Re: Sparc 2.4 Sarge kernel metapackages have not been updated by DSA 1018-1

1 msg	Checking PGP signature for DSA from M Muehlenhoff
6 msg	OpenSSL vs. GnuTLS in Exim
5 msg	Fabien Trauchessec est absent(e).
1 msg	Jochen Calvelage ist außer Haus.
1 msg	Urgent Message
3 msg	Rbl
3 msg	problem downloading secrity updates.
1 msg	http://www.alewalnet.com/
1 msg	FYI: Reiserfs 3.5 problem
3 msg	recent kernel vulnerabilities - debian specific?
1 msg	Michael Widmaier ist außer Haus.
2 msg	Re: [SECURITY] [DSA 1020-1] New flex packages f...
2 msg	alsa-modules-2.4.27-3-k7 etc. coming?
1 msg	subscribe
12 msg	Problems after sendmail security upgrade
1 msg	Marry5ç½‘ç«™å¼€é€šéªŒè¯

Sparc 2.4 Sarge kernel metapackages have not be...
\ Kevin B. McCarty (24 Mar 2006)
. \ dann frazier (24 Mar 2006)
. \ Moritz Muehlenhoff (5 Apr 2006)

2 msg	Re: [SECURITY] [DSA 1018-1] No security update ...
5 msg	AW: [SECURITY] [DSA 1018-1] New Linux kernel 2....
4 msg	Re: [SECURITY] [DSA 1017-1] New Linux kernel 2....

Subject:	Re: Sparc 2.4 Sarge kernel metapackages have not been updated by DSA 1018-1
Group:	Debian-security
From:	dann frazier
Date:	24 Mar 2006

On Fri, Mar 24, 2006 at 10:00:11AM -0500, Kevin B. McCarty wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> For those running a Sparc with 2.4 kernel, it doesn't look like the
> metapackages "kernel-image-2.4-sparc{32,64}{,-smp}" have been updated
> correctly for Sarge -- they still depend upon the old 2.4.27-2 packages.
> As I've just found out, you'll need to update manually to one of the
> real kernel-image-2.4.27-3-sparc{32,64}{,-smp} packages even if you have
> the metapackage installed. It's safe but at the moment useless to leave
> the metapackage installed, and to keep it installed you have to not
> uninstall the old (insecure) 2.4.27-2 kernel.

Kevin,
Thanks for reporting this; I'll submit a fix to the security team shortly.

--
To UNSUBSCRIBE, email to debian-security-REQUEST
with a subject of "unsubscribe". Trouble? Contact listmaster