cross-posted from: https://lemmy.ml/post/46701277
I’ve been running my home lab since 2021 and honestly thought my update routine was solid: apt update && apt upgrade, reboot, job done.
Turns out I was wrong. I was checking CVE‑2026‑31431 (Copy Fail) this morning and realised that despite my “successful” updates, I was still running a vulnerable kernel from March.
I’ve had to rethink how I handle host updates. If you’re relying on a standard upgrade and a reboot to keep Proxmox or Debian hosts safe, you might want to check if yours is lying to you as well.
Debian. like the Debian.
currently running Trixie on my daily and bookworm on a couple servers which will be upgraded to Trixie soon.
@GreenKnight23 @oong3Eepa1ae1tahJozoosuu I’ve never seen that behavior in Debian. Is that some different type of configuration?
native config. nothing special.
@GreenKnight23 I don’t see that behavior. Rebooting into a new kernel and then running dist-upgrade, it always _always_ keeps one older kernel around. Bookworm and trixie.