Your message dated Sat, 27 Oct 2018 22:34:16 +0000 with message-id <e1ggx9s-0006xk...@fasolo.debian.org> and subject line Bug#908711: fixed in pkgsel 0.61 has caused the Debian Bug report #908711, regarding Race condition in d-i leading to kernel from security.debian.org to be kept back to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 908711: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908711 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: debian-installer Version: 20170615+deb9u4 Hi, I just noticed a race condition in d-i, which may lead to a mild security risk. When the kernel metapackage (linux-image-<arch>) is initially installed, APT doesn't install recommended packages, and security.debian.org repository is not configured yet, so the installer naturally fetches the latest kernel from the core suite. After APT configuration, and other repositories and suites are available, debian-installer runs an upgrade; but if a newer version of linux-image-<arch> is found in one of those newly available repositories (security.debian.org in this case), it's not installed because APT refuses to install the recommended packages (firware-linux-free, irqbalance) to satisfy dependencies, so the kernel metapackage is kept back. It won't be installed until the admin runs an upgrade manually, once the system is booted. This may put it at risk during a certain period of time between the first boot, and the first upgrade (and reboot). Regards, -- Raphaël Halimi
signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---Source: pkgsel Source-Version: 0.61 We believe that the bug you reported is fixed in the latest version of pkgsel, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 908...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Ben Hutchings <b...@decadent.org.uk> (supplier of updated pkgsel package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Oct 2018 23:19:13 +0100 Source: pkgsel Binary: pkgsel Architecture: source Version: 0.61 Distribution: unstable Urgency: medium Maintainer: Debian Install System Team <debian-boot@lists.debian.org> Changed-By: Ben Hutchings <b...@decadent.org.uk> Description: pkgsel - Select and install packages (udeb) Closes: 908711 912073 Changes: pkgsel (0.61) unstable; urgency=medium . * Install new dependencies when safe-upgrade (default) is selected (Closes: #908711) * Allow update-initramfs to run normally during package upgrade and installation (Closes: #912073) Checksums-Sha1: f9a54e694d52ec258c24c13c57d60b408615e79d 1591 pkgsel_0.61.dsc 9c4e1e0c424f837f81c80c530a215872fb42e126 51908 pkgsel_0.61.tar.xz 0215d9dfd0637e797fa1002291d2e5392ed6da59 5153 pkgsel_0.61_source.buildinfo Checksums-Sha256: ee9a00276026e44056b6d66e349d904fb8c5120f80cb0b2d120f266b95023191 1591 pkgsel_0.61.dsc 44e5afbb45fb8b341e1970d3b373835aa5f6a239c100ffa92dca96becda96190 51908 pkgsel_0.61.tar.xz adaca32ee52cca5f1742f8fab1ab7bb7fdeabb4787b2748d72b3faaafce1a5a3 5153 pkgsel_0.61_source.buildinfo Files: 2f365d94fc83e321d2370beddd47ec21 1591 debian-installer standard pkgsel_0.61.dsc 50e06b4b69416f3e276558cab5005608 51908 debian-installer standard pkgsel_0.61.tar.xz 357476cee3242b7ce9a7a3e84405256e 5153 debian-installer standard pkgsel_0.61_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlvU5MEACgkQ57/I7JWG EQmQKg/+K6MQQygZZb9QbdY/JGZPSaUbGIqOv+/Te/xBqx/fWBpuX7IT+uHzAsk0 wKZ63v7ItTDtRoTZ4mxeciMPg8id8GIJvteji77VIknMDsYXVmvjVaU2lh1klQHB XuLc0gQEjV/0MIj5vm/b0x9UsT1TNjXTz2WEjgMY1NeomO2O9iMKru6cs3G/Kv3B mCakH/nTRtQz2BenL5yo6yqbJUK+toNnrTapZou8RjWmttjsaZRUSs18YrOiJ7EC vtuH8qG6kly/rIv3/X4PD/LwzXhIKXeHssNdtr5bkwq4tA2MbNBCRzLvmxFZkMgd /+0xmWCLHAtAK/DzDbaqmuZ0wBfn7oc3TsB608Yx6yfummkRIJ+t9irGztmzzcJ3 rjTfi0i7Y5V0fqMJd1//LkT3Bd/5aEmz/C9XluIBKYwXe7KNliBQTZRcwL0VvCPt oAQ6+CqC/wQJP0pZRab2tYLvf3GLn0L8zB6rFEZl/uf8tdyBnX0BK3VzVaSfe3rH FGCM2luynmrGGVDMxuITXJgEluQs5NScknfu+9URWWzSLqxuR4yFPKL9eK03P9lZ DEevnyCIq8LgiqwsRG5lL5n90unJvMT8UbzX53YpD+rocjokWYPDbM2srQGp/nrW eboPibLXxncyoQilbNCNXWU8QvwMGj9gaRDP28R/H/WXVpk1Szs= =bWJU -----END PGP SIGNATURE-----
--- End Message ---
