Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On 19/02/11 at 17:40 -0500, Michael Gilbert wrote: > On Sat, 19 Feb 2011 21:39:03 + Ben Hutchings wrote: > > > Hypothesis 1: using an older kernel in testing results in fewer > > > vulnerabilities > > > > > > Criteria: fewer vulnerabilities in lenny than squeeze during squeeze > > > testin

Processed: Udev failure on alpha because of missing inotify in -generic

Processing commands for cont...@bugs.debian.org: > clone 614099 -1 Bug#614099: udev: Upgrade in sid (alpha) fails (inotfy required?) Bug 614099 cloned as bug 614172. > reassign -1 linux-2.6 Bug #614172 [udev] udev: Upgrade in sid (alpha) fails (inotfy required?) Bug reassigned from package 'udev'

Re: [Secure-testing-team] [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, Feb 19, 2011 at 04:58:50PM -0500, Michael Gilbert wrote: > On Sat, 19 Feb 2011 22:28:17 +0100 Bastian Blank wrote: > > On Sat, Feb 19, 2011 at 03:55:03PM -0500, Michael Gilbert wrote: > > > Hypothesis 1: using an older kernel in testing results in fewer > > > vulnerabilities > > > Eviden

Bug#606763: (no subject)

the bug is fixed upstream in kernel 2.6.37.1 see here: https://bugzilla.kernel.org/show_bug.cgi?id=22672 -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20110220

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 19 Feb 2011 21:39:03 + Ben Hutchings wrote: > > Hypothesis 1: using an older kernel in testing results in fewer > > vulnerabilities > > > > Criteria: fewer vulnerabilities in lenny than squeeze during squeeze > > testing cycle > > Evidence: lenny's kernel was vulnerable to 67% of

Re: [Secure-testing-team] [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 19 Feb 2011 22:28:17 +0100 Bastian Blank wrote: > On Sat, Feb 19, 2011 at 03:55:03PM -0500, Michael Gilbert wrote: > > Hypothesis 1: using an older kernel in testing results in fewer > > vulnerabilities > > > > Criteria: fewer vulnerabilities in lenny than squeeze during squeeze > > t

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 2011-02-19 at 15:55 -0500, Michael Gilbert wrote: > On Sat, 19 Feb 2011 20:30:47 + Ben Hutchings wrote: > > > On Sat, 2011-02-19 at 14:59 -0500, Michael Gilbert wrote: > > > On Sat, 19 Feb 2011 19:32:08 + Ben Hutchings wrote: > > [...] > > > > > Again, if the user is interested in

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, Feb 19, 2011 at 03:55:03PM -0500, Michael Gilbert wrote: > Hypothesis 1: using an older kernel in testing results in fewer > vulnerabilities > > Criteria: fewer vulnerabilities in lenny than squeeze during squeeze > testing cycle > Evidence: lenny's kernel was vulnerable to 67% of th

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On sam., 2011-02-19 at 15:55 -0500, Michael Gilbert wrote: > I can't imagine anyone else being put through such a arduous process > to try an experiment for a couple months. Why does it have to be so > difficult? Because noone else wants Wheezy to be stuck at 2.6.32 when 2.6.37/38 are available.

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 19 Feb 2011 20:30:47 + Ben Hutchings wrote: > On Sat, 2011-02-19 at 14:59 -0500, Michael Gilbert wrote: > > On Sat, 19 Feb 2011 19:32:08 + Ben Hutchings wrote: > [...] > > > > Again, if the user is interested in such new developments, they will > > > > need to be willing to learn h

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 19 Feb 2011 14:59:27 -0500 Michael Gilbert wrote: > On Sat, 19 Feb 2011 19:32:08 + Ben Hutchings wrote: > > > On Sat, 2011-02-19 at 14:04 -0500, Michael Gilbert wrote: > > > On Sat, 19 Feb 2011 18:48:40 + Ben Hutchings wrote: > > > > > > > On Sat, 2011-02-19 at 13:12 -0500, Micha

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 2011-02-19 at 14:59 -0500, Michael Gilbert wrote: > On Sat, 19 Feb 2011 19:32:08 + Ben Hutchings wrote: [...] > > > Again, if the user is interested in such new developments, they will > > > need to be willing to learn how to run an unstable system. > > > > I thought that users interes

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 19 Feb 2011 19:32:08 + Ben Hutchings wrote: > On Sat, 2011-02-19 at 14:04 -0500, Michael Gilbert wrote: > > On Sat, 19 Feb 2011 18:48:40 + Ben Hutchings wrote: > > > > > On Sat, 2011-02-19 at 13:12 -0500, Michael Gilbert wrote: > [...] > > > > 2. Improve testing security by reduci

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 2011-02-19 at 14:04 -0500, Michael Gilbert wrote: > On Sat, 19 Feb 2011 18:48:40 + Ben Hutchings wrote: > > > On Sat, 2011-02-19 at 13:12 -0500, Michael Gilbert wrote: [...] > > > 2. Improve testing security by reducing the amount of vulnerabilities > > > existent in older kernels (rou

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 19 Feb 2011 18:48:40 + Ben Hutchings wrote: > On Sat, 2011-02-19 at 13:12 -0500, Michael Gilbert wrote: > [...] > > Also, this solution isn't just about CUT stability. As I've been > > describing, it is about killing about 2 birds with one stone: > > > > 1. Make testing always instal

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 2011-02-19 at 13:12 -0500, Michael Gilbert wrote: [...] > Also, this solution isn't just about CUT stability. As I've been > describing, it is about killing about 2 birds with one stone: > > 1. Make testing always installable by retaining a stable/well-tested > kernel and associated d-i i

Processed: tagging 609448

Processing commands for cont...@bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.10.35lenny7 > tags 609448 + pending Bug #609448 [linux-source-2.6.37] linux-source-2.6.37: source code not included for drivers/staging/ft1000/ft1000-pcmcia/boot.h? Added tag(s) pendi

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Sat, 19 Feb 2011 14:09:50 +0100 Raphael Hertzog wrote: > On Fri, 18 Feb 2011, Michael Gilbert wrote: > > This will also help to provide a bit more stability for CUT [0]. Over > > a 1.5-year period (the non-freeze timeframe) roughly 6 new upstream > > kernels will be released, and each new kern

Processed: bug 613922 is forwarded to https://bugs.freedesktop.org/show_bug.cgi?id=34462

Processing commands for cont...@bugs.debian.org: > forwarded 613922 https://bugs.freedesktop.org/show_bug.cgi?id=34462 Bug #613922 [linux-2.6] linux: Radeon DRM doesn't initialise properly (firmware fails to load?) Set Bug forwarded-to-address to 'https://bugs.freedesktop.org/show_bug.cgi?id=344

Re: [cut-team] For discussion: security support strategy for the wheezy kernel

On Fri, 18 Feb 2011, Michael Gilbert wrote: > This will also help to provide a bit more stability for CUT [0]. Over > a 1.5-year period (the non-freeze timeframe) roughly 6 new upstream > kernels will be released, and each new kernel comes along with a high > probability of introducing breakage.

Processed: Re:

Processing commands for cont...@bugs.debian.org: > fixed 520668 2.6.37-1 Bug #520668 [linux-2.6] Enable syn cookies by default There is no source info for the package 'linux-2.6' at version '2.6.37-1' with architecture '' Unable to make a source version for version '2.6.37-1' Bug Marked as fixed

Processed: your mail

Processing commands for cont...@bugs.debian.org: > fixed 520668 2.6.37 Bug #520668 [linux-2.6] Enable syn cookies by default There is no source info for the package 'linux-2.6' at version '2.6.37' with architecture '' Unable to make a source version for version '2.6.37' Bug Marked as fixed in ver