Bug#344060: /usr/bin/apt-get: Doesn't recognize need to update vulnerable kernel

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#344060: /usr/bin/apt-get: Doesn't recognize need to update vulnerable kernel
From: Tim Christian <MrTJC@TimChristian.com>
Date: Mon, 19 Dec 2005 12:25:39 -0600
Message-id: <[🔎] 20051219182539.7B0C04DD17@ns.timchristian.com>
Reply-to: Tim Christian <MrTJC@TimChristian.com>, 344060@bugs.debian.org

Package: apt
Version: 0.5.28.6
Severity: important
File: /usr/bin/apt-get


I was using (via `dpk -l`): kernel-image-2.4.27-1-38 2.4.27-6

I noticed the following security alert:
http://www.debian.org/security/2005/dsa-921

Therefore, I issued: apt-get update && apt-get upgrade
The update did not recognize that I needed to update the kernel.

As a work-around, I upgraded via:
apt-get install kernel-image-2.4.27-2-686_2.4.27-10sarge1_i386

After reboot, new kernel came up and works just fine.

I duplicated this problem on another system as well.  On that system,
the outmoded kernel image was: kernel-image-2.4.27-1-38 2.4.27-2

-- Package-specific info:

-- apt-config dump --

APT "";
APT::Architecture "i386";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
Dir "/";
Dir::State "var/lib/apt/";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::userstatus "status.user";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt/";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt/";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::vendorlist "vendors.list";
Dir::Etc::vendorparts "vendors.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::dpkg "/usr/bin/dpkg";
DPkg "";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";

-- (no /etc/apt/preferences present) --


-- /etc/apt/sources.list --

#deb file:///cdrom/ sarge main

deb http://mirrors.kernel.org/debian/ stable main
deb-src http://mirrors.kernel.org/debian/ stable main
#deb-src http://mirrors.kernel.org/debian/ testing main
#deb http://mirrors.kernel.org/debian/ testing main

deb http://security.debian.org/ stable/updates main
#deb http://security.debian.org/ testing/updates main

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.4.27-2-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)

Versions of packages apt depends on:
ii  libc6                       2.3.2.ds1-22 GNU C Library: Shared libraries an
ii  libgcc1                     1:3.4.3-13   GCC support library
ii  libstdc++5                  1:3.3.5-13   The GNU Standard C++ Library v3

-- no debconf information

Reply to:

Follow-Ups:
- Bug#344060: /usr/bin/apt-get: Doesn't recognize need to update vulnerable kernel
  - From: "Adam D. Barratt" <debian-bts@adam-barratt.org.uk>

Prev by Date: Bug#344056: apt: [INTL:sv] Swedish PO-template translation
Next by Date: Bug#344056: apt: [INTL:sv] Swedish PO-template translation
Previous by thread: Processed: Re: Bug#344056: apt: [INTL:sv] Swedish PO-template translation
Next by thread: Bug#344060: /usr/bin/apt-get: Doesn't recognize need to update vulnerable kernel
Index(es):
- Date
- Thread