On Sun, 9 Mar 2008 13:08:00 -0400 Mitchell Laks <[EMAIL PROTECTED]> wrote:
> Hi, > > I am running a minimal install debian machine as a firewall and I > would like to keep it secure and up to date. > > I included > > deb http://ftp.us.debian.org/debian/ etch main non-free > deb http://security.debian.org etch/update main contrib > > as the entries in /etc/apt/sources.list > > and I run apt-get update and apt-get upgrade > > > Now I notice that there was a Recent advisory about the linux kernel > > http://www.debian.org/security/2008/dsa-1494 > > The vmsplice system call did not properly verify address arguments > passed by user space processes, which allowed local attackers to > overwrite arbitrary kernel memory, gaining root privileges > (CVE-2008-0010, CVE-2008-0600). > > and the page references a fix at > > http://security.debian.org/pool/updates/main/l/linux-2.6/linux-image-2.6.18-6-486_2.6.18.dfsg.1-18etch1_i386.deb > > but why is my machine not running this new kernel????? > > > I ran the update, and upgrade with apt???? > > I still see that my kernel version is > > linux-image-2.6.18-3-486 and not linux-image-2.6.18-6-48. > > what did I do wrong? how to make sure all updates are done?????? > > thanks, > > Mitchell Try "apt-get update && apt-get dist-upgrade". There have been a few version increment updates since 2.6.18-3, with some packages needing new dependencies, etc, which the normal "apt-get upgrade" would hold back, as well as the fact that kernel 2.6.18-6 would be seen as a new package (it can live happily side-by-side with your current kernel, seeing it's viewed by apt-get as a new package). dist-upgrade will pull in any new dependencies and packages that you need. Graham -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]