Re: Do I need to upgrade my kernel (kernel-image-2.4-k6)?

Robert S wrote:

I am running debian with kernel 2.4.27. I see that the kernel-source
package is listed in the security vulnerabilities (DSA-1097). I do a
weekly "apt-get update && apt-get upgrade" but have not been prompted to
upgrade my
kernel. I am using kernel-image-2.4-k6.

Do I need to upgrade my kernel image and if so, what is the correct way of
doing this?

Do you use stable or testing?

If you take a look at http://www.debian.org/security/2006/dsa-1097 you can
see that you need at least 2.4.27-10sarge3 for IA-32 architecture. When you
run

apt-cache policy kernel-image-2.4.27-2-k6

you should get something like this (not exactly, because I have here
testing):

kernel-image-2.4.27-2-k6:
Installed: (none)
Candidate: 2.4.27-12
Version table:
2.4.27-12 0
300 http://debian.lcs.mit.edu unstable/main Packages
700 http://debian.lcs.mit.edu testing/main Packages
2.4.27-10sarge1 0
500 http://security.debian.org sarge/updates/main Packages

Which means that if you have stable and security updates configured
properly, then you should have 2.4.27-10sarge1 . Chmmm, so there is
apparently some problem with that system.

Nevertheless, security report itself mentions source of the patched kernel
as (on one line):

http://security.debian.org/pool/updates/main/k/kernel-image-2.4.27-i386\
/kernel-image-2.4.27-3-k6_2.4.27-10sarge3_i386.deb

If you download this package (with wget or curl -O prepended to URL) you can
install it (as a root) with

dpkg -i kernel-image-2.4.27-3-k6_2.4.27-10sarge3_i386.deb

I am Cc:-ing this to the security team and hopefully we'll get some reaction
from them about apparently broken apt-get lists.

Best,

Matěj

--
GPG Finger: 89EF 4BC6 288A BF43 1BAB 25C3 E09F EF25 D964 84AC
http://www.ceplovi.cz/matej/blog/, Jabber: ceplma@xxxxxxxxx
23 Marion St. #3, (617) 876-1259, ICQ 132822213

That distinction is reflected in the apocryphal remark made by a
French diplomat to his British counterpart: "This is all very
well in practice, but will it work in theory?".



--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

Relevant Pages

  • Re: 2.6 kernel upgrade gives garbled video (w/o X11)
    ... the Etch packages because of a dependency loop involving libc6. ... not passing any special kernel parameters on boot to the 2.4 kernel ... I was getting this error when trying to upgrade the ... update and then try installing the 2.6 kernel package again? ...
    (Debian-User)
  • Re: [opensuse] Architecture switch 32->64 bit (i386 to x86-64)
    ... A "simple" upgrade with Yast from 10.3 installmedia leads to lots of dependency problems when resolving the packages. ... I wanted to get my kernel to 64-bits. ... One rpm line shows 55 rpm packages I had to install at same ...
    (SuSE)
  • [Full-Disclosure] Re: Full-Disclosure digest, Vol 1 #883 - 11 msgs
    ... > Multiple vulnerabilities were discovered and fixed in the Linux kernel. ... > MandrakeSoft encourages all users to upgrade to these new kernels. ... > All packages are signed by MandrakeSoft for security. ...
    (Full-Disclosure)
  • [CLA-2005:945] Conectiva Security Announcement - kernel
    ... SUMMARY: Kernel fixes ... Race condition in the Radeon DRI driver for Linux kernel 2.6.8.1 ... UPDATED PACKAGES ... - after that, execute: apt-get upgrade ...
    (Bugtraq)
  • Re: change description on kernel-image packages?
    ... depends on the latest binary image for Linux kernel 2.6 on 32bit AMD ... will cause your kernel to be upgraded when you upgrade your system, ... the kernel is special and kernel-image packages ... later when he was no longer a true newbie. ...
    (Debian-User)