[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Sarge Kernel Image Package Question

On 06/29/2006, Linas Žvirblis wrote:

> Why should it? Many people prefer to manually choose their kernels, as
> this is not something you can upgrade at any given time. It is not a
> problem either way - installing or removing a meta package is not that
> hard, is it?

Hi Linas,

You are correct that installing the meta package is not hard.

The issue is security; without the meta package, kernel updates are
/not/ automatic with apt-get/aptitude upgrades.  For desktop users and
non-developers like me who maintain our own systems, it's easy to miss
the fact that kernel security updates are skipped without the meta
package.  For this reason, I believe the current default installation
procedure and docs are flawed.

But it seems I'm alone on this as my post to this list got no response
last April, http://lists.debian.org/debian-user/2006/04/msg00547.html
pasted below.


-------- Original Message --------
Subject: Submit bug report to which package for security upgrade?
Date: Wed, 05 Apr 2006 11:05:59 -0400
From: Ralph Katz <ralph.katz@rcn.com>
To: debian-user@lists.debian.org
CC: Moritz Muehlenhoff <jmm@inutil.org>

The recent kernel 2.6 security upgrade for sarge revealed a packaging
problem and/or documentation issue I attempted to report on
debian-security (1).

Basically, on a new sarge install, kernel-image-2.6.8-2-686 was
installed by the installer.  kernel-image-2.6-686 was not installed, but
it was *required* for the security update.  Only by reading the Debian
Security Advisory and seeing nothing upgraded after an aptitude
update/upgrade did I discover the problem.

Moritz Muehlenhoff on debian-security says this is a documentation
problem (2).  I see it as a packaging problem as well.

Rather than posting this on debian-doc, I'd appreciate your perspectives
and suggestions inasmuch as debian-user is the designated list for such
advice (3).

Is it a bug?  Which package should get the bug report?

Thanks & regards,

(1) http://lists.debian.org/debian-security/2006/03/msg00192.html
(2) http://lists.debian.org/debian-security/2006/04/msg00014.html
(3) http://www.debian.org/Bugs/Reporting

Reply to: