tags 633561 + moreinfo squeeze thanks Hi,
Apologies for letting this fall between the cracks for so long. On Mon, 2011-07-11 at 17:46 +0200, Robert Millan wrote: > Please consider this update for kfreebsd-8 in squeeze. It fixes a security > bug, a kernel panic condition in if_msk driver, and disables a buggy patch > which disabled 58 kernel modules (including many drivers for USB devices > and a few network cards) from the build system. > > * Fix net802.11 stack kernel memory disclosure (CVE-2011-2480). > (Closes: #631160) > - 000_net80211_disclosure.diff This looks okay, although I think you meant #631161. Your last message in the log there says "uploaded to unstable, but the bug is still open with no fixed versions recorded. Please could you clarify the status here? > * Merge backported if_msk driver from 8-STABLE. (Closes: #628954) > - 000_msk_backport.diff This should be okay, assuming that the resulting driver has been tested on Squeeze systems. A targetted fix would be preferable, but it sounds from the upstream report as if that's not particularly easy to accomplish. > * Disable buggy 009_disable_duped_modules.diff. It was disabling many > more modules than built into kernel (e.g. all USB modules). A few queries here, I'm afraid. - What's the effect of re-enabling the (duplicate) building of the modules which were intended to be disabled? - Does this affect which modules end up in the udebs? - The changelog comment from when the patch was introduced says that it made a ~4MB difference to the size of the image. As that was 2007, I'm assuming that the size difference is a fair bit larger now? - If the impact of the patch was to disable all USB modules, why was it not disabled sooner? Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1316274864.21594.48.ca...@hathi.jungle.funky-badger.org
