Page MenuHomeMiraheze

Update to Debian Buster 10.5
Closed, ResolvedPublic

Description

Came out Saturday, includes some security fixes.

This update will likely require a reboot:

  • puppet2
  • bacula2
  • cloud1
  • cloud2
  • cloud3
  • cp3
  • cp6
  • cp7
  • cp9
  • db11
  • db12
  • db13
  • db7
  • gluster1
  • gluster2
  • jobrunner1
  • jobrunner2
  • ldap1
  • misc1 (NA - Jessie)
  • mon1
  • mw4
  • mw5
  • mw6
  • mw7
  • ns1
  • ns2
  • phab1
  • rdb1
  • rdb2
  • services1
  • services2
  • test2

Leaving private until someone can review the exact CVEs in the release email in the comments to determine security risk.

Related Objects

Event Timeline

Currently, the Debian 10 servers should be 10.4 if they haven't been updated. See https://lists.debian.org/debian-announce/2020/msg00005.html

Per https://linuxize.com/post/how-to-check-your-debian-version/, "lsb-release -a" should tell you via salt ssh the version on all servers

Packages with pending changes that require a restart are listed in:

root@system:/root# cat /var/run/reboot-required.pkgs
libssl1.0.0 according to https://megamorf.gitlab.io/2019/06/10/check-if-reboot-is-required-after-installing-linux-updates.html

Southparkfan raised the priority of this task from High to Needs Triage.
Southparkfan added a subscriber: Southparkfan.

The only relevant CVE here is the SecureBoot one, which doesn't matter at Miraheze (due to our configuration). Making the task public now. I don't see other fixes important for us either, don't see the need for quickly upgrading (which requires reboots of cloud servers as well).

Assigning to @Paladox for reprioritising.

Southparkfan changed the visibility from "Custom Policy" to "Public (No Login Required)".Aug 7 2020, 00:26
Southparkfan changed the edit policy from "Custom Policy" to "All Users".
Paladox triaged this task as High priority.Aug 8 2020, 19:15
Paladox lowered the priority of this task from High to Normal.Aug 8 2020, 19:18
Paladox updated the task description. (Show Details)

Closing as resolved and moving to T6564. db servers and cloud can be done directly to 10.7