[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#834791: Add NEWS/README.Debian entry to recommend people not to enable KSM

Source: linux
Version: 3.16.7-ckt7-1
Severity: wishlist

On Wed, Aug 17, 2016 at 11:51:14PM +0200, Moritz Mühlenhoff wrote:
> Aurelien Jarno <aurelien@aurel32.net> schrieb:
> > On 2016-08-14 16:00, Salvatore Bonaccorso wrote:
> >> Package: release.debian.org
> >> Severity: normal
> >> Tags: jessie
> >> User: release.debian.org@packages.debian.org
> >> Usertags: pu
> >> 
> >> Dear SRM
> >> 
> >> I would like to propose the following hardening to src:gnupg2 which was
> >> found during the analysis of a vulnerability report to the security team
> >> and related to
> >> https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf
> >> and developed by NIIBE Yutaka. The underlying problem in hardware cannot
> >> be solved in software (and thus we don't want to issue a DSA for it, and
> >> give possibly this false impression), and as pointed out by Florian
> >
> > I wonder if it would be a good idea to release an announcement without
> > any software change recommending people to not enable KSM on their
> > hosts?
> 
> I think a NEWS file for the kernel would be best?

Okay. Let's open a Bug for src:linux for this.

Regards,
Salvatore
Reply to: