Re: Kernel updates & security patches
"Jeff" == Jeff Penn <jeff@jrpenn.demon.co.uk> writes:
Jeff> I'm running a dialup workstation using Sarge with 2.4.18
Jeff> compiled from a source package. I'd like to understand the
Jeff> Debian approach for keeping the kernel up to date
Jeff> (preferably using a minimum of bandwidth).
I've only been using Debian for about 18 months now, but my impression
is that Debian's approach to keeping the kernel up to date is "don't
unless you have a really good reason to do so." For example, upgrading
from potato to woody did not require a kernel upgrade (and, so,
possibly no downtime on your server :-)
Jeff> Do package Debian kernel patches?, or are they only
Jeff> available for the gerneric Linux kernel?. Are there any
Jeff> limitations to applying patches (2.4 -> 2.6) or can only
Jeff> minor versions be patched (2.4.18 -> 2.4.19)?.
Debian does release various patches in packages form. Try running
"COLUMNS=200 dpkg -l 'kernel-patch*'" to see what I mean. But a change
of the sort you are talking about is done by downloading the entire
new kernel package AFAIK.
Jeff> Does the Debian security mailing list announce kernel
Jeff> related security alerts, or should this be monitored through
Jeff> services such as bugtrac?.
I presume if there was security alert relating to a kernel problem it
would show up as security fix *if you are running stable*. Since you
are running Sarge, in some sense you've pretty much volunteered to
monitor and help Debian to get the security alerts fixed before
Sarge's release.
Cheers!
Shyamal
Reply to: