[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: release update and branching

On Mon, Nov 22, 2004 at 12:41:38PM +0000, Martin Michlmayr wrote:
> * Horms <horms@verge.net.au> [2004-11-22 18:00]:
> > in SVN. Can you please advise if 1) this is a good idea for sarge - I
> > take it from this message that the answer is clearly yes, and 2) if
> > anything is missing or should be omitted - the changelog should be
> ...
> > Assuming the answers are 1) yes and 2) no, I should be able to get new
> > images up in the next day or so, certainly by the end of the week.
> Well, every kernel updates requires a new build of d-i and so is best
> avoided if that's possible.  However, I don't see how we can release
> the current kernel when it has a known security issue (the "race
> conditions in linux terminal subsystem", CAN-2004-0814).  Also, I
> couldn't find anything in the changelog about the ELF loader
> vulnerabilities (see http://lwn.net/Articles/110486/).
> How severe are those two issues?

They certainly seem severe enough to warant a new release before sarge.
We don't actually have a patch for the ELF loader problem in SVN yet.
I will address that ASAP and get back to you.


Reply to: