 
          The other day I was updating my Ubuntu system. I prefer the command line way of updating the system by using the combination of apt update and apt upgrade.
I encountered a strange update error in Ubuntu this time. It showed me that there are packages that can be upgraded but it could not upgrade those packages because of an error that read:
The following packages have been kept back:
Here’s the screenshot of the error I encountered:

On Ubuntu 24.04, the same message has been rephrased to:
The following upgrades have been deferred due to phasing
It is quite annoying because you'll see this quite often. The interesting thing is that this is not an error and your system is fine.
There are two ways to tackle the situation.
Method 1: You don't need to do anything. Just ignore it.
Method 2: You can take manual action if you really want to:
sudo apt install --only-upgrade package_namesLet me explain what's going on here and why packages are being kept back.
Simplest method for fixing "packages have been kept back" error: DO NOTHING
Yes! Do nothing.
It's not a bug; it's a feature. How? I'll explain it to you in a bit. Let's experiment a little.
If you ignore this so-called error and run the update again after a few hours or a reboot, you'll notice the same packages are not kept back anymore. They are likely to be replaced by other packages.
For example, I ran the apt update and apt upgrade a few hours later. As you can see in the screenshot below, some of the packages that have been kept back earlier are ready to be upgraded now.

I didn't do anything to change the situation and I advise you to do the same. Why? I explain it to you in the next section.
Root cause: Ubuntu's phased updates
For packages in Ubuntu's main repositories, it provides bug fixes in the form of security and maintenance updates.
Now, updates can bring regression. A bug fix can introduce more bugs.
To give the end user a more stable and reliable system, Ubuntu introduced phased updates in 2013.
Whenever a new package update is published, it is rolled out in phases. Only some users get that update initially. Ubuntu then waits for the crash reports generated by the Apport tool.


Ubuntu Apport tool collects crash reports (if you send them)
If it notices significant crash reports for the recently updated package, it will pause the update rollout on the package and work on fixing the issue.
If no significant crash reports are collected, more and more users get that package update, until the update is finally "fully phased" and everyone gets that package update.
When you see 'xyz package has been kept back' message, it means that update on xyz package is being phased and your system is not getting it in the present rollout.
If you wait for a few hours or run the system update the next day, you'll notice that xyz package is now upgradable and some other package has been kept back.
Ubuntu has a dedicated webpage to show the status of phase updates.
This old article from LWN explains the phased update concept in detail 👇

Why a sudden increase in this error?
The phase updates were introduced in 2013 but you probably never encountered this 'package kept back' issue until recently.
It's because phased updates were rolled out through the update-manager tool. If you use Ubuntu desktop, you must have seen this graphical tool.

The update manager is a GUI tool and it only shows a handful of the necessary information. It doesn't show the "packages kept back" message because the end user doesn't need to know about it.
The apt and apt-get commands were exempted from phase updates at the time because Ubuntu presumed that anyone running these commands manually had the intent to install the new version of a package. Thus all available package updates were pulled through the apt and apt-get commands. And this is also the reason behind the discrepancy between the number of updates available through GUI and CLI tools.
All this changed in Ubuntu 21.04 with a new version of APT. Phased updates started to roll out through apt and apt-get CLI tools as well.
And thus, you suddenly started seeing this error while updating Ubuntu through the command line.
Method 2: Manually updating packages that have been kept back
You can take matters into your hand and explicitly updates the packages in question:
sudo apt install --only-upgrade package_namesWith the --only-upgrade option, it will only upgrade it and won’t mark the package as manually installed, instead of automatic. This ensures that the dependencies that were installed automatically get removed automatically if you remove relevant packages.
This method also helps in cases where phased updates are not the culprit. If you see the same packages being kept back even after weeks and there is no information about it on the phase update status webpage, there is another issue at hand.
Other cases of packages being kept back
I originally wrote this troubleshooting article before the phased updates were "popular".
I had a genuine case where fwupd, which is the firmware update manager daemon in Ubuntu, was kept back.

Normally, when you run the sudo apt update and sudo apt upgrade commands, it updates all the installed packages to their available newer versions.
However, if the dependencies of an installed package have been changed such that it requires the removal of a package, the installed package won’t be upgraded with the system update and you’ll see the "package kept back" error.

In the example here, it requires the removal of fwupd-signed package.
This is a mechanism in Debian’s APT package manager that informs you that an installed package needs to remove dependency packages. When you manually and individually update these packages, the system understands that you are willing to remove the dependency package.
You may also use apt full-upgrade or apt-get dist-upgrade instead of apt install –only-upgrade package_name in this case but I would not recommend that.
In my case, fwupd package was kept back. So, here’s what I tried:
sudo apt install --only-upgrade fwupdDid you fix this error?
It's one of the many cases where Ubuntu should have handled things better. It creates unnecessary confusion and users think that there is something wrong with their system.
Did this solution help you eliminate the “packages have been kept back” error? If yes, I welcome your quick ‘thank you’ message in the comment section. If not, let me know and I’ll try to help you out further.
 

