Re: [SECURITY] [DSA 1017-1] New Linux kernel 2.6.8 packages fix several vulnerabilities
Ralph Katz wrote:
>> It's mandatory to subscribe to debian-security-announce if you install
>> security updates. While most upgrades can run unattended there will always
>> be corner cases, that require special attention of the local admin installing
>> the update. A kernel update with an ABI bump is such a corner case.
>>
>
> Mandatory?! Then isn't it a bug in the debian installation process to
> not mention this?
It might work automatically for >95% of all cases, but might cause breakage
for the remainders, so it's very much recommended.
> How can we advise users (like me) to add security.debian.org to
> /etc/apt/sources.list and not mention the mandatory
> debian-security-announce subscription?
>
> I'm sure many debian users and sys admins will miss this upgrade by not
> knowing such subscription is required.
Please ask the documentors to add this information, where it's missing.
Cheers,
Moritz
Reply to: