Page MenuHomeMiraheze
Create Task
Maniphest T6012

Update to Debian Buster 10.5
Open, NormalPublic
Actions

Description

Came out Saturday, includes some security fixes.

This update will likely require a reboot:

  • puppet2
  • bacula2
  • cloud1
  • cloud2
  • cloud3
  • cp3
  • cp6
  • cp7
  • cp9
  • db11
  • db12
  • db13
  • db7
  • gluster1
  • gluster2
  • jobrunner1
  • jobrunner2
  • ldap1
  • misc1 (NA - Jessie)
  • mon1
  • mw4
  • mw5
  • mw6
  • mw7
  • ns1
  • ns2
  • phab1
  • rdb1
  • rdb2
  • services1
  • services2
  • test2

Leaving private until someone can review the exact CVEs in the release email in the comments to determine security risk.

Event Timeline

RhinosF1 created this task.Aug 3 2020, 14:44
Herald added a subscriber: Reception123. · View Herald TranscriptAug 3 2020, 14:44
RhinosF1 updated the task description. (Show Details)EditedAug 3 2020, 14:45

Currently, the Debian 10 servers should be 10.4 if they haven't been updated. See https://lists.debian.org/debian-announce/2020/msg00005.html

Per https://linuxize.com/post/how-to-check-your-debian-version/, "lsb-release -a" should tell you via salt ssh the version on all servers

Packages with pending changes that require a restart are listed in:

root@system:/root# cat /var/run/reboot-required.pkgs
libssl1.0.0 according to https://megamorf.gitlab.io/2019/06/10/check-if-reboot-is-required-after-installing-linux-updates.html

Paladox added a subscriber: Paladox.Aug 3 2020, 20:13

I've done puppet2.

RhinosF1 updated the task description. (Show Details)Aug 3 2020, 21:34
RhinosF1 updated the task description. (Show Details)Aug 3 2020, 21:40
Southparkfan assigned this task to Paladox.Aug 7 2020, 00:25
Southparkfan raised the priority of this task from High to Needs Triage.
Southparkfan added a subscriber: Southparkfan.

The only relevant CVE here is the SecureBoot one, which doesn't matter at Miraheze (due to our configuration). Making the task public now. I don't see other fixes important for us either, don't see the need for quickly upgrading (which requires reboots of cloud servers as well).

Assigning to @Paladox for reprioritising.

Southparkfan changed the visibility from "Custom Policy" to "Public (No Login Required)".Aug 7 2020, 00:26
Southparkfan changed the edit policy from "Custom Policy" to "All Users".
RhinosF1 added a comment.Aug 7 2020, 06:34

@Southparkfan: @Paladox is on holiday

Paladox triaged this task as High priority.Aug 8 2020, 19:15
Paladox lowered the priority of this task from High to Normal.Aug 8 2020, 19:18
Paladox updated the task description. (Show Details)Aug 9 2020, 23:41
Paladox updated the task description. (Show Details)
Paladox updated the task description. (Show Details)Aug 9 2020, 23:52
Paladox updated the task description. (Show Details)Tue, Sep 8, 23:06