Re: sarge3 kernel build & r3
Martin Schulze wrote:
> It would be good if we would be able some day to release kernel
> updates in a more timely fashion and also not accumulate this many
> security updates in one update. However, due to the number of
> architectures and affected packages I'm not sure this goal can be met
> any time soon. But that's a different story...
It will be possible for Etch, the linux-2.6 kernel packages can be
autobuilt, which should reduce the overhead significantly.
> > During the d-i bof at DebConf I pointed out that the sarge3 kernel
> > build is in progress and is not an ABI change - there was consensus to
> > wait for this build before doing the d-i build for r3. I don't
> > remember the timeline we discussed for this build. The current status
> > is that the build is complete and pending upload by the security team
> > (I think Moritz would be the one to do it, so I've cc'd him).
> Oh. Great. Good to hear (err... sending such information to
> team@security would actually be a good idea as well...)
I'm pretty sure I kept you posted. I dropped a note when I pushed out
the Woody updates, but it was probably too terse. Sorry for that, I've
been very busy over the last months.
I'll process the 2.4.27 and 2.6.8 packages on the weekend.
Wrt the ABI bump: At DebConf Dann and I agreed to omit one kernel security
issue: A hard-too-trigger denial of service vulnerability in the experimental
SCTP code. As there will most definitely be another ABI breaker soon, it
wasn't worth all the work to cope with an ABI change.