Re: Linux kernel vulnerabilities in unstable

On Sun, 5 Jul 2009 21:41:15 -0400 Michael S Gilbert wrote:

[...]
> > http://security-tracker.debian.net/tracker/CVE-2009-1758
> > commit ???
> > applied to upstream version ???
> > see ???
> > fix present in upstream version 2.6.30: I don't know
> >   help!  the fix seems to be
> >   http://lists.xensource.com/archives/html/xen-devel/2009-05/msg00561.html
> >   but arch/i386/kernel/entry-xen.S is not even present in
> >   linux-2.6_2.6.30.orig.tar.gz
> 
> this is a xen patch, which i haven't really dealt with before.  i'll
> have to ask around to figure out how xen is integrated.

Should a grave bug be filed against the linux-2.6 source package, in
order to prevent its migration to testing until this regression is
fixed (or confirmed to be already fixed)?
Are you willing to do that, or do you prefer that I file the bug by
myself? 

> 
> tracker updated.

The CVE tracker pages seem to be correctly updated.
Thank you!


-- 
 New location for my website! Update your bookmarks!
 http://www.inventati.org/frx
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

pgp5DWT1YWm02.pgp
Description: PGP signature