Search This Blog

Monday, October 8, 2018

Debian 9.3 Stretch Unattended-upgrades not detecting Linux kernel security update by default

All my Debian 9.3 "Stretch" instance is showing a kernel update as being available: linux-image-amd64/stable 4.9+8 amd64 But Default Unattended-upgrades config fails to install kernel security update. My configure of '/etc/apt/apt.conf.d/50unattended-upgrades' 
Unattended-Upgrade::Origins-Pattern {
        "origin=Debian,codename=${distro_codename},label=Debian-Security";
        "origin=nginx,label=nginx";
        "site=packages.sury.org";
};
I have to add one extra line: 
        "origin=Debian,codename=${distro_codename},label=Debian";
Then the Kernel upgrade got pickup. 
Unattended-Upgrade::Origins-Pattern {
        "origin=Debian,codename=${distro_codename},label=Debian";
        "origin=Debian,codename=${distro_codename},label=Debian-Security";
        "origin=nginx,label=nginx";
        "site=packages.sury.org";
};
Reference of the fix for this bug:
https://unix.stackexchange.com/questions/414991/unattended-upgrades-not-detecting-linux-kernel-security-update-by-default
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=886415

Thanks for Sharing and Happy Thanks Giving!
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)