Re: Kernel Security Updates for Sarge
- To: Steve Langasek <vorlon@debian.org>
- Cc: Thiemo Seufer <ths@networkno.de>, Martin Schulze <joey@infodrom.org>, Andres Salomon <dilinger@debian.org>, Norbert Tretkowski <nobse@debian.org>, Thibaut VARENE <varenet@debian.org>, dann frazier <dannf@debian.org>, Bastian Blank <waldi@debian.org>, Rob Radez <rob@osinvestor.com>, Joshua Kwan <joshk@triplehelix.org>, Jurij Smakov <jurij@wooyd.org>, Frederik Schüler <fschueler@gmx.net>, Guido Guenther <agx@debian.org>, Karsten Merker <merker@debian.org>, Sven Luther <luther@debian.org>, Kyle McMartin <kyle@debian.org>, "Christian T. Steigies" <cts@debian.org>, Ben Collins <bcollins@debian.org>, LaMont Jones <lamont@debian.org>, Bdale Garbee <bdale@debian.org>, Debian Kernel Team <debian-kernel@lists.debian.org>
- Subject: Re: Kernel Security Updates for Sarge
- From: Horms <horms@debian.org>
- Date: Thu, 12 May 2005 18:00:15 +0900
- Message-id: <[🔎] 20050512090014.GE5664@verge.net.au>
- Mail-followup-to: Steve Langasek <vorlon@debian.org>, Thiemo Seufer <ths@networkno.de>, Martin Schulze <joey@infodrom.org>, Andres Salomon <dilinger@debian.org>, Norbert Tretkowski <nobse@debian.org>, Thibaut VARENE <varenet@debian.org>, dann frazier <dannf@debian.org>, Bastian Blank <waldi@debian.org>, Rob Radez <rob@osinvestor.com>, Joshua Kwan <joshk@triplehelix.org>, Jurij Smakov <jurij@wooyd.org>, Frederik Schüler <fschueler@gmx.net>, Guido Guenther <agx@debian.org>, Karsten Merker <merker@debian.org>, Sven Luther <luther@debian.org>, Kyle McMartin <kyle@debian.org>, "Christian T. Steigies" <cts@debian.org>, Ben Collins <bcollins@debian.org>, LaMont Jones <lamont@debian.org>, Bdale Garbee <bdale@debian.org>, Debian Kernel Team <debian-kernel@lists.debian.org>
- In-reply-to: <[🔎] 20050512082750.GE12481@mauritius.dodds.net>
- References: <[🔎] 20050512060848.GA12019@verge.net.au> <[🔎] 20050512080706.GH1704@hattusa.textio> <[🔎] 20050512082750.GE12481@mauritius.dodds.net>
On Thu, May 12, 2005 at 01:27:55AM -0700, Steve Langasek wrote:
> On Thu, May 12, 2005 at 10:07:06AM +0200, Thiemo Seufer wrote:
> > Horms wrote:
> > [snip]
> > > For reference, these are the architectues that I believe
> > > the kernel team handles, and the version of the kernel source
> > > they are using in Sarge:
>
> > > Base kernel source version of package in Sarge
> > > 2.4.27: alpha kernel-tree-2.4.27-9 (seems to be out of date in SVN)
> > > hppa kernel-tree-2.4.27-8
> > > i386 kernel-tree-2.4.27-8
> > > ia64 kernel-tree-2.4.27-8
> > > mips kernel-tree-2.4.27-8 (versioned dependancy needs to be
> > > changed to kernel-tree-2.4.27-8)
>
> > mips/mipsel uses the kernel-source package as build dependency
> > instead of kernel-tree.
>
> > [snip]
> > > The changelogs that I would like you to look at are as follows.
> > > Almost all of the changes will be in kernel-source, and I believe
> > > that the log is accurate. There are also changelogs for each
> > > architecture, but these are generally just packaging and kernel-config
> > > changes:
> > [snip]
> > > mips: version in Sarge: 2.4.27-8.040815-1
> > > http://svn.debian.org/wsvn/kernel/trunk/kernel-2.4/mips/kernel-patch-2.4.27-mips-2.4.27/debian/changelog?op=file&rev=0&sc=0
>
> > mips/mipsel has four additional changes which should go in sarge:
> > - Fix broken ptrace
> > - Fix Cobalt PCI bridge initialisation
> > - Work around crashes on Cobalt under I/O load
> > - Fix crash on startup on serial-less Cobalts
>
> All of which seem to be out of scope in a discussion about security uploads,
> don't they?
Can someone claify if the scope for r1 updates is broader than
just security. That is, can fixes like this go into r1?
I beleive there are quite a few critical, but non-security bugs
floating around.
--
Horms
Reply to: