Applying security updates promptly after they are released is critically important for us Linux admins, as this practice helps protect against vulnerabilities that malicious actors could exploit. Failing to update could expose your Linux systems to cyberattacks, data breaches, and other severe security risks.
In this article, I'll guide you through checking installed versions of packages and performing security updates on popular Linux distributions, including Ubuntu, Fedora, Debian, Arch Linux, and openSUSE, thus reducing potential risks that could threaten the security and availability of your systems and your critical data. This is precisely the type of resource I was seeking as a junior sysadmin, and I hope these instructions will help make your Linux administration journey simpler and safer. Let’s get started!
Updates vs. Upgrades: Understanding the Difference
While seemingly similar, updating and upgrading a Linux distribution refer to different operations within the context of system maintenance.
Updating a Linux distribution typically involves fetching and installing the latest versions of the installed software packages from the repositories. When you run an update command (such as apt-get update or apt update), the package manager syncs the local list of available packages with the remote repositories. After running apt-get upgrade or apt upgrade, the system retrieves and installs the updated versions of the packages without changing any major versions of the operating system itself.
In contrast, upgrading a Linux distribution usually means moving to a newer version of the distribution itself. This involves more significant changes and can include new features, new kernel versions, and more up-to-date software stacks. In Debian-based systems, this is often performed using commands like apt-get dist-upgrade or do-release-upgrade, which handle complexities beyond simple package updates like handling dependencies and potential system configuration changes.
How Can I Upgrade Ubuntu & Update Packages?
Check the Installed Version of a Package:
You can use the dpkg command to check the installed version:
dpkg -s <package_name> | grep VersionReplace <package_name> with the package name you want to check.
To update individual packages:
First, update the package list:
sudo apt updateUpgrade an individual package (replace package_name with the actual package name):
sudo apt install --only-upgrade package_nameTo upgrade your current version of Ubuntu:
Update all packages and prepare the system:
sudo apt update && sudo apt upgrade -y && sudo apt dist-upgradeClean up unnecessary packages:
sudo apt autoremove && sudo apt cleanUse the do-release-upgrade command:
sudo do-release-upgradeUbuntu Release Schedule
Ubuntu has a two-year release cycle, and LTS, or 'Long Term Support, ' releases are published in April. The latest version of Ubuntu is Ubuntu 24.04.1 LTS (Noble Numbat).
How Can I Upgrade Fedora & Update Packages?
Check the Installed Version of a Package:
You can use the rpm command to check the installed version:
rpm -q <package_name>Replace <package_name> with the package name you want to check.
To update individual packages:
Update an individual package (replace package_name with the actual package name):
sudo dnf update package_nameTo Upgrade your current version of Fedora:
Install the dnf-plugin-system-upgrade:
sudo dnf install dnf-plugin-system-upgradeDownload the upgraded packages (replace XX with the Fedora version number you want to upgrade to):
sudo dnf system-upgrade download --releasever=XXReboot and apply the upgrade:
sudo dnf system-upgrade rebootFedora Release Schedule
Fedora creates two major OS releases every year, aiming for the fourth Tuesday in April and October. The latest version of Fedora is Fedora 40.
How Can I Upgrade Debian & Update Packages?
Check the Installed Version of a Package:
Similar to Ubuntu, you can use the dpkg command:
dpkg -s <package_name> | grep VersionReplace <package_name> with the package name you want to check.
To update individual packages:
Update the package list:
sudo apt updateUpgrade an individual package (replace package_name with the actual package name):
sudo apt install --only-upgrade package_nameTo upgrade your current version of Debian:
Update the package list and upgrade current packages:
sudo apt update && sudo apt upgrade -y && sudo apt full-upgradeChange the sources.list file to point to the new Debian release:
Open the /etc/apt/sources.list file and replace instances of the old release (e.g., buster) with the new release name (e.g., bullseye).
Update the package list and perform the upgrade:
sudo apt updatesudo apt upgradesudo apt full-upgradeReboot the system:
sudo rebootDebian Release Schedule:
Debian releases do not follow a fixed schedule. The Debian Project has released recent versions roughly every two years. The latest release is Debian 12.7 “Bookworm.”
How Can I Upgrade Arch Linux & Update Packages?
Check the Installed Version of a Package:
You can use the pacman command to check the installed version:
pacman -Qi <package_name> | grep VersionReplace <package_name> with the package name you want to check.
To update individual packages:
Install or update an individual package (replace package_name with the actual package name):
sudo pacman -S package_nameArch Linux is a rolling release and does not require a full system upgrade for new versions. All packages, including the system itself, are updated with a single command:
sudo pacman -SyuArchLinux Release Schedule
Arch Linux does not have a formal release schedule or a predetermined support timeline. Instead, the distro uses a "rolling release" system where new packages are released throughout the day. Its package management allows users to easily keep systems updated. The latest version of Arch Linux is 2024.09.01.
How Can I Upgrade openSUSE & Update Packages?
Check the Installed Version of a Package:
You can use the rpm command to check the installed version:
rpm -q <package_name>Replace <package_name> with the package name you want to check.
To update individual packages:
Update an individual package (replace package_name with the actual package name):
sudo zypper update package_nameTo upgrade your current version of openSUSE:
Refresh repositories and upgrade all packages:
sudo zypper refreshsudo zypper updateUpgrade the distribution:
sudo zypper dist-upgradeopenSUSE Release Schedule
openSUSE Leap Micro is released twice a year and receives maintenance updates approximately every 12 months. The latest version of openSUSE Leap is 15.6.
These steps will help you upgrade each of the listed Linux distributions to their latest versions. Always ensure you have backups of your important data before performing an upgrade.
Our Final Thoughts on the Importance of Timely Linux Security Updates
Maintaining up-to-date Linux distributions
with security patches and software upgrades is not only a best practice but a necessary measure to protect against potential threats to your systems. We’ve provided detailed instructions on how to check and update existing packages on popular distributions such as Ubuntu, Fedora, Debian Arch Linux, and openSUSE. Follow these steps to ensure your system remains robust and less susceptible to attacks. Regular updates on systems and a disciplinary approach towards cybersecurity will go a long way toward protecting data and maintaining operational integrity. Remember: when undertaking significant upgrades, always back up important files first to avoid unexpected complications during the upgrade process!
