Re: CVE-2017-5754

Re: CVE-2017-5754 - ETA?

Can't you clone the disk to another machine, then test the stretch kernel and then run hybrid for a while?

The kernel is just the intermediate between the hardware and userspace, shoulnd not cause too much trouble, if not you can always test it that way.

On 01/08/2018 04:36 PM, francis picabia wrote:

On Thu, Jan 4, 2018 at 4:47 PM, Don Armstrong <don@debian.org> wrote:

On Thu, 04 Jan 2018, francis picabia wrote:
> Redhat, Ubuntu and others have kernel updates available today for this
> kernel patch that has been worked on since November. Normally Debian
> has been quick out of the gate with security measures.
>
> Is there an ETA when Debian will update kernel packages?

The DSA has been (will be shortly?) released for stable. Unstable,
testing, and likely oldstable will probably follow soon.
https://security-tracker.debian.org/tracker/DSA-4078-1

Thanks for the response. I'm looking now and I see stretch and wheezy are

addressed, but not jessie. Odd. Why would old-stable be a challenge?

I'm concerned because we run a system for students to do programming, and there

is typically one in the crowd who will try out any script kiddies in the news. For

the time being I've blocked access to the system, but faculty expect it

will be available for use in a week or so. I have the option to install

the stretch kernel and run in a hybrid version for awhile, but I'm not sure

if there will be problems with that workaround.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

References:

CVE-2017-5754 - ETA?
- From: francis picabia <fpicabia@gmail.com>
Re: CVE-2017-5754 - ETA?
- From: Don Armstrong <don@debian.org>
Re: CVE-2017-5754 - ETA?
- From: francis picabia <fpicabia@gmail.com>