Bug#1133221: gnome-software: automatic security updates can be held for up to 2 weeks

debian_user_32 at mailbox.org debian_user_32 at mailbox.org
Sat Apr 11 08:22:55 BST 2026 

Package: gnome-software
Version: 48.3-2

Dear Maintainer,

   * What led up to the situation? Normal trixie installation with GNOME desktop environment
   * What exactly did you do (or not do) that was effective (or
     ineffective)? No action necessary, automatic updates are enabled by default in Software.
   * What was the outcome of this action? User might not be notified to install security updates via the offline updates mechanism until up to 2 weeks after these updates are published in the repos.
   * What outcome did you expect instead? User should be notified immediately in case of security updates.

Some code digging revealed a possible explanation for this issue:
   * packagekit apt backend provides PK_INFO_ENUM_SECURITY as update severity when a package comes from the "-security" repo.
   * gnome-software packagekit plugin only takes into account the PK_INFO_ENUM_CRITICAL severity for marking an update as having critical urgency.
   * the updates logic in gnome-software follows the diagram at https://gitlab.gnome.org/Teams/Design/software-mockups/-/raw/master/old/updates-logic.png

-- System Information:
Debian Release: 13.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.12.74+deb13+1-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages gnome-software depends on:
ii  dconf-gsettings-backend [gsettings-backend]        0.40.0-5
ii  gnome-software-common                              48.3-2
ii  gnome-software-plugin-deb [gnome-software-plugin]  48.3-2
ii  gsettings-desktop-schemas                          48.0-1
ii  libadwaita-1-0                                     1.7.6-1~deb13u1
ii  libappstream5                                      1.0.5-1
ii  libc6                                              2.41-12+deb13u2
ii  libgdk-pixbuf-2.0-0                                2.42.12+dfsg-4
ii  libglib2.0-0t64                                    2.84.4-3~deb13u2
ii  libgtk-4-1                                         4.18.6+ds-2
ii  libgudev-1.0-0                                     238-6
ii  libjson-glib-1.0-0                                 1.10.6+ds-2
ii  libmalcontent-0-0                                  0.13.0-2+deb13u1
ii  libpackagekit-glib2-18                             1.3.1-1
ii  libpango-1.0-0                                     1.56.3-1
ii  libpolkit-gobject-1-0                              126-2
ii  libsoup-3.0-0                                      3.6.5-3
ii  libxmlb2                                           0.3.22-1

Versions of packages gnome-software recommends:
ii  gnome-software-plugin-deb    48.3-2
ii  gnome-software-plugin-fwupd  48.3-2

Versions of packages gnome-software suggests:
pn  gnome-software-plugin-flatpak  <none>
pn  gnome-software-plugin-snap     <none>

-- no debconf information

More information about the pkg-gnome-maintainers mailing list