On Sun, 2013-02-17 at 22:42 +0000, Adam D. Barratt wrote: > On Sun, 2013-02-17 at 13:33 -0800, dann frazier wrote: > > On Sun, Feb 17, 2013 at 03:14:04PM +0000, Adam D. Barratt wrote: > > > I gather there's a chance there might need to be further security > > > updates; will that mean we need another update in p-u? > > > > Possibly; an alternative would be to release a 48squeeze1 via security > > to sync up w/ the fixes just before the point release. That would let > > us go ahead and get the lkdi/d-i updates ready and give us some > > flexibility to react to any follow-on changes that may appear this > > week as CVE-2013-0871 is discussed. > > From the release perspective, I obviously have a bias toward wanting to > get a finalised kernel and lkdi / d-i sorted sooner rather than later, > both so we can get people to test the former and to reduce the > likelihood of last minute issues / upload chasing with the latter. > > > On the other hand, I know Ben has > > another fix queued for stable, and I saw a mention of a possible > > s390/KVM regression - so those may justify the extra p-u update. > > Are these regressions from the current stable kernel?
The s390/KVM issue is a possible regression introduced in -48. I don't have confirmation that this affects the Debian build, but it was reported upstream as caused by the fix we cherry-picked for #698382. The fix for the regression is labelled as being for v3.3+, but I don't see any relevant changes between 3.2 and 3.3 so I don't trust that minimum version. But the code it touches looks substantially different in 2.6.32. Who can test this? The other bug for which there is a pending fix (#700544) is not a regression and is easy to work around. Ben. -- Ben Hutchings Sturgeon's Law: Ninety percent of everything is crap.
signature.asc
Description: This is a digitally signed message part
