Re: Please consider unblocking Chromium and linux packages for Buster
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 6/20/19 6:40 PM, Lazar Tadić wrote:
> Likewise, linux package in Buster lack recent fixes for SACKs Panic vulnerabilities. I hope it will also be uploaded soon.
Good Day Lazar,
Thank you for your note. I do /not/ speak for the Debian kernel
team, but an upgrade of Linux fixing these TCP SACK
vulnerabilities are in the pipeline in Debian Sid, in Linux
version 4.19.37-5. There is an unconditional ten days delay for
introduction of upgrades from Sid to Testing, hence the missing
security upgrade into Debian Buster at t time. Hopefully it
should land on time for July, the 6th.
Paradoxically, if security is a concern, Sid is preferable over
Testing. Of course Debian Stable remains the best choice in
that situation, if applications or hardware allow it.
Kind Regards,
- --
Étienne Mollier <etienne.mollier@mailoo.org> 59DA 56FE FFF3 882D
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEEWrFO32O7zP+LVC+pWdpW/v/ziC0FAl0L1FEACgkQWdpW/v/z
iC1lGQwAy1t8i7Tu1N+bgnsR+sLwgXYZ+NhRt7ldXpLGGrFUnBHwyl0SiJBADxli
aDX5dXXhFSMxWFE+Stx2kGXNMLmjs3mtPnYLwAVDfLwl6WWpU8ozbVpYqitROq8f
+7Ze7vSUu1tI8JEREYmx8kfDTNfBDyveM8UTaFQnUQuUZ/aZP7P4PBH8Jv2KKKih
Ihy6gAtYv8Ah2I1rwjO6UtFh+cWsfX0wrDMz6MPmvQCJT7scPW4F45BHHS6q5C5l
7/JMrrmAFBCD394TRzSN5ry1GacQu7ayaorDy7gW7bsJPeS7ZIqTgQUWwQBMy68m
yvauyGWm1lWKKoj5cEQwjFQb0WGasjIFm7J/+Dkd1at81fn3JgjvcgNf2o8zwx14
hCU5po0HlwIowC1SzoM5vQ2zf114voPqkbicxON8AVPaQoFL+vrSWOiKJNey3YAo
Nls/D1Cfzn8eoTznU2qb2IRCVPybGRJizCsQ734MTYhhtZoY/5FPuh9VUmK/6YRf
8/dXXItv
=H05u
-----END PGP SIGNATURE-----
Reply to: