Mention the most important CVEs that gets fixed, and which upstream version is To know if a package fixes a specific CVE, go to the CVEĪlso have a look at the changelog if you have any doubt: that will most probably Click on that, and lookįor every linux-image-(.*)-amd64 package. Versions are not, however, the package name you need. "versions" block there are the currently available kernel versions. Kernel are currently available in debian? linux-signed-amd64 tracker Linux kernel in debian is a bit harder to grasp than other packages. Determine what kernel package you want to test There are two aspects to it: how it works for us and what the Team member (you!) gathers the data that will inform our decision. Once this new kernel is available in our APT snapshots a Foundations Relevant security fixes or changes the ABI is uploaded to Debian Version is generally available only in Debian experimental. A new major version of Linux is released.ProcessĪ Foundations Team member (generally the team lead, so far) creates 4.19.7) upgradesĪutomatically if the ABI is bumped. This includes the ABI version number, so even our develīranch does not get Linux point-release (e.g. The KERNEL_VERSION variable in config/variablesĭetermines what version of the kernel will be installed during theīuild. Tails bugfix releases, how this decision is made and implementedĭepends in great part on what kind of Tails release is upcoming (major Repositories and to the fact we don't publish release candidates for The Foundations Team has to make this decisionĭuring every Tails release cycle. The risks of hardware support regressions, and adding support for new Which exact Linux kernel version we ship in a given Tails release isĪ trade-off between packages availability, security fixes, limiting
#LATEST LINUX KERNEL VERSION UPGRADE#
If 5.19.6 was uploaded to unstableīut 5.18.9 never was, then our only option to include this securityįix is to upgrade to 5.19.6. Tails release includes Linux 5.18.8, an important security issue wasįixed in 5.18.9 and in 5.19.6. Sometimes, the only way to include security fixes is to The Linux kernel binary packages include an ABI version number, e.g.įor linux-image-4.18.0-2-amd64 the ABI is version 2. Occasionally from unstable when a critical security fix is not available in We generally ship the latest Linux kernel from Debian stable backports, and
This document assumes a good understanding of this somewhatĬomplex system. Of upgrading any Debian package in Tails, and in particular the Linux This greatly impact the timeline and processes Tails is built using a combination of snapshots of the Debian archiveĪnd overlay APT suites. … where the reader learns why this page is even needed and a few
0 kommentar(er)
