[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: CVE-2017-5754 - ETA?

On 2018-01-08 17:04 +0000, Tixy wrote:

> On Mon, 2018-01-08 at 11:36 -0400, francis picabia wrote:
>> > The DSA has been (will be shortly?) released for stable. Unstable,
>> > testing, and likely oldstable will probably follow soon.
>> > https://security-tracker.debian.org/tracker/DSA-4078-1
>> >
>> >
>> >
>> Thanks for the response.  I'm looking now and I see stretch and wheezy
>> are
>> addressed, but not jessie.  Odd.  Why would old-stable be a challenge?
>
> It's a major set of changes that needs to be ported and tested. Perhaps
> there we're more companies and distro's working on the 3.2 kernel in
> Wheezy compared to 3.16 as used in Jessie.

I doubt that, both 3.2 and 3.16 are maintained by Ben Hutchings and are
not used by any major distro except Debian AFAIK.

> Or perhaps the latter port hit problems, who knows.

Definitely, both Ben and testers/reviewers hit showstopper bugs
including failure to boot at all.  See the thread on the stable@vger
list at https://www.spinics.net/lists/stable/index.html#209049.

Cheers,
       Sven
Reply to: