Your message dated Mon, 07 Oct 2019 19:04:41 +0100 with message-id <1cb07c6c2b0bb9f70dc403cd7ea358bf06adc1a1.camel@decadent.org.uk> and subject line Re: Bug#941910: Patched kernel available in stretch-security, but meta package still points to older image has caused the Debian Bug report #941910, regarding Patched kernel available in stretch-security, but meta package still points to older image to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 941910: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941910 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: Patched kernel available in stretch-security, but meta package still points to older image
- From: Tobias Deiminger <haxtibal@posteo.de>
- Date: Mon, 07 Oct 2019 16:28:17 +0200
- Message-id: <[🔎] 25d2a5adf9c9235ff4c7f81ce7794782@posteo.de>
Package: src:linux-latest Version: 4.9+80+deb9u9 Dear maintainers,the binary linux-image-4.9.0-11-amd64 (4.9.189-3+deb9u1) provides some CVE fixes and was released to stretch-security on 20 Sep 2019. However, the associated meta package on stretch-security is still linux-image-amd64 (4.9+80+deb9u6) from 19 Aug 2018, which depends on a somewhat older linux package 4.9.0-8.Is this intentional?In our setup we pull upgrades from stretch-security only, and refer to linux kernel via the meta package. So we end up with a slightly outdated linux-image-4.9.0-8-amd64, even if a patched version was available in stretch-security.
--- End Message ---
--- Begin Message ---
- To: 941910-done@bugs.debian.org
- Subject: Re: Bug#941910: Patched kernel available in stretch-security, but meta package still points to older image
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Mon, 07 Oct 2019 19:04:41 +0100
- Message-id: <1cb07c6c2b0bb9f70dc403cd7ea358bf06adc1a1.camel@decadent.org.uk>
- In-reply-to: <[🔎] 25d2a5adf9c9235ff4c7f81ce7794782@posteo.de>
- References: <[🔎] 25d2a5adf9c9235ff4c7f81ce7794782@posteo.de>
On Mon, 2019-10-07 at 16:28 +0200, Tobias Deiminger wrote: [...] > In our setup we pull upgrades from stretch-security only, [...] This is not a supported configuration. You must enable updates from the stretch (oldstable) suite (point releases) as well as updates from the stretch-security suite. Ben. -- Ben Hutchings Nothing is ever a complete failure; it can always serve as a bad example.Attachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---