Re: Bug#988442: unblock: linux/5.10.40-1
Control: retitle -1 unblock: linux/5.10.40-1
Hi Paul, hi Cyril,
On Thu, May 27, 2021 at 11:04:14AM +0200, Cyril Brulebois wrote:
> Paul Gevers <elbrus@debian.org> (2021-05-27):
> > Control: tags -1 confirmed d-i
> >
> > @boot: needs d-i ACK. As I believe you are aware of, the upload has
> > already happened.
> >
> > @kibi: feel free to age it if/when you see fit
>
> We've just discussed that (with Salvatore) on IRC minutes ago, and it
> seems like this unblock request will be withdrawn/recycled for another
> version, that version needs fixing.
So let's give some background. Whilst it would have bee good to
finally move linux/5.10.38-1 to testing because it contained many
needed bugfixes and in particular as well the CVE fixes for the bpf
issues, doing so would have introduced the worse bpf issue
CVE-2021-33200.
Cf. https://www.openwall.com/lists/oss-security/2021/05/27/1
I uploaded now 5.10.40-1 which contains those fixes for CVE-2021-33200
in the upload, we should ensure those fixes go into bullseye.
Assuming we notice no issues with that upload, once Cyril is fine with
it as well from d-i perspective, please let it migrate to bullseye.
Regards,
Salvatore
Reply to: