Re: Kernel upgrades = security upgrades
*- On 28 Sep, Fraser Campbell wrote about "Kernel upgrades = security upgrades"
> I am curious as to how the kernel upgrades in Debian are done. Recently I
> set up a new slink system. The kernel installed was 2.0.34 (older boot
> disk). I added "deb http://security.debian.org/ stable updates" to
> /etc/apt/sources.list.
>
> An "apt-get update; apt-get upgrade" grabbed several packages 4 or 5
> packages from the various sites and upgraded them. The kernel was not
> upgraded.
>
> My question is, should kernel upgrades not be part of the normal updates?
> I know that there were there security problems fixed between 2.0.34 and
> 2.0.36. In light of this shouldn't "apt-get update; apt-get upgrade"
> replace the kernel? I realize that "apt-get install kernel-image-2.0.36"
^^^^^^
Notice that the version is part of the package name. Thus a
kernel-image-2.0.34 and kernel-image-2.0.36 are two totally different
packages as far as Debian is concerned, except that they both provide
the virtual package kernel-image and that fact is not determined until
it is being installed.
> does the trick but to my way of thinking it should be an automatic upgrade
> just like all other security issues ...
>
So, since they are essentially different packages they will not upgrade
each other.
> Also, I believe additional security problems were fixed between 2.0.36 and
> 2.0.38 but no kernels newer than 2.0.36 (at least in the 2.0 tree) are
> available in slink.
>
Good point.
> Please don't take this as critism, it is a question. I just don't
> understand why the kernel upgrades aren't automated like all other software
> updates.
>
HTH,
--
Brian
---------------------------------------------------------------------
Mechanical Engineering servis@purdue.edu
Purdue University http://www.ecn.purdue.edu/~servis
---------------------------------------------------------------------
Reply to: