updates.
So the mechanism of apt which detects that it is a security update is broken. Whether it uses the URL for that or whatever else is not at my knowledge.
I only know that a package which is a security update is not marked as such in the user interface, and that is definite breakage.
Ok I think I finally know where we are misunderstanding each other: I am *NOT* using the URL to determine whether it is a security update!
I am talking about the fact that the user interface of aptitude has a category "Security updates" and "Upgradable packages". The package is displayed at "Upgradable packages" instead of "Security updates". The KDE "Muon" thing also does not show anything about security updates.
So the mechanism of apt which detects that it is a security update is broken. Whether it uses the URL for that or whatever else is not at my knowledge.
I only know that a package which is a security update is not marked as such in the user interface, and that is definite breakage.
Can you re-open this now? :)