Re: Kernel Security Updates for Sarge
- To: Martin Schulze <joey@infodrom.org>, Andres Salomon <dilinger@debian.org>, Steve Langasek <vorlon@debian.org>, Norbert Tretkowski <nobse@debian.org>, Thibaut VARENE <varenet@debian.org>, dann frazier <dannf@debian.org>, Bastian Blank <waldi@debian.org>, Rob Radez <rob@osinvestor.com>, Joshua Kwan <joshk@triplehelix.org>, Jurij Smakov <jurij@wooyd.org>, Frederik Schüler <fschueler@gmx.net>, Guido Guenther <agx@debian.org>, Karsten Merker <merker@debian.org>, Thiemo Seufer <ths@debian.org>, Sven Luther <luther@debian.org>, Kyle McMartin <kyle@debian.org>, "Christian T. Steigies" <cts@debian.org>, Ben Collins <bcollins@debian.org>, LaMont Jones <lamont@debian.org>, Bdale Garbee <bdale@debian.org>, Debian Kernel Team <debian-kernel@lists.debian.org>
- Subject: Re: Kernel Security Updates for Sarge
- From: Sven Luther <sven.luther@wanadoo.fr>
- Date: Thu, 12 May 2005 09:37:47 +0200
- Message-id: <[🔎] 20050512073746.GA20895@pegasos>
- In-reply-to: <[🔎] 20050512070413.GA16342@debian.org>
- References: <[🔎] 20050512060848.GA12019@verge.net.au> <[🔎] 20050512070413.GA16342@debian.org>
On Thu, May 12, 2005 at 04:04:22PM +0900, Horms wrote:
> On Thu, May 12, 2005 at 03:08:51PM +0900, Horms wrote:
> > Hi Martin,
> >
> > Steve Langasek asked me to get in contact with you in regards
> > to kernel security updates for sarge. I am happy to report
> > that I and other members of the kernel team have been keeping
> > the kernel-source for both 2.4.27 and 2.6.8 up to date in SVN.
> > And as of yesterday afternoon I have no outstanding security
> > bugs for either.
>
> ... had no outstanding secuirty issues.
>
> I just noticed CAN-2005-1263, otherwise known as Bug #308724 and #308634
> I will work on getting this into SVN asap. I believe it applies
> to both 2.4.27 and 2.6.8, although I have not investigated.
>
> There is also a quite severe problem with the header packages
> on powerpc, Sven Luther is working on a fix for this. When I say
> severe, I understand that they are completely broken.
> I think this applies to both 2.4.27 and 2.6.8. See Bug #308639.
Well, not broken, they just can't be used to build third party modules with
them.
Fix is trivial, and only involves adding a couple of symlinks in the right
place, no change to the binaries at all. In the extreme case, it could be
fixed by using an external package depending on both kernel-headers and
kernel-build and putting the symlink there, or with an errata giving the
script used to fix this issue.
Friendly,
Sven Luther
Reply to: