I'm fairly new to Ubuntu, and I was getting the "packages held back" message on an apt-get upgrade. I came across several answers that mentioned using dist-upgrade instead, but some of them warned that this could be dangerous, or at least perform more of an upgrade than you might want.
I read the man page and found the "–with-new-pkgs" flag for apt-get upgrade, and in my case it did the trick: it installed some new packages, with a prompt informing me what packages would be installed and asking me if I wanted to continue.
It seems to me like this is may be a safer option than doing dist-upgrade — am I correct? Using dist-upgrade could remove packages, whereas when I ran upgrade –with-new-pkgs, it simply informed of a package that could be removed and told me to run 'apt-get autoremove' to remove it.