Hello, On Sat, Jun 10, 2023 at 12:47 PM Samuel Thibault <samuel.thiba...@gnu.org> wrote: > Do you think about anything else to announce?
Not an announcement, but please consider backporting 346b6eab3c14ead0b716d53e2235464b822f48f2 "hurd: Run init_pids () before init_dtable ()" if it's not too late (or doing it after release if it is too late). This was an important fix; currently ctty handling is completely broken in Debian. Maybe mention the 'setauth (19)' vulnerability getting fixed? (For anyone who's not heard of this: yes, it was that easy to get root access. This was the fifth major vulnerability that I reported.) Sergey
