Karsten M. Self wrote: > Your kernel, in general, isn't upgraded unless you specifically request > it, though stock kernels updated for security reasons may be > updated (or recommended). I'm still a little foggy on this, corrections > welcomed. The installer bootstraps the system with a bootstrapping kernel which is not installed with the package manager. You need a system running before you can run applications like the package manager. And you need the package manager before you can install packages. A chicken or the egg problem. So the initial kernel is not known by the package manager. This means that the initial kernel will never be offered to users as an upgrade even if security updates exist for it such as the 2.4.18 kernel. APT does not know it is there. The fact that the initial installer leaves the system without a kernel installed by the package manager is a disservice. It would be better if the initial installer installed the same kernel again overwriting the bootstrapping kernel using the package manager so that it is now known and updates would be offered and it could then also be removed in the future. I recommend installing the bootstrapping kernel (apt-get install kernel-image-2.4.18-bf2.4, for woody) even though I plan to install a tuned kernel such as 2.4.23-k7-smp. Then I can later remove 2.4.18 and it will go away cleanly. If there is a security update it will be offered if that kernel is still installed. Additionally sometimes updates cannot preserve binary compatibility and therefore would break add-on modules if any existed. Therefore names will be changed to prevent an automatic update from being offered. See DSA-358 for one example. Bob P.S. Thanks Andreas Janssen for mentoring me about this topic here in debian-user previously.
Description: PGP signature