Hello, Yesterday a security upgrade for eglibc was announced and my question is how do you find if this applies to your server or not and for which packages (it's just an example, could be something else then eglibc)?
Searching the list of installed packages for the exact name returns nothing. Searching by a simpler name like libc returns this: ii klibc-utils 2.0.1-3.1 ii libc-bin 2.13-38+deb7u6 ii libc-dev-bin 2.13-38+deb7u6 ii libc6:amd64 2.13-38+deb7u6 ii libc6-dev:amd64 2.13-38+deb7u6 ii libcap-ng0 0.6.6-2 ii libcap2:amd64 1:2.22-1.2 ii libclass-isa-perl 0.36-3 ii libcomerr2:amd64 1.42.5-1.1 ii libconfig-inifiles-perl 2.75-1 ii libcurl3:amd64 7.26.0-1+wheezy12 ii libcurl3-gnutls:amd64 7.26.0-1+wheezy12 ii libcwidget3 0.5.16-3.4 ii libklibc 2.0.1-3.1 ii liblocale-gettext-perl 1.05-7+b1 ii linux-libc-dev:amd64 3.2.65-1+deb7u1 So now I know that libc-bin, libc-dev-bin, libc6:amd6 and libc6-dev:amd64 need to be upgraded. But this list is missing locales and multiarch-support which seem to be affected by the same security upgrade and I found them by searching for the exact version number (2.13-38+deb7u6). Apticron is doing a great job in fixing this problem but when you have tens of servers with different packages installed, receiving tens of emails regarding a certain security upgrade is something I would avoid. Has anyone found a solution for this? Thanks! -- Tiberiu
