On Sat, 2017-03-18 at 17:01 +0100, Julien Aubin wrote:
> Source: linux
> Severity: critical
> Tags: security
> Justification: root security hole
>
> Hi,
>
> Security issue CVE-2017-2636 (severity 7.8) has been disclosed and the fix
> has
> been provided for Jessie and Wheezy. The problem is that there's as of now
> no
> fix available for sid and stretch while things become more and more critical
> due to the severity of the issue.
>
> Kernel 4.9.15 contains a fix for this. Could you please integrate it ASAP on
> Stretch ?
[...]
Note that we already documented a mitigation for this in the DSA.
Ben.
--
Ben Hutchings
Editing code like this is akin to sticking plasters on the bleeding
stump
of a severed limb. - me, 29 June 1999