Re: Debian DSA-5095-1 : linux - security update
On Thu, Mar 17, 2022 at 07:32:27PM +0530, Sona Das wrote:
> But whenever I tried to upgrade my linux-header it still remains on linux-headers-5.10.0-10 version, it doesn’t gets upgraded to the latest one.
>
> As per the below url the security vulnerability for Debian 11 is resolved in version 5.10.103-1, but my "apt-get upgrade” doesn’t upgrade the linux-headers to the latest fixed version
First, you need to run "apt-get update" to refresh your cached copy
of the available package lists.
Second, you need to run "apt-get --with-new-pkgs upgrade" (or simply
"apt-get dist-upgrade" if you prefer that) in order to download new
packages that are dependencies of existing packages.
If you only use "apt-get upgrade", you will never bring in any new
kernels or kernel headers, because each ABI bump creates a whole new
package with a whole new name. Similarly, any security update that
has new library dependencies will be blocked. The packages that are
built from the BIND source tend to fall into that group quite often.
Another alternative, if you don't like the two I've already given, would
be to use "apt upgrade". This uses the --with-new-pkgs option by default.
However, it also has some REALLY negative behaviors (deletes package files
from /var/cache/apt/archives/ afterward, and uses yellow text that is
extremely hard to read on a white background, and cannot be changed), so
you might not want this one.
Reply to: