Re: What patches/packages to install for specific bugs.
On 28/11/2017 21:40, P P wrote:
for example https://www.debian.org/security/2016/dsa-3503 for DSA 3503. But the link doesn't tell which patch to install to fix the bug of DSA 3503.
if you look in the CVE link you find if there is a patch and where is
it, ... for example if you open the first CVE:
https://security-tracker.debian.org/tracker/CVE-2013-4312
you can see that it is fixed in:
* stretch in the version 4.9.51-1
* stretch (security) in the version 4.9.30-2+deb9u5
* ...
So we can use apt-get to install them.
no, you can apply the patch with three command:
$ apt-get update
$ apt-get -u upgrade
$ apt-get -u dist-upgrade
if you have a proper /etc/apt/sources.list file
I suggest you to use the deb.debian.org with https protocol
Read here for more details:
https://deb.debian.org/
I suggest you to have at least these two line in the sources.list
Note: replace the "testing" with your Debian distro
deb https://deb.debian.org/debian testing main contrib non-free
deb https://deb.debian.org/debian-security testing/updates main contrib
non-free
Ciao
Davide
--
Dizionari: http://linguistico.sourceforge.net/wiki
What happened in 2013 couldn't have happened without free software
(He credited free software for his ability to help disclose the U.S.
government's far-reaching surveillance projects).
Edward Snowden
Reply to: