Bug#1007714: bullseye-pu: package openssh/1:8.4p1-5+deb11u1

To: Colin Watson <cjwatson@debian.org>, 1007714@bugs.debian.org
Cc: kibi@debian.org, debian-boot@lists.debian.org
Subject: Bug#1007714: bullseye-pu: package openssh/1:8.4p1-5+deb11u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 17 Mar 2022 22:00:13 +0000
Message-id: <[🔎] 63d6b38e695f086dbde30d36970e66e6ac692ee8.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1007714@bugs.debian.org
In-reply-to: <[🔎] YjCu0b8KKv73gbMT@riva.ucam.org>
References: <[🔎] YjCu0b8KKv73gbMT@riva.ucam.org> <[🔎] YjCu0b8KKv73gbMT@riva.ucam.org>

Control: tags -1 + confirmed d-i

On Tue, 2022-03-15 at 15:20 +0000, Colin Watson wrote:
> OpenSSH in stable breaks on 32-bit architectures (at least armhf,
> reportedly also i386) after upgrading libc6 to the version in
> bookworm,
> due to changes in its system call interface that affect OpenSSH's
> seccomp sandbox.  See https://bugs.debian.org/1004427.
> 
> [ Impact ]
> Without this change, I'm concerned that sshd may be unavailable
> during
> part of an upgrade from bullseye to bookworm (or even make the
> machine
> inaccessible, if it's headless and the upgrade fails).  Getting the
> sandbox tweak into bullseye at this stage would reduce that risk.
> 

Please go ahead.

As openssh builds a udeb, I'm CCing KiBi and tagging the bug
accordingly.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#1007714: bullseye-pu: package openssh/1:8.4p1-5+deb11u1
  - From: Cyril Brulebois <kibi@debian.org>

References:
- Bug#1007714: bullseye-pu: package openssh/1:8.4p1-5+deb11u1
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Bug#1005949: bullseye-pu: package glibc/2.31-13+deb11u3
Next by Date: Processed: Re: Bug#1007714: bullseye-pu: package openssh/1:8.4p1-5+deb11u1
Previous by thread: Bug#1007714: bullseye-pu: package openssh/1:8.4p1-5+deb11u1
Next by thread: Bug#1007714: bullseye-pu: package openssh/1:8.4p1-5+deb11u1
Index(es):
- Date
- Thread