1. Forum
  2. Usenet
  3. LINUX.DEBIAN.SECURITY

  • Re: [SECURITY] [DSA 5173-1] linux security update

    From Kurt Roeckx@21:1/5 to Ben Hutchings on Mon Jul 4 22:30:01 2022
    On Sun, Jul 03, 2022 at 03:49:12PM +0000, Ben Hutchings wrote:

    For the oldstable distribution (buster), these problems have been
    fixed in version 4.19.249-2.

    It seems that linux-image-amd64 does not depend on
    linux-image-4.19.0-21-amd64 but still on linux-image-4.19.0-20-amd64,
    so the fixed version does not get installed on an apt upgrade.


    Kurt

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ben Hutchings@21:1/5 to Kurt Roeckx on Tue Jul 5 00:10:01 2022
    On Mon, 2022-07-04 at 22:17 +0200, Kurt Roeckx wrote:
    On Sun, Jul 03, 2022 at 03:49:12PM +0000, Ben Hutchings wrote:

    For the oldstable distribution (buster), these problems have been
    fixed in version 4.19.249-2.

    It seems that linux-image-amd64 does not depend on linux-image-4.19.0-21-amd64 but still on linux-image-4.19.0-20-amd64,
    so the fixed version does not get installed on an apt upgrade.

    Maybe it wasn't released at the same time, but I uploaded linux-latest
    on 30th June and the binaries are certainly available now.

    Ben.

    --
    Ben Hutchings - Debian developer, member of kernel, installer and LTS
    teams

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmLDYzsACgkQ57/I7JWG EQlMvxAAh44siUJ7OmdanM91jLvelWOZq2IsOYTFpTa9580R33f1K6l1wG3By+xz mbnXrynpjQDrKbcsx4C1ie1HDJ84MrVcAokYnUCnA4fYzpGHrDHaSzdzAv4q+Ou1 Ddnm/OmXVpku+85xcjfYTHPbZP02Tj5t4he+dkNF7dFjvCc8vD5RqLOIJEGKFfjy OQSlCgmi8geJyLvPnXdJMEsCjcuYkwkLj9uYF7+XzchpZYMb7fmByPnE2FDsQf32 j7ZbjFbULmOlbMoHgqe3x65GSOMQUDy0+D6oIwhfQQFmbIB9my8ofkntdugrspA8 Mpb416H9etx1Ufs5V74YW5NQ5Jd7wPWBts6nXag8M5JKylAOM6wMnjV+eE7ekaaX IMLKai9cVeSYl7im1KyPa8HvMYijg9hkKBxstLJyetfh/U+Y6hfVJJUyGr4u0wWR xKjMdJSwSbFqEGgfSQldvkHRo895sGEsxm5z3utDPf9n3an1q8Qw9huR8tX4JNc5 x4Dw0cmANEDItM5qCudKXAk9RHjMN0JIt2LjUoS38MpAcMX2zn3KMa0TTKYXg2hl Ei5lowexR0BeLIKqcH16WKu89yTl9jSADXzsXz/kMSFqGebplVbyClMSJMq2xNJr GyBlw6KP9BT2qvG3eoBZMIBIFY3qORnRLns3jQWpy+HLezep3BU=
    =b8mG
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Salvatore Bonaccorso@21:1/5 to Ben Hutchings on Wed Jul 6 12:50:01 2022
    On Tue, Jul 05, 2022 at 12:01:31AM +0200, Ben Hutchings wrote:
    On Mon, 2022-07-04 at 22:17 +0200, Kurt Roeckx wrote:
    On Sun, Jul 03, 2022 at 03:49:12PM +0000, Ben Hutchings wrote:

    For the oldstable distribution (buster), these problems have been
    fixed in version 4.19.249-2.

    It seems that linux-image-amd64 does not depend on linux-image-4.19.0-21-amd64 but still on linux-image-4.19.0-20-amd64,
    so the fixed version does not get installed on an apt upgrade.

    Maybe it wasn't released at the same time, but I uploaded linux-latest
    on 30th June and the binaries are certainly available now.

    In fact all the packages were pushed out at the same time and the
    advisory went out only after dak confirmed they are installed; maybe
    there was an issue on syncing up on some security mirrors?

    Probably not worth to dig into it further now though.

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)