Michael Renner <michael.ren...@amd.co.at> [120702]: > On Jun 28, 2012, at 7:18 , Ola Lundqvist wrote: > > > I do not know if there is much point in that. We can do that of course > > but as we soon have a new release without those kernels I do not > > really see the benefit of doing so. > > > As long as the Debian Squeeze kernels are actively maintained serious > regressions and/or security issues within OpenVZ should be addressed > as well. I don't care about small functionality issues since most of > the OpenVZ users are accustomed to them by now, but if something > breaks this needs to be addressed.
I am affected by that bug, as updatedb crashes inside a VZ: ================================================= 101# cat /proc/self/mountinfo cat: /proc/self/mountinfo: Cannot allocate memory ================================================= > If you don't do this, please drop the kernels altogether so that > people can build an alternate repository and don't get led into the > false assumption that Debian is taking care of them. The half-assed > approach you propose is hurting more than it helps. > > > Rationale: > > * The bug can lead to easy denial of service attacks from unprivileged > users within containers > * The (unverified?) fix for this bug is a 4 line diff. > * Wheezy Puppet includes code that reads /proc/self/mountinfo causing > puppet-managed Wheezy containers on Squeeze OpenVZ hosts to exhibit > the DoS scenario outlined above. The patch is an attachment to the archives of the openvz users mailing list. Can someone fix that? -- Benjamin Henrion <bhenr...@ffii.org> FFII Brussels - +32-484-566109 - +32-2-4148403 -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20120710145848.GA25265@localhost