[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#438325: [etch] linux-image-2.6-* still depends on vulnerable kernel image linux-image-2.6.18-4-*

Package: linux-image-2.6-686
Version: 2.6.18+6
Severity: important
Justification: prevents automated security related kernel updates

(also affects linux-image-2.6-* for i386/amd64, can't tell for other archs)

Hi, I just received [DSA 1356-1] via the DSA mailing list and also got  
linux-source-2.6.18 (version 2.6.18.dfsg.1-13etch1) downloaded via cron-apt, 
but was wondering why cron-apt hadn't also downloaded a newer 

Checking the available packages, I noticed that linux-image-2.6.18-5-686 
(version 2.6.18.dfsg.1-13etch1) is available and immediatley upgraded to it. 
Unfortunately, all available meta-packages linux-image-2.6-* still depend on 
linux-image-2.6.18-4-* instead of linux-image-2.6.18-5-* and therefore 
prevent non-manual upgrades.

If this isn't intended for reasons unkown to me, I propose the 
linux-image-2.6-*-packages should also be updated.


Reply to: