Debian – Need to upgrade only rsyslog on Debian system

debianrsyslogupgrade

Just received a notice from apticron:

apticron has detected that some packages need upgrading on:
The following packages are currently pending an upgrade:
rsyslog 5.8.11-3+deb7u1
    ...
Package Details:

Reading changelogs...
--- Changes for rsyslog ---
rsyslog (5.8.11-3+deb7u1) wheezy-security; urgency=high

  * debian/patches/05-pri-vulnerability-fix.patch:
    - CVE-2014-3634: Fix remote syslog vulnerability due to improper handling
      of invalid PRI values.
...
You can perform the upgrade by issuing the command:
apt-get dist-upgrade

Is there any way how to upgrade just rsyslog? I am leaving this server on Saturday and don't want to upgrade all the software that can lead to some problems. Can I upgrade just rsyslog?

If not, how important is to upgrade rsyslog? I don't have other users on the server and ssh access is allowed only from my IP.

Thanks.

Best Answer

apt-get install rsyslog does update it. Yes the command syntax might be a bit misleading.

I guess your rsyslog vulnerability only counts if your rsyslogd is configured to receive log lines from other servers and act thus act as a centralized logging server.

While updating, please make sure you also update bash due the Shellshock.

Related Solutions

Ubuntu – Clarifying Debian Dist-Upgrade Process

The command apt-get upgrade will not add or remove packages. apt-get dist-upgrade will add or remove packages as required.

The command apt-get dist-upgrade will not automatically upgrade you from one release to another unless you have also updated your sources (/etc/apt/sources.list) to point at a newer release.

man apt-get

upgrade
    upgrade is used to install the newest versions of all packages 
    currently installed on the system from the sources enumerated 
    in /etc/apt/sources.list.

dist-upgrade
    dist-upgrade, in addition to performing the function of upgrade, 
    also intelligently handles changing dependencies with new versions 
    of packages;

Are there special concerns to be aware of when doing a dist-upgrade vs upgrade?

For the most part I always apt-get dist-upgrade to apply updates to a system. Of course pay attention to exactly what new packages are being added or removed. Frequently this happens when something is being added like a newer kernel that isn't compatible with the previous and you will have to recompile modules. If you have some kernel module you had to build on your own, then you may need to make sure you recompile it for the new kernel. I have a couple systems with network interfaces not supported by the stock kernel that I have to recompile the network driver after each kernel update.

How to restart rsyslog daemon on ubuntu

sudo service rsyslog restart

That should do it.

Best Answer

Related Solutions

Ubuntu – Clarifying Debian Dist-Upgrade Process

How to restart rsyslog daemon on ubuntu

Related Topic