Re: [SECURITY] [DSA 1017-1] New Linux kernel 2.6.8 packages fix several vulnerabilities

1 msg	Checking PGP signature for DSA from M Muehlenhoff
6 msg	OpenSSL vs. GnuTLS in Exim
5 msg	Fabien Trauchessec est absent(e).
1 msg	Jochen Calvelage ist außer Haus.
1 msg	Urgent Message
3 msg	Rbl
3 msg	problem downloading secrity updates.
1 msg	http://www.alewalnet.com/
1 msg	FYI: Reiserfs 3.5 problem
3 msg	recent kernel vulnerabilities - debian specific?
1 msg	Michael Widmaier ist außer Haus.
2 msg	Re: [SECURITY] [DSA 1020-1] New flex packages f...
2 msg	alsa-modules-2.4.27-3-k7 etc. coming?
1 msg	subscribe
12 msg	Problems after sendmail security upgrade
1 msg	Marry5ç½‘ç«™å¼€é€šéªŒè¯
3 msg	Sparc 2.4 Sarge kernel metapackages have not be...
2 msg	Re: [SECURITY] [DSA 1018-1] No security update ...
5 msg	AW: [SECURITY] [DSA 1018-1] New Linux kernel 2....

Re: [SECURITY] [DSA 1017-1] New Linux kernel 2....
\ Ralph Katz (24 Mar 2006)
. \ Moritz Muehlenhoff (25 Mar 2006)
. . \ Ralph Katz (25 Mar 2006)
. . \ Moritz Muehlenhoff (5 Apr 2006)

Subject:	Re: [SECURITY] [DSA 1017-1] New Linux kernel 2.6.8 packages fix several vulnerabilities
Group:	Debian-security
From:	Ralph Katz
Date:	25 Mar 2006

Moritz Muehlenhoff wrote:

> It's mandatory to subscribe to debian-security-announce if you install
> security updates. While most upgrades can run unattended there will always
> be corner cases, that require special attention of the local admin installing
> the update. A kernel update with an ABI bump is such a corner case.
>

Mandatory?! Then isn't it a bug in the debian installation process to
not mention this?

How can we advise users (like me) to add security.debian.org to
/etc/apt/sources.list and not mention the mandatory
debian-security-announce subscription?

I'm sure many debian users and sys admins will miss this upgrade by not
knowing such subscription is required.

Respectfully,
Ralph

--
To UNSUBSCRIBE, email to debian-security-REQUEST
with a subject of "unsubscribe". Trouble? Contact listmaster