Source: linux Version: 3.16.7-ckt7-1 Severity: wishlist On Wed, Aug 17, 2016 at 11:51:14PM +0200, Moritz Mühlenhoff wrote: > Aurelien Jarno <aurel...@aurel32.net> schrieb: > > On 2016-08-14 16:00, Salvatore Bonaccorso wrote: > >> Package: release.debian.org > >> Severity: normal > >> Tags: jessie > >> User: release.debian....@packages.debian.org > >> Usertags: pu > >> > >> Dear SRM > >> > >> I would like to propose the following hardening to src:gnupg2 which was > >> found during the analysis of a vulnerability report to the security team > >> and related to > >> https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf > >> and developed by NIIBE Yutaka. The underlying problem in hardware cannot > >> be solved in software (and thus we don't want to issue a DSA for it, and > >> give possibly this false impression), and as pointed out by Florian > > > > I wonder if it would be a good idea to release an announcement without > > any software change recommending people to not enable KSM on their > > hosts? > > I think a NEWS file for the kernel would be best?
Okay. Let's open a Bug for src:linux for this. Regards, Salvatore
