On Tue 13 Jul 2021 at 12:09:13 (+0200), Michael Lange wrote: > On Tue, 13 Jul 2021 09:27:35 +0000 mabi wrote: > > (...) > > So I can simply skip upgrading to 3.16.0-10 and upgrading directly to > > 3.16.0-11 by downloading the .deb package as you suggest?
"Skipping" isn't a useful concept with respect to kernel versions. Always run the newest you can. For example, there are 40 CVEs fixed between versions 10(81) and 11(84), and it brings you up to June 2020, buying you and extra six months of security. Some Debian releases can run two completely different kernel versions, like buster with 4.19 and 5.10. IIRC jessie could run 4.9 kernels from backports. > > Then is it simply a matter of running "dpkg -i > > linux-image-3.16.0-11-amd64_3.16.84-1_amd64.deb" and that's it? You might try: apt-get install /path-to/linux-image-3.16.0-11-amd64_3.16.84-1_amd64.deb so that APT remains aware of what's installed, and will inform you of any dependencies. (You must include the path, not just a filename.) On Tue 13 Jul 2021 at 04:29:59 (+0000), mabi wrote: > On Tuesday, July 13th, 2021 at 3:29 AM, David Wright wrote: > > BTW it might be worth posting why you're still running jessie. > > People may be able to advise on how you might deal with what > > you see as reasons not to change. > > I think this is irrelevant to the fact that a package is missing from the > Debian security APT repository and I don't want to clutter this mailing list > with any discussions about why I can't upgrade yet. I was unaware that the metadata is not up-to-date on the web, but no package is "missing", it's just been upgraded. As for "cluttering" this list, the question of upgrading your distribution is likely of far more security value than upgrading just the kernel. But bear in mind that this is where "skipping" /is/ relevant. Whenever you decide to upgrade, make sure to go one step at a time, through stretch to buster, using the Release Notes as a guide. Cheers, David.
