[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [stretch] ABI bump for 4.9 with retpoline support?

On Sat, Feb 17, 2018 at 08:57:42PM +0100, Yves-Alexis Perez wrote:
> On Sat, 2018-02-17 at 19:51 +0000, Ben Hutchings wrote:
> > I think we should bump ABI again.
> 
> Thanks for the feedback. I'll do that and remove all the ABI reverts and
> ignores.
> 
> >   We should also do the equivalent of
> > these changes in sid, with s/gcc-7/gcc-6/.
> > 
> >   * [x86] Add versioned build-dependency on gcc-7 for retpoline support
> >   * [x86] linux-compiler-gcc-7-x86: Add versioned dependency on gcc-7 for
> >     retpoline support
> >   * [x86] linux-headers: Depend on updated linux-compiler-gcc-7-x86
> 
> I did the linux-compiler-gcc-6-x86 one but not the other two, Will do as well.
> 
> Should we upload this one through security-master (for the CVE-2017-5715 fix)
> or through stretch-pu again?

I'd say via security.debian.org, to get the CVE-2017-5715 fix out to users.

At this point it seems that for spectre/v1 it will take quite some until all
the affected code paths are identified, so maybe these will rather trickle in
piece by piece now array_index_nospec() has landed.

Cheers,
        Moritz
Reply to: