Jonathan Wiltshire <jmw@debian.org> (2024-11-25): > Control: tag -1 d-i > > On Thu, Nov 21, 2024 at 09:36:13PM +0100, Chris Hofstaedtler wrote: > > [ Reason ] > > In the mitigation for CVE-2024-28085 util-linux intended to disable > > setgid on write and wall. I used --disable-tty-group to achieve this. > > However this causes `mesg y` to behave differently, it sets the tty mode > > a+w. > > This is surprising and not what was intended. Upstream removed this > > misfeature and added a new configure flag to stop installing write, wall > > setgid. > > > > This update adds the upstream patch(es) and uses the new configure flag > > instead. > > d-i ack needed for the udebs, in CC. No objections, thanks. Cheers, -- Cyril Brulebois (kibi@debian.org) <https://debamax.com/> D-I release manager -- Release team member -- Freelance Consultant
Attachment:
signature.asc
Description: PGP signature