Are kernel updates security updates?
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Are kernel updates security updates?
In Update Manager the Changelog for security updates list the security problems it will fix. However the Changelog for The Linux kernel update contains no information. How can I view actual changelog for Linux kernel update to discover if it contains security fixes? Thank you.
Re: Are kernel updates security updates?
Hello, Cap.
Kernel updates can be security updates. They can be purely technical updates. The same kernel update can do both: close security holes and fix purely technical errors.
You may use Synaptic Package Manager from the Linux Mint Application Menu, locate the kernel which you are interested in and check its changelog.
Note:
The most detailled changelog for the most recent kernel update can be viewed by reading the changelog for the software package linux-libc-dev.
Best regards,
Karl
Kernel updates can be security updates. They can be purely technical updates. The same kernel update can do both: close security holes and fix purely technical errors.
You may use Synaptic Package Manager from the Linux Mint Application Menu, locate the kernel which you are interested in and check its changelog.
Note:
The most detailled changelog for the most recent kernel update can be viewed by reading the changelog for the software package linux-libc-dev.
Best regards,
Karl
Linux Mint 19.3 64-bit Cinnamon, Total Commander 9.51 64-bit
-
DAMIEN1307
- Level 11
- Posts: 3708
- Joined: Tue Feb 21, 2017 8:13 pm
- Location: Alamogordo, New Mexico, USA
Re: Are kernel updates security updates?
ALL kernel updates within the same series, example, (4.15.0-96 updated to 4.15.0-99), are security as well as bug fixes to the existing kernel series...DAMIEN
EDIT...OOOPS, karlchen beat me to it...lol.
EDIT...OOOPS, karlchen beat me to it...lol.
ORDO AB CHAO
"I refuse to be assimilated, I refuse to become one with the Borg Collective"
"I refuse to be assimilated, I refuse to become one with the Borg Collective"
Re: Are kernel updates security updates?
The Changelogs in Synaptic Package Manager are same as Update Manager. I find it confusing the changelog for the kernel is listed under a different update, the kernel headers for development. However thank you for explaining.
Re: Are kernel updates security updates?
Hello, Cap.
The same has confused me more than once, before I got used to it.
By the way, kernel updates, which close security holes, should appear on this Ubuntu webpage, Ubuntu logo for print security notices, as well.
Best regards,
Karl
The same has confused me more than once, before I got used to it.
By the way, kernel updates, which close security holes, should appear on this Ubuntu webpage, Ubuntu logo for print security notices, as well.
Best regards,
Karl
Linux Mint 19.3 64-bit Cinnamon, Total Commander 9.51 64-bit
Re: Are kernel updates security updates?
Hello, Cap.
Coming back to your the initial statement
Reason for asking: even on my good old LM 18.1, Update Manager will display the relevant detailled changelog, when the selected package (group) is "Linux-Kernel 4.4.0-178.208", not "Linux-Meta". (The precise version string will vary between systems, of course)
(Click on screenshot to enlarge. Press <Alt><Cursor Left> to return here.)
Will also check on an LM 19.3 system, where the kernel update is still pending, and report back.
But to me this suggests that, before you have installed the kernel update, you can read the detailled changelog inside LM Update Manager. You cannot, you are right. It does not work on LM 19.x, because UM looks for the kernel changelog in several wrong places.
This is where LM 19.3 UM looks for kernel changelogs: And the result is failure. No changelogs found. Though Synaptic will display them without problems.
(Click on screenshot to enlarge. Press <Alt><Cursor Left> to return here.)
Should search a bit. I bet there will be reports about this bug, maybe even a bug report.
Best regards,
Karl
Coming back to your the initial statement
Inside the Mint Update Manager, are you sure you clicked on the right package (group) and then on changelog?
Reason for asking: even on my good old LM 18.1, Update Manager will display the relevant detailled changelog, when the selected package (group) is "Linux-Kernel 4.4.0-178.208", not "Linux-Meta". (The precise version string will vary between systems, of course)
(Click on screenshot to enlarge. Press <Alt><Cursor Left> to return here.)
Will also check on an LM 19.3 system, where the kernel update is still pending, and report back.
But to me this suggests that, before you have installed the kernel update, you can read the detailled changelog inside LM Update Manager. You cannot, you are right. It does not work on LM 19.x, because UM looks for the kernel changelog in several wrong places.
This is where LM 19.3 UM looks for kernel changelogs:
Code: Select all
karl@unimatrix0:~$ Trying to fetch the changelog from: http://changelogs.ubuntu.com/changelogs/pool/main/l/linux-meta/linux-meta_4.15.0-99.100/changelog
Trying to fetch the changelog from: http://changelogs.ubuntu.com/changelogs/pool/multiverse/l/linux-meta/linux-meta_4.15.0-99.100/changelog
Trying to fetch the changelog from: http://changelogs.ubuntu.com/changelogs/pool/universe/l/linux-meta/linux-meta_4.15.0-99.100/changelog
Trying to fetch the changelog from: http://changelogs.ubuntu.com/changelogs/pool/restricted/l/linux-meta/linux-meta_4.15.0-99.100/changelog(Click on screenshot to enlarge. Press <Alt><Cursor Left> to return here.)
Should search a bit. I bet there will be reports about this bug, maybe even a bug report.
Best regards,
Karl
Linux Mint 19.3 64-bit Cinnamon, Total Commander 9.51 64-bit
Re: Are kernel updates security updates?
Perhaps because it is German language? In English language it displays the same text in Update Manager and Synaptic Package Manager. However the text is not changelog information. It displays, and more of the similar. That is not a list of CVE patches and changes.
Code: Select all
linux-meta-hwe (5.3.0.51.104) bionic; urgency=medium
* Bump ABI 5.3.0-51
-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Wed, 22 Apr 2020 19:57:16 -0300
linux-meta-hwe (5.3.0.47.103) bionic; urgency=medium
* Bump ABI 5.3.0-47
-- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Mon, 06 Apr 2020 17:06:20 +0200
linux-meta-hwe (5.3.0.46.102) bionic; urgency=medium
* Bump ABI 5.3.0-46Re: Are kernel updates security updates?
Hi, Cap.
No, my local language is not a relevant factor in this case. It is only the kernel changelogs on Mint 19.3, which are not retrieved by update manager. Other changelogs are retrieved and displayed.
I think that this issue was introduced at the same time as LM 19 got released. But I will have to search a bit in order to verify and confirm or discard what I remember.
And as illustrated above Update Manager LM 19.3, Update Manager LM 18.1 still retrieves and displays the kernel changelogs. Though my local language is German on LM 18.1 as well.
As a matter of fact, I will read changelogs in Synaptic most of the time anyway. For a simple reason: Synaptic will display changelogs for all software packages, before installing/updating them and after installing/updating them. Update Manager can display changelogs only before installing the updates, not afterwards.
Karl
No, my local language is not a relevant factor in this case. It is only the kernel changelogs on Mint 19.3, which are not retrieved by update manager. Other changelogs are retrieved and displayed.
I think that this issue was introduced at the same time as LM 19 got released. But I will have to search a bit in order to verify and confirm or discard what I remember.
And as illustrated above Update Manager LM 19.3, Update Manager LM 18.1 still retrieves and displays the kernel changelogs. Though my local language is German on LM 18.1 as well.
As a matter of fact, I will read changelogs in Synaptic most of the time anyway. For a simple reason: Synaptic will display changelogs for all software packages, before installing/updating them and after installing/updating them. Update Manager can display changelogs only before installing the updates, not afterwards.
Karl
Linux Mint 19.3 64-bit Cinnamon, Total Commander 9.51 64-bit
Re: Are kernel updates security updates?
Linux Mint 19.x Update Manager simply looks in several wrong places for the kernel changelogs!
Here is the correct location of the changelog for kernel 4.15.0-99.100 (most recent 4.15.0 LTS kernel):
This, however, is where Update Manager looks for it and fails (1st failure):
(Note: twice it reads linux_meta, where it should be only linux)
Then it goes on in more places, still looking for linux_meta, instead of linux only:
Trying to fetch the changelog from:
Trying to fetch the changelog from:
Trying to fetch the changelog from:
Trying to fetch the changelog from:
--
P.S.:
Somehow the thread, where I found the correct address to kernel 4.15.0-xx changelog, reminds a bit of our thread here. viewtopic.php?f=90&t=307779
Here is the correct location of the changelog for kernel 4.15.0-99.100 (most recent 4.15.0 LTS kernel):
http://changelogs.ubuntu.com/changelogs/pool/main/l/linux/linux_4.15.0-99.100/changelogThis, however, is where Update Manager looks for it and fails (1st failure):
http://changelogs.ubuntu.com/changelogs/pool/main/l/linux-meta/linux-meta_4.15.0-99.100/changelog(Note: twice it reads linux_meta, where it should be only linux)
Then it goes on in more places, still looking for linux_meta, instead of linux only:
Trying to fetch the changelog from:
http://changelogs.ubuntu.com/changelogs/pool/main/l/linux-meta/linux-meta_4.15.0-99.100/changelogTrying to fetch the changelog from:
http://changelogs.ubuntu.com/changelogs/pool/multiverse/l/linux-meta/linux-meta_4.15.0-99.100/changelogTrying to fetch the changelog from:
http://changelogs.ubuntu.com/changelogs/pool/universe/l/linux-meta/linux-meta_4.15.0-99.100/changelogTrying to fetch the changelog from:
http://changelogs.ubuntu.com/changelogs/pool/restricted/l/linux-meta/linux-meta_4.15.0-99.100/changelog--
P.S.:
Somehow the thread, where I found the correct address to kernel 4.15.0-xx changelog, reminds a bit of our thread here.
viewtopic.php?f=90&t=307779Linux Mint 19.3 64-bit Cinnamon, Total Commander 9.51 64-bit
Re: Are kernel updates security updates?
Yes. When I click on the Changelog for Linux kernel it does not fail. It loads this text,
Code: Select all
linux-meta-hwe (5.3.0.51.104) bionic; urgency=medium
* Bump ABI 5.3.0-51
-- Thadeu Lima de Souza Cascardo <cascardo@canonical.com> Wed, 22 Apr 2020 19:57:16 -0300
linux-meta-hwe (5.3.0.47.103) bionic; urgency=medium
* Bump ABI 5.3.0-47
-- Kleber Sacilotto de Souza <kleber.souza@canonical.com> Mon, 06 Apr 2020 17:06:20 +0200
linux-meta-hwe (5.3.0.46.102) bionic; urgency=medium
* Bump ABI 5.3.0-46