Re: [stretch] ABI bump for 4.9 with retpoline support?
On Sat, Feb 17, 2018 at 08:57:42PM +0100, Yves-Alexis Perez wrote:
> On Sat, 2018-02-17 at 19:51 +0000, Ben Hutchings wrote:
> > I think we should bump ABI again.
>
> Thanks for the feedback. I'll do that and remove all the ABI reverts and
> ignores.
>
> > We should also do the equivalent of
> > these changes in sid, with s/gcc-7/gcc-6/.
> >
> > * [x86] Add versioned build-dependency on gcc-7 for retpoline support
> > * [x86] linux-compiler-gcc-7-x86: Add versioned dependency on gcc-7 for
> > retpoline support
> > * [x86] linux-headers: Depend on updated linux-compiler-gcc-7-x86
>
> I did the linux-compiler-gcc-6-x86 one but not the other two, Will do as well.
>
> Should we upload this one through security-master (for the CVE-2017-5715 fix)
> or through stretch-pu again?
I'd say via security.debian.org, to get the CVE-2017-5715 fix out to users.
At this point it seems that for spectre/v1 it will take quite some until all
the affected code paths are identified, so maybe these will rather trickle in
piece by piece now array_index_nospec() has landed.
Cheers,
Moritz
Reply to: