LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
Reload this Page [SOLVED] Wheezy: same package bash upgraded in the same dist-upgrade command; why?
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices


Reply
  Search this Thread
Old 10-30-2016, 04:34 AM   #1
floppy_stuttgart
Senior Member
 
Registered: Nov 2010
Location: EU mainland
Distribution: Debian like
Posts: 1,153
Blog Entries: 5

Rep: Reputation: 107Reputation: 107
Wheezy: same package bash upgraded in the same dist-upgrade command; why?

Hello,
I made apt-get update && apt-get dist-upgrade and could see following messages:

....
Die folgenden Pakete werden aktualisiert (Upgrade):
bash ghostscript ghostscript-cups libcairo-gobject2 libcairo2 libgs9
libgs9-common libnspr4 libnss3 libx11-6 libx11-data libx11-xcb1 libxi6
libxtst6 tzdata tzdata-java
16 aktualisiert, 0 neu installiert, 0 zu entfernen und 0 nicht aktualisiert.
Es müssen 10,0 MB an Archiven heruntergeladen werden.
Nach dieser Operation werden 179 kB Plattenplatz zusätzlich benutzt.
Möchten Sie fortfahren [J/n]? J
Holen: 1 http://security.debian.org/ wheezy/updates/main bash amd64 4.2+dfsg-0.1+deb7u4 [1.499 kB]
Holen: 2 http://security.debian.org/ wheezy/updates/main bash amd64 4.2+dfsg-0.1+deb7u4 [1.499 kB]
Holen: 3 http://security.debian.org/ wheezy/updates/main libx11-data all 2:1.5.0-1+deb7u3 [189 kB]
Holen: 4 http://security.debian.org/ wheezy/updates/main libx11-6 amd64 2:1.5.0-1+deb7u3 [902 kB]
...

why is bash uploaded 2 times? do we have a security issue there?
 
Old 10-30-2016, 10:36 AM   #2
jens
Senior Member
 
Registered: May 2004
Location: Belgium
Distribution: Debian, Slackware, Fedora
Posts: 1,463

Rep: Reputation: 299Reputation: 299Reputation: 299
CVE-2016-7543: https://security-tracker.debian.org/.../CVE-2016-7543

Since your using amd64, 4.2+dfsg-0.1+deb7u4 is the supported/available version for via both "oldstable/Wheezy" as the main (essential) version (same for i386, armel and armhf) ...and "old-sec/Wheezy-Security" (thanks to the LTS team).
old-sec is used as a separate distribution as it doesn't support everything, including all the less-used(and EOL) architectures.
Those are still stuck with 4.2+dfsg-0.1+deb7u3

https://tracker.debian.org/news/809239
https://tracker.debian.org/pkg/bash
https://packages.debian.org/wheezy/bash
Last edited by jens; 10-30-2016 at 11:06 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Upgraded Wheezy with 'upgrade' not 'dist-upgrade'. How to resolve? Higgsboson Debian 8 02-07-2016 02:34 AM
[SOLVED] Upgrade from Wheezy to Jessie fails after apt-get dist-upgrade Angoid Debian 17 01-07-2016 02:25 AM
Squeeze dist-upgrade Wheezy broke internet access rbees Linux - Networking 0 04-17-2014 04:45 PM
Is base-config package removed from your system with aptitude dist-upgrade? Akhran Debian 6 03-18-2006 07:52 PM
Will 'aptitude upgrade or dist-upgrade' downgrade manually installed deb package? Akhran Debian 3 03-14-2006 02:40 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 11:06 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration