Debian unattended-upgrades does not upgrade all packages

I have installed the Debian unattended-upgrades package. It upgrades most, but not all packages. If I execute apt-get upgrade after it has run, a few more packages will be installed.

Here's my /etc/apt/sources.list:

deb http://ftp.de.debian.org/debian/ squeeze main non-free
deb-src http://ftp.de.debian.org/debian/ squeeze main non-free

deb http://security.debian.org/ squeeze/updates main non-free
deb-src http://security.debian.org/ squeeze/updates main non-free

# squeeze-updates, previously known as 'volatile'
deb http://ftp.de.debian.org/debian/ squeeze-updates main non-free
deb-src http://ftp.de.debian.org/debian/ squeeze-updates main non-free

# squeeze backports
deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free

# LTS
deb http://http.debian.net/debian/ squeeze-lts main contrib non-free
deb-src http://http.debian.net/debian/ squeeze-lts main contrib non-free

And here's my /etc/apt/apt.conf.d/50unattended-upgrades file. My guess is that the problem might be in the first few lines which are supposed to match my sources.list entries:

// Automatically upgrade packages from these (origin, archive) pairs
Unattended-Upgrade::Allowed-Origins {
    "${distro_id} stable";
    "${distro_id} ${distro_codename}-security";
    "${distro_id} ${distro_codename}/updates";
    "${distro_id} ${distro_codename}-updates";
    "${distro_id} ${distro_codename}-backports";
    "${distro_id} ${distro_codename}-lts";
};

// List of packages to not update
Unattended-Upgrade::Package-Blacklist {
//      "vim";
//      "libc6";
//      "libc6-dev";
//      "libc6-i686";
};

Here's an excerpt of the log file:

2014-11-19 22:37:15,159 INFO Initial blacklisted packages:
2014-11-19 22:37:15,160 INFO Starting unattended upgrades script
2014-11-19 22:37:15,160 INFO Allowed origins are: ["('Debian', 'stable')", "('Debian', 'squeeze-security')", "('Debian', 'squeeze/updates')", "('Debian', 'squeeze-updates')", "('Debian', 'squeeze-backports')", "('Debian', 'squeeze-lts')"]
2014-11-19 22:37:54,146 INFO Packages that are upgraded: apache2 apache2-mpm-worker apache2-utils apache2.2-bin apache2.2-common apt apt-utils bash bind9-host dnsutils file gnupg gpgv host libbind9-60 libc-bin libc6 libdns69 libgnutls26 libgssapi-krb5-2 libisc62 libisccc60 libisccfg62 libk5crypto3 libkrb5-3 libkrb5support0 liblwres60 libmagic1 libmysqlclient16 libpq5 libssl0.9.8 libtasn1-3 libxml2 linux-base linux-image-2.6.32-5-amd64 locales mysql-client mysql-client-5.1 mysql-common openssl postgresql postgresql-8.4 postgresql-client postgresql-client-8.4 procmail python2.6 python2.6-minimal rsyslog tzdata wget
2014-11-19 22:37:54,147 INFO Writing dpkg log to '/var/log/unattended-upgrades/unattended-upgrades-dpkg_2014-11-19_22:37:54.147207.log'
2014-11-19 22:39:33,921 INFO All upgrades installed

Finally, here are the packages that are not installed. This line is executed right after the unattended-upgrades package ran.

# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
  python-reportbug
The following packages will be upgraded:
  base-files dpkg exim4 exim4-base exim4-config exim4-daemon-light libdbi-perl libxfont1 openssh-client openssh-server ssh
11 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Need to get 0 B/6,839 kB of archives.
After this operation, 45.1 kB disk space will be freed.
Do you want to continue [Y/n]?

Please advise how to fix the config files so that also these packages get updated.


After reading the source code I figured it out. Debian Squeeze is now named "oldstable". Here is the relevant section for Debian Squeeze:

// Automatically upgrade packages from these (origin, archive) pairs
Unattended-Upgrade::Allowed-Origins {
    "${distro_id} oldstable";
    "${distro_id} ${distro_codename}-security";
    "${distro_id} ${distro_codename}-lts";
    "${distro_id} ${distro_codename}-updates";
    "${distro_id} ${distro_codename}-backports";
};

While I'm at it, here is the configuration file for Debian Wheezy:

// Automatically upgrade packages from these origin patterns
Unattended-Upgrade::Origins-Pattern {
    // Archive or Suite based matching:
    // Note that this will silently match a different release after
    // migration to the specified archive (e.g. testing becomes the
    // new stable).
    "o=Debian,a=stable";
    "o=Debian,a=stable-updates";
    "o=Debian,a=stable-backports";
//  "origin=Debian,archive=stable,label=Debian-Security";
//  "origin=Debian,archive=oldstable,label=Debian-Security";
};