Re: vulnerability in 8.6

[Ozgur <okaratas@member.fsf.org>]

Hello,

I think, I'm doing to wrong. My Debian system sources.list file as follow and I don't seen linux image "3.16.36-1+deb8u2" 

Thanks for all help,

Regards,

~ Ozgur

$ sudo cat /etc/apt/sources.list

deb http://security.debian.org/ jessie/updates main contrib

deb-src http://security.debian.org/ jessie/updates main contrib

deb http://ftp.debian.org/debian/ jessie-updates main contrib

deb-src http://ftp.debian.org/debian/ jessie-updates main contrib

deb http://ftp.debian.org/debian/ jessie main contrib

deb-src http://ftp.debian.org/debian/ jessie main contrib

$ sudo apt-cache search linux-image

linux-headers-3.16.0-4-amd64 - Header files for Linux 3.16.0-4-amd64

linux-image-3.16.0-4-amd64 - Linux 3.16 for 64-bit PCs

linux-image-3.16.0-4-amd64-dbg - Debugging symbols for Linux 3.16.0-4-amd64

linux-image-amd64 - Linux for 64-bit PCs (meta-package)

linux-image-amd64-dbg - Debugging symbols for Linux amd64 configuration (meta-package)

2016-11-07 19:52 GMT+03:00 Nicholas Luedtke <nicholas.luedtke@hpe.com>:

On 11/07/2016 09:45 AM, Ozgur wrote:

$ uname -ar

Linux x 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u1 (2016-09-03) x86_64 GNU/Linux

The update/upgrade didn't grab the latest security update for the kernel. The version with the fix for CVE-2016-5195 (Dirty Cow) is 3.16.36-1+deb8u2

-- 
Nicholas Luedtke
HPE Linux Security, Hewlett-Packard Enterprise