Originally posted by loadedmind
Hell all. I, like many others, have an antiquated machine running this distro and am using the older kernel for this very reason. If I have done the necessary "apt-get update" for the version of kernel I'm using, is there still a possibility that, because the newer kernels are the ones being patched and revised, I need to do something else to ensure it's as secure as possible? I try to keep my packages updated, such as samba, etc.
With Debian kernels the security fixes are backported to the older kernel version(s) and a new version of the kernel image package is released with the -number suffix bumped up by one so the packaging system will know there is a new kernel to install and tell you. From my firewall machine for instance.
DoopeyTux:/home/stephen# uname -r
DoopeyTux:/home/stephen# apt-cache policy kernel-image-2.4.18-586tsc
*** 2.4.18-5 0
500 ftp://ftp2.de.debian.org stable/main Packages
This shows me that I have a 2.4.18-586tsc kernel installed and it is the fifth ( -5) revision of this kernel that has been in the archives and there is no update available. Now none of this will matter if you still have the installation kernel running because the packaging system does not know about it and will never tell you to upgrade. When you say you have "done the necessary apt-get update"
do you mean you have installed a kernel from the archives and it is up to date? If so then the security problems have been taken care of.