Your message dated Mon, 25 Feb 2013 12:48:59 +0000 with message-id <1361796539.3768.11.camel@deadeye.wl.decadent.org.uk> and subject line Re: Bug#701616: shouldn't CVE-2012-4530 fix have bumped ABI revision counter? has caused the Debian Bug report #701616, regarding shouldn't CVE-2012-4530 fix have bumped ABI revision counter? to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 701616: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701616 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: shouldn't CVE-2012-4530 fix have bumped ABI revision counter?
- From: Sergio Gelato <Sergio.Gelato@astro.su.se>
- Date: Mon, 25 Feb 2013 12:24:19 +0100
- Message-id: <[🔎] 20130225112418.GB2627@ebisu.astro.su.se>
Package: linux-2.6 Version: 2.6.32-48 If I upgrade the linux-image package on a running system from 2.6.32-46 to 2.6.32-48, then run modprobe binfmt_misc before rebooting, the kernel fails to load the module and reports binfmt_misc: Unknown symbol bprm_change_interp That symbol was introduced by debian/patches/bugfix/all/exec-do-not-leave-bprm-interp-on-stack.patch (as part of the fix for CVE-2012-4530, says the changelog). I know this will go away after a reboot, but isn't the point of kernel ABI revision numbers to prevent this kind of problem? Is there a bug in the tools the kernel package maintainers use to detect ABI changes? I've seen hints of a similar issue with the lockd module, by the way. No new symbols as far as I can tell, but trying to load the 2.6.32-48 module into a 2.6.32-46 kernel results in lockd_up: makesock failed, error=-13 and lots of svc: failed to register lockdv1 RPC service (errno 13). with NFS mounts failing. This also goes away after rebooting into 2.6.32-48.
--- End Message ---
--- Begin Message ---
- To: 701616-done@bugs.debian.org
- Subject: Re: Bug#701616: shouldn't CVE-2012-4530 fix have bumped ABI revision counter?
- From: Ben Hutchings <ben@decadent.org.uk>
- Date: Mon, 25 Feb 2013 12:48:59 +0000
- Message-id: <1361796539.3768.11.camel@deadeye.wl.decadent.org.uk>
- In-reply-to: <[🔎] 20130225112418.GB2627@ebisu.astro.su.se>
- References: <[🔎] 20130225112418.GB2627@ebisu.astro.su.se>
On Mon, 2013-02-25 at 12:24 +0100, Sergio Gelato wrote: > Package: linux-2.6 > Version: 2.6.32-48 > > If I upgrade the linux-image package on a running system from > 2.6.32-46 to 2.6.32-48, then run > modprobe binfmt_misc > before rebooting, the kernel fails to load the module and reports > binfmt_misc: Unknown symbol bprm_change_interp > > That symbol was introduced by > debian/patches/bugfix/all/exec-do-not-leave-bprm-interp-on-stack.patch > (as part of the fix for CVE-2012-4530, says the changelog). > > I know this will go away after a reboot, but isn't the point of kernel ABI > revision numbers to prevent this kind of problem? No, the point is to ensure that out-of-tree modules are rebuilt only when necessary. > Is there a bug in the tools > the kernel package maintainers use to detect ABI changes? [...] Yes, and it accepts new symbols. Ben. -- Ben Hutchings Absolutum obsoletum. (If it works, it's out of date.) - Stafford BeerAttachment: signature.asc
Description: This is a digitally signed message part
--- End Message ---