How to update Debian packages manually and automatically?

Debian patch management across the multitude of endpoints in your network is undoubtedly a necessary evil. With over 600 active Linux distros and Debian accounting for ~16% of the Linux market, it is crucial to understand how to update Debian packages to prevent vulnerabilities from exploiting the endpoints in your network.

This article talks in detail about the following:

What is a Debian update?

A Debian update refers to the process of updating software packages and system components on a Debian-based Linux distribution to their latest versions. Updating Debian ensures the system remains secure, stable, and up-to-date with the latest features and bug fixes.

Debian, also known as Debian GNU/Linux, is a free and open-source Linux distribution known for its robustness and extensive software repository. Since its initial release in 1993, it has become one of the most influential Linux distributions, forming the base for other popular distributions like Ubuntu and Kali Linux.

The Debian update packages include the following:

  1. Security Updates: Critical updates to address vulnerabilities and protect the system from potential threats.
  2. Distribution Updates: These involve upgrading to a new version of Debian, which includes the latest features and improvements.
  3. Kernel Updates: These updates ensure that the core of the operating system is up-to-date with the latest patches and improvements.
  4. Package Updates: Routine updates to installed software packages to fix bugs and add new features.
It is known to be the first distribution to include a package management system. Due to its pioneering work in Linux distributions, Debian has a large user base. Hence it is important to stay informed about the various Debian update packages.

When are Debian updates released?

Debian updates do not follow a fixed schedule. The latest Debian update - Debian 12 codenamed bookworm, was released on June 10, 2023. Debian's stable versions are updated roughly once bi-monthly.

How to install a Debian update manually?

To update Debian and install the latest Debian security updates, connect to your Debian system via SSH. Once you are in the terminal, enter the following commands:

  1. grep security /etc/apt/sources.list | tee /etc/apt/security.sources.list
  2. apt-get update
  3. apt-get upgrade -o Dir::Etc::SourceList=/etc/apt/security.sources.list
  4. Type Y and press Enter. Security updates will be installed and your system will be up to date.

To check and apply updates at a later stage do this:

  1. apt-get update
  2. apt-get upgrade -o Dir::Etc::SourceList=/etc/apt/security.sources.list

How to update Debian packages automatically using Patch Manager Plus?

With ManageEngine Patch Manager Plus, you can update Debian packages automatically as well as automate the deploying of security updates to endpoints completely. The entire process of Debian patch management - from scanning the machines for missing updates, downloading these updates, testing them in your work environment for anomalies, and deploying them to the respective client machines is fully automated. To handle Debian security updates:

  • Sync the patch database for information regarding the newly released Debian updates. You can either schedule the sync between the patch database and the Patch Manager Plus server or you can manually initiate the sync by navigating to Deployment --> Update Vulnerability DB.
  • Scan the client machines for the missing updates by navigating to Systems --> Scan systems.
  • Navigate to Missing patches and click on the update to be installed. Install these updates at a time of your convenience.

  • how to update debian?
  • You can also create an Automated Patch Deployment (APD) task specifically for Debian updates that will iteratively run every time a missing Debian update is detected in your client machines running Debian OS.
  • You can further test these updates on a pilot group of systems running Debian OS before deploying them in bulk. Navigate to Deployment --> Test and Approve --> Create test group. There are options to automatically approve the tested updates as well.
  • Further, there are also options to generate extensive reports on the entire patching process.

Thereby, with Patch Manager Plus, we can completely automate the process of deploying Debian updates to your endpoints.

FAQs

1) What is the latest version of Debian?

The latest version of Debian is Debian 11, codenamed bullseye. It's latest update 11.5 has been released on September 10, 2022.

2) How do I get the latest version of Debian?

To upgrade to the latest version of Debian, follow the steps given below:

  1. Ensure that the system has been backed up.
  2. Update the existing Debian packages by running the command: apt-get update && apt-get upgrade
    Once done, restart the system.
  3. Using a text editor, edit the following file:
    /etc/apt/sources.list -> Replace every instance of the old Debian OS (ex. buster or stretch) with bullseye.
  4. Note: If you're updating from Debian 10 to Debian 11, replace buster/updates with bullseye-security.

  5. Update the packages index by running the command: sudo apt update
  6. Once done, prepare the system for the upgrade by typing the command: sudo apt upgrade --without-new-pkgs
  7. Lastly, run the following command to update to Debian 11: sudo apt full-upgrade
  8. Reboot the system ensure that the system has been successfully updated.

3) Which command is used to update a Debian system to the latest software?

sudo apt-get update and sudo apt-get upgrade are the two commands to fetch the latest version of the package list from the distro's software/third-party repositories, and download/install the updates for each outdated package and dependency on the systems respectively.

4) How do I see patches in Linux?

To find the list of available patches/updates in Linux, run the following commands:

Linux flavors Commands
CentOS/RHEL/Oracle Linux
  1. sudo yum check-update
  2. sudo yum updateinfo
Debian/Ubuntu/Linux mint
  1. sudo apt update
  2. sudo apt list --upgradable
OpenSUSE/SUSE Enterprise
  1. sudo zypper refresh
  2. zypper list-updates

5) How do I enable patch management?

To enable Debian patch management through Patch Manager Plus, follow the steps given below:

  1. Ensure that the agents have been installed in the systems.
  2. Once the managed systems have been scanned successfully for the missing patches, navigate to Patches > Missing Patches.
  3. You can get a list of the missing patches along with the count of the systems that are missing the patches.
  4. Select the Debian patches/security updates that need to be deployed to the missing systems and click on Install/Publish Patches.
  5. Specify the deployment policy and add/filter the required targets.
  6. Once the settings have been specified, click on Deploy or Deploy Immediately based on your requirements.

6) How to update version of Debian?

To update Linux Debian to the latest version, follow the steps mentioned below:

  1. Create a backup of the system.
  2. Run the command apt-get update && apt-get upgrade to update the existing Debian packages. Once done, restart the system.
  3. Edit the following file, using a text editor:
    /etc/apt/sources.list -> Replace every instance of the old Debian OS (ex. buster or stretch) with the newer version.
  4. Execute the Debian update package index by running the command: sudo apt update
  5. Once done, prepare the system for the upgrade by typing the command: sudo apt upgrade --without-new-pkgs
  6. Finally, run the following command to update to the update Linux Debian: sudo apt full-upgrade

Reboot the system to ensure that the Debian update package has been successfully installed.

7) Can you upgrade from Debian 9 to 11?

Yes, you can upgrade from Debian 9 (stretch) to Debian 11 (bullseye). However, versions below Debian 9 cannot be upgraded to the latest version directly.