Re: [RFC] in-d-i upgrades

To: debian-boot@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, debian-release@lists.debian.org
Subject: Re: [RFC] in-d-i upgrades
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Thu, 3 Jul 2008 12:52:25 +0200 (CEST)
Message-id: <[🔎] 66767042c5a3a8ce14da0fb27d226bcf.squirrel@wm.kinkhorst.nl>
In-reply-to: <20080628204055.GA14938@kodama.kitenet.net>
References: <20080628204055.GA14938@kodama.kitenet.net>

Hi Joey,

On Sat, June 28, 2008 22:40, Joey Hess wrote:
> I've been working on a fix for bug #479431, and before I apply it to
> d-i, I want to make you aware of it, since it can have repercussions to
> DSAs and release management.

Thank you for your work on this. I think this adds a significant amount of
proactive security to a Debian installation.

> If you're making a D[T]SA for a package that is installed by
> debootstrap, or of the kernel, or of (some) of the other packages listed at
> <http://release.debian.org/britney/noremove.d/> (d-i* files), you
> will need to keep in mind that d-i will upgrade it to the fixed version
> inside the d-i environment, and that all the issues I list in [1] should
> be avoided.

I've reviewed the list and I think these are all issues we can deal with.
Most of them should never even occur in security updates. It's good to
know about them to keep in mind and I think we can deal with them to
prevent d-i trouble.

cheers,
Thijs

Reply to:

Prev by Date: Bug#488898: win32-loader: [INTL:sk] Slovak po-debconf translation
Next by Date: Processing of linux-kernel-di-armel-2.6_1.16_armel.changes
Previous by thread: Bug#489103: rootskel: FTBFS: open3: exec of /usr/bin/gcc-4.1 [..] failed at /usr/bin/klcc line 138
Next by thread: Processing of linux-kernel-di-armel-2.6_1.16_armel.changes
Index(es):
- Date
- Thread