Package: linux-vulnerability-mitigation
Version: 20260519.1-1
Severity: important
Tags: security
X-Debbugs-Cc: [email protected], Debian Security Team
<[email protected]>
Hello there!
Firstoff, thanks for creating and maintaining this useful package.
Really appreciated.
I installed it on one box some versions ago and I decided to test it on other
boxes, as well.
However, I have just found that linux-vulnerability-mitigation/20260519.1-1
(currently in Debian unstable) fails to cleanly install, if I choose the
manual mode to select mitigations:
# aptitude install linux-vulnerability-mitigation
The following NEW packages will be installed:
linux-vulnerability-mitigation
[...]
Preconfiguring packages ...
find: ‘/usr/share/linux-vulnerability-mitigation/mitigations’: No such file
or directory
Selecting previously unselected package linux-vulnerability-mitigation.
[...]
A debconf dialog appears and asks the user to choose a method to select
mitigations. If I choose "manual", the following happens:
Usage: linux-vulnerability-mitigation install
-m|--mitigation={MITIGATION|MITIGATION1,MITIGATION2,...|ALL}
See linux-vulnerability-mitigation-install(1),
linux-vulnerability-mitigation(1) and linux-vulnerability-mitigation(7) for
more information.
dpkg: error processing package linux-vulnerability-mitigation (--configure):
old linux-vulnerability-mitigation package postinst maintainer script
subprocess failed with exit status 1
Processing triggers for man-db (2.13.1-1)…
Errors were encountered while processing:
linux-vulnerability-mitigation
E: Sub-process /usr/bin/dpkg returned an error code (1)
Setting up linux-vulnerability-mitigation (20260519.1-1)…
Usage: linux-vulnerability-mitigation install
-m|--mitigation={MITIGATION|MITIGATION1,MITIGATION2,...|ALL}
See linux-vulnerability-mitigation-install(1),
linux-vulnerability-mitigation(1) and linux-vulnerability-mitigation(7) for
more information.
dpkg: error processing package linux-vulnerability-mitigation (--configure):
old linux-vulnerability-mitigation package postinst maintainer script
subprocess failed with exit status 1
Errors were encountered while processing:
linux-vulnerability-mitigation
After purging the package, I tried to install it again, but this time I chose
"none".
The installation succeeded.
But, needless to say, there was no debconf dialog to manually select the
mitigations.
I could however manually install the mitigations I needed with:
$ linux-vulnerability-mitigation check
$ linux-vulnerability-mitigation status
# linux-vulnerability-mitigation install -m CVE-2026-43494
Maybe I will stick to the "none" mode and manage mitigations with the
above commands.
But I think the "manual" mode should be fixed (or dropped entirely).
Please fix this bug.
Thanks for your time and dedication!
-- System Information:
Debian Release: forky/sid
APT prefers testing
APT policy: (800, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 7.0.9+deb14-amd64 (SMP w/12 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages linux-vulnerability-mitigation depends on:
ii debconf [debconf-2.0] 1.5.92
linux-vulnerability-mitigation recommends no packages.
Versions of packages linux-vulnerability-mitigation suggests:
ii bash-completion 1:2.16.0-8
-- debconf information:
* linux-vulnerability-mitigation/mitigations:
linux-vulnerability-mitigation/title:
* linux-vulnerability-mitigation/mode: none
