# GLSA and kernel security issues

## petterah

Hello fellow gentoo users. Im new to gentoo, and there are some things I don't quite understand. With GLSA, are the GLSA database updated and trusted? I usually run glsa-check -l affected and patch each line marked with [N] by using: emerge sys-apps/texinfo when the texinfo is affected or something like that. I'm not sure this is the best way to do it, but as far as i know, there are no glsa automatic way of upgrading the system when security issues arrive. I prefer to not track stable, with emerge -uD world, since this is my server.

The next question is about the kernel. I read this: http://www.secuobs.com/secumail/snsecumail/msg03662.shtml and did not find anything about kernel updates on glsa-check, or on one of the gentoo weekly news pages. I run 2.6.17-gentoo-r8 so this could be affected, right? Could someone please give me some advice on these issues. Thanks

-petter-

----------

## DocReedSolomon

 *petterah wrote:*   

> but as far as i know, there are no glsa automatic way of upgrading the system when security issues arrive.
> 
> 

 

run "glsa-check -h" and you will see (-f      --fix           : try to auto-apply this GLSA (experimental)

 *petterah wrote:*   

> 
> 
> The next question is about the kernel. I read this: http://www.secuobs.com/secumail/snsecumail/msg03662.shtml and did not find anything about kernel updates on glsa-check

 

not (yet) implemented in glsa-check. see:

https://forums.gentoo.org/viewtopic-t-507914-highlight-glsa+kernel.html

----------

## petterah

Ok, thank you for your information.

----------

