this post was submitted on 02 May 2026
106 points (92.7% liked)

Selfhosted

59849 readers
598 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam.

  3. Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.

  4. Don't duplicate the full text of your blog or git here. Just post the link for folks to click.

  5. Submission headline should match the article title.

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
ayyy@sh.itjust.works
curbstickle@anarchist.nexus
curbstickle_lw@lemmy.world
106
Turns out I have been updating wrong all this time! 🤦🏼 (the.unknown-universe.co.uk)
submitted 1 month ago by otter@lemmy.ca to c/selfhosted@lemmy.world
29 comments fedilink hide all child comments
 

cross-posted from: https://lemmy.ml/post/46701277

I’ve been running my home lab since 2021 and honestly thought my update routine was solid: apt update && apt upgrade, reboot, job done.

Turns out I was wrong. I was checking CVE‑2026‑31431 (Copy Fail) this morning and realised that despite my “successful” updates, I was still running a vulnerable kernel from March.

I’ve had to rethink how I handle host updates. If you’re relying on a standard upgrade and a reboot to keep Proxmox or Debian hosts safe, you might want to check if yours is lying to you as well.

you are viewing a single comment's thread
view the rest of the comments
[–] GreenKnight23@lemmy.world 2 points 1 month ago (1 children)

native config. nothing special.

[–] Andres4NY@social.ridetrans.it 2 points 1 month ago

@GreenKnight23 I don't see that behavior. Rebooting into a new kernel and then running dist-upgrade, it always _always_ keeps one older kernel around. Bookworm and trixie.