On Thu, 2018-05-03 at 00:06 +0100, Dominic Hargreaves wrote:
> On Tue, May 01, 2018 at 05:12:02PM +0000, Ben Hutchings wrote:
> > -
> > Debian Security Advisory DSA-4187-1 secur...@debia
On Mon, 2022-07-04 at 22:17 +0200, Kurt Roeckx wrote:
> On Sun, Jul 03, 2022 at 03:49:12PM +0000, Ben Hutchings wrote:
> >
> > For the oldstable distribution (buster), these problems have been
> > fixed in version 4.19.249-2.
>
> It seems that linux-image-amd64 does
r message for this,
but I'm not exactly sure. It should be verified that this detection
will work the way you expect, so that the error message doesn't change
and create a support burden for the installer team.
Currently kernel-wedge generates the udeb package names and would need
On Mon, 2009-02-09 at 05:17 +, Debian Installer wrote:
> Changes: bind9 (1:9.5.1.dfsg.P1-1) unstable; urgency=low
> .
> * New upstream patch release
> - supportable version of fix from 9.5.0.dfsg.P2-5.1
> - CVE-2009-0025: Closes: #511936
> - 2475: Overly agressive cache entry re
tant changes pending, including a fix for a
regression in 2.6.32-40 (currently in stable-proposed-updates). I can
probably make an upload this weekend, but cannot promise that a further
upload will not be needed. We need some testing of the isci driver
(added in 2.6.32-40) and more generally regres
On Mon, 2012-01-30 at 11:05 +0100, Yves-Alexis Perez wrote:
> (adding few CC:s to keep track on the bug)
>
> On dim., 2012-01-29 at 21:26 +0000, Ben Hutchings wrote:
> > On Sun, 2012-01-29 at 20:57 +0100, Yves-Alexis Perez wrote:
> > > On dim., 2012-01-29 at 18:22 +0
need to investigate and try
> that a bit.
>
> Ben, what would kernel team think of that?
I don't speak for the whole team, but I don't see that it solves any
problem. You would have to Build-Depend on exact versions of
linux-source, so that you know your external patches will ap
On Wed, Feb 01, 2012 at 06:41:43PM +0100, Yves-Alexis Perez wrote:
> On mer., 2012-02-01 at 14:32 +0000, Ben Hutchings wrote:
> > On Wed, 2012-02-01 at 10:51 +0100, Yves-Alexis Perez wrote:
> > > On mer., 2012-02-01 at 10:34 +0100, Wouter Verhelst wrote:
> > > > On W
rking on user-space hardening.
> Well IMHO, at best, one should never need to rund anything from outside
> the Debian archives ;)
Wishing it so doesn't make it practically possible.
Ben.
--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
andom, but credited as providing only a fraction of a bit of
entropy.
get_random_bytes() was changed to not use an architectural HWRNG.
get_random_int() and get_random_bytes_arch() will use it and it is
documented that they are not suitable for cryptographic purposes.
Ben.
--
Ben Hutchings
Knowledge is power. France is bacon.
signature.asc
Description: This is a digitally signed message part
ing
> patches for GRSecurity and LSM/SELinux and doing this for every new Debian
> kernel package and new version of GRSecurity and LSM/SELinux.
>
> http://packages.debian.org/jessie/linux-patch-grsecurity2
[...]
I bet it doesn't apply to 3.2.y any more... no, it doesn't. B
11 matches
Mail list logo
