Hi
Following the tradition to keep up with upstream stable releases and
aiming to have a trixie close to upstream, I would like to upload
linux version 6.12.24-1 to unstable.
6.12.22-1 has moved already to testing so far.
Debian Boot, Release team how is the timing with respect potential d-i
work?
The new version imports stable series versions up to 6.12.24. Those
are relatively big given they were the first after the 6.15 merge
window. I would expect we might encounter some (yet undetected)
problems, which will be soon then addressed in followup stable series
as well. Several (known) CVEs are covered in those releases:
CVE-2023-53034, CVE-2025-22024, CVE-2025-22025, CVE-2025-22027,
CVE-2025-22028, CVE-2025-22029, CVE-2025-22030, CVE-2025-22032,
CVE-2025-22033, CVE-2025-22034, CVE-2025-22035, CVE-2025-22036,
CVE-2025-22037, CVE-2025-22038, CVE-2025-22039, CVE-2025-22040,
CVE-2025-22041, CVE-2025-22042, CVE-2025-22043, CVE-2025-22044,
CVE-2025-22045, CVE-2025-22046, CVE-2025-22047, CVE-2025-22048,
CVE-2025-22049, CVE-2025-22050, CVE-2025-22053, CVE-2025-22054,
CVE-2025-22055, CVE-2025-22056, CVE-2025-22057, CVE-2025-22058,
CVE-2025-22059, CVE-2025-22060, CVE-2025-22062, CVE-2025-22063,
CVE-2025-22064, CVE-2025-22065, CVE-2025-22066, CVE-2025-22067,
CVE-2025-22068, CVE-2025-22070, CVE-2025-22071, CVE-2025-22072,
CVE-2025-22073, CVE-2025-22074, CVE-2025-22075, CVE-2025-22076,
CVE-2025-22077, CVE-2025-22078, CVE-2025-22079, CVE-2025-22080,
CVE-2025-22081, CVE-2025-22082, CVE-2025-22083, CVE-2025-22084,
CVE-2025-22085, CVE-2025-22086, CVE-2025-22087, CVE-2025-22088,
CVE-2025-22089, CVE-2025-22090, CVE-2025-22091, CVE-2025-22093,
CVE-2025-22095, CVE-2025-22097, CVE-2025-23134, CVE-2025-23136,
CVE-2025-23138, CVE-2025-37785, CVE-2025-37893, CVE-2025-38049,
CVE-2025-38152, CVE-2025-38240, CVE-2025-38479, CVE-2025-38575,
CVE-2025-38637, CVE-2025-39688, CVE-2025-39728, CVE-2025-39735,
CVE-2025-39778, CVE-2025-39989 and CVE-2025-40114 (although I guess
it's bit moot to list the CVEs known for those stable releases, we
have plenty on each round anyway ;-)).
Some packaging changes are included, so far they are:
* [arm64,powerpc,ppc64,ppc64el,riscv64,s390x] Enable KALLSYMS_ALL on
all architectures where DEBUG_INFO_BTF is on (Closes: #1100634)
* hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key
(note the later one is a LPE, "longstanding" already, but see upstream
discussion about HFS/HFS+, we aimed initially to have support for
those filesystem dropped, but at this point it is not possible).
Kernel team, we have a couple of merge requests which we aim to have
backported as well to trixie, I think it would be good that we can
include hose as well, meaning we have to first merge them into
debian/latest for experimental:
1464 d/rules.real: Export CROSS_COMPILE_COMPAT, CROSS32_COMPILE variables
https://salsa.debian.org/kernel-team/linux/-/merge_requests/1464
1466 Fix various lintian errors and warnings
https://salsa.debian.org/kernel-team/linux/-/merge_requests/1466
1467 linux-kbuild: Fix cross-build regression (needs reveiw)
https://salsa.debian.org/kernel-team/linux/-/merge_requests/1467
where the first and last are rgressions we need to handle.
The following are merged already in debian/latest
1295 [arm64] Fixes for MediaTek Chromebooks
https://salsa.debian.org/kernel-team/linux/-/merge_requests/1295
1302 udeb: Add onboard_usb_dev to usb-modules
https://salsa.debian.org/kernel-team/linux/-/merge_requests/1302
1463 drivers/hwmon/pmbus: Enable PMBUS and SENSORS_PMBUS as modules
https://salsa.debian.org/kernel-team/linux/-/merge_requests/1463
Those add HW support.
Comments? Concerns about the timing? Go ahead?
Regards,
Salvatore
Attachment:
signature.asc
Description: PGP signature