On Fri, Mar 21, 2003 at 07:19:35PM -0000, David Ramsden wrote: > ----- Original Message ----- > From: "Jeremy Choy" <[EMAIL PROTECTED]> > To: "debian security lists" <debian-security@lists.debian.org> > Sent: Friday, March 21, 2003 6:42 PM > Subject: determining which patches to apply... > > > > first off, is there a way to check what's installed/running for packages > > besides ps aux ( so I can check if the vulnerability will affect my > > machines ) > > I'd also like to know this one. > Something related to apt-cache possibly? I've yet to properly look through > the man page for apt-cache.
How about: dpkg -l libc6 > > > > and how do I know which 'fix' I should apply? I'm generally good, when > it's > > something like apache, php, mysql as I know I have it installed. But for > > things like vulnerabilities in glibc. (or other library's) how do you tell > > if you have it or not? > > > [snip] > > This is the beauty of apt-get - It'll take care of everything for you. > Here is what I suggest... > Make sure you have the following in /etc/apt/source.list: > deb http://security.debian.org/ stable/updates main The original poster indicated that they were running potato. They should put the following line in /etc/apt/sources.list: deb http://security.debian.org/debian-security oldstable/updates main contrib non-free Note that security updates for potato are scheduled to end (June?). > Now all you need to do is: > apt-get update > apt-get upgrade > > This will go off to all the sources in /etc/apt/sources.list and get the > latest package descriptions versions etc. so your machine knows what's the > latest version of packages (this is what apt-get update does). > Secondly, it'll compare what you currently have installed (application, core > files etc.) to what the latest versions are. If there are newer versions > availble from Debian, it'll go off and download these. > > The important apt source is the security one - This is were Debian release > security fixes for packages. > > What I do for all my machines is have a shell script, placed in > /etc/cron.daily that contains the following: > #!/bin/sh > apt-get update > apt-get --simulate --assume-yes upgrade > apt-get autoclean > > Every day, this will simulate an upgrade of your packages with the latest. > You can see what will be installed, what will be upgraded, if it'll work > etc. etc. > > HTH. Regards, > David. > -- > David Ramsden > http://portal.hexstream.eu.org/ > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
