I run update-manager frequently and I'm trying to understand the interaction with livepatch. For example for the last week or so update manager flagged a kernel security patch
Installed version: 4.15.0.42.44 Available version: 4.15.0.43.45
Which marks 12 packages for update. A day after these appeared livepatch went from unpatched to
patchState: applied version: "46.3" with 17 CVE's listed. I presume this handled the security issues that are in the security patches that update-manager keeps listing.
What I still don't understand is the interaction with update-manger. Do I just have to keep filtering out kernel patches manually, and does livepatch do anything about patches that normally require a reboot but are not in the kernel?
Bookmarks