Bug#1033065: release-notes: i386 notes should specify minimum CPU requirements

[James Addison <jay@jp-hosting.net>]

Package: release-notes
Followup-For: Bug #1033065
X-Debbugs-Cc: martin-eric.racine@iki.fi

I've used the following commands to confirm that the i386 sudo/1.9.9-1 package
contains the bugreport-relevant NOPL opcode:

  # obtain an archived copy of the affected binary package
  $ wget2 http://snapshot.debian.org/archive/debian/20220202T154459Z/pool/main/s/sudo/sudo_1.9.9-1_i386.deb

  # unpack the contents of the package into a corresponding directory name
  $ dpkg -x sudo_1.9.9-1_i386.deb sudo_1.9.9-1_i386

  # iterate over each executable file extracted from the package
  #  - print each filename so that we can identify potentially-affected files
  #  - check for the 'NOPL' opcode in all i386 code sections of the file
  $ while IFS= read -r -d '' file; do
  > echo "$file"
  > objdump --architecture=i386 --disassemble-all "$file" | grep -w "nopl"
  > done < <(find . -type f -executable -print0)


It should be possible to generalise this further to scan a larger set of
packages.

The 'grep' for the word 'nopl' seems potentially fragile.  If there's a
more-precise and/or less-false-positive-prone way to check whether each file
contains the 'nopl' opcode (and I'd expect that there is), then that'd be a
welcome improvement.