Your message dated Sun, 6 Jun 2021 06:35:51 +0200 with message-id <66a78b81-f4aa-0478-93f1-7dde9c138...@debian.org> and subject line Re: Bug#988442: unblock: linux/5.10.40-1 has caused the Debian Bug report #988442, regarding unblock: linux/5.10.40-1 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 988442: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988442 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock X-Debbugs-Cc: car...@debian.org Dear release team, As you know we follow the respective stable series as well in a stable release, and usually this is then done in point releases (exceptionally as well via a DSA). Now I know the time for bullseye is tight, but I would still like to followup with a stable series import in unstable, but wanted to double check with you in aprticular if there are ny timing issues with d-i. I would plan to upload based ideally on 5.10.37 because it will cover a big amount of bufixes but particularly recent CVEs which are important to have covered in bullseye already soon. Currently already covered in the imports done in git and in the packaging pending are CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2021-3489, CVE-2021-3490, CVE-2021-3491, CVE-2021-3493, CVE-2021-3501, CVE-2021-3506, CVE-2021-23133, CVE-2021-23134, CVE-2021-29155, CVE-2021-31829, but I would want do cover as well the recent FragAttack fixes (not yet worked on). In the packaging itself there will be additional changes pending currently they are: [ Vincent Blut ] * [x86] sound/soc/intel: Enable SND_SOC_INTEL_CATPT as module (Closes: #986822) * [x86] sound/soc/intel/boards: Enable SND_SOC_INTEL_BDW_RT5650_MACH as module * drivers/input/rmi4: Enable RMI4_F3A (Closes: #986848) * [armhf] drivers/gpio: Enable GPIO_MXC as module (Closes: #987019) * [x86] drivers/misc/mei: Enable INTEL_MEI_TXE, INTEL_MEI_HDCP as modules (Closes: #987281) All of those are for better hardware support. [ Uwe Kleine-König ] * [arm64] Enable more options for NXP's i.MX8 (Closes: #985862) Samewise. [ Salvatore Bonaccorso ] * vfs: move cap_convert_nscap() call into vfs_setxattr() (CVE-2021-3493) * Refresh "Makefile: Do not check for libelf when building OOT module" * [rt] Drop "xfrm: Use sequence counter with associated spinlock" * Bump ABI to 7 * Refresh "tools/include/uapi: Fix <asm/errno.h>" * Revert "net/sctp: fix race condition in sctp_destroy_sock" * sctp: delay auto_asconf init until binding the first addr (CVE-2021-23133) * net/nfc: fix use-after-free llcp_sock_bind/connect (CVE-2021-23134) * bpf, ringbuf: Deny reserve of buffers larger than ringbuf (CVE-2021-3489) * bpf: Prevent writable memory-mapping of read-only ringbuf pages * bpf: Fix alu32 const subreg bound tracking on bitwise operations (CVE-2021-3490) * io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers (CVE-2021-3491) Various CVE fixes (which will though go as well partially in 5.10.37 directly), the FragAttack CVEs are not yet included. The RT patch which can be dropped after checking with Sebastian Andrzej Siewior. An ABI bump included, note that the changes are quite massive up to 5.10.37, (5.10.37 will contain approximately 530 upstream commits, 5.10.36 was as well with 300 a bigger one). I realize this might scary, but in the end this is the stragegy we necessarily need to follow to keep up with upstream stable releases. [ Vagrant Cascadian ] * [arm64] Disable USB type-C DisplayPort in pinebook pro device-tree. * [arm64] Enable TYPEC_FUSB302, SND_SOC_ES8316, TYPEC and TYPEC_TCPM as modules. (Closes: #987638) [ Michal Simek ] * [arm64] Enable clock driver for Xilinx ZynqMP SoC Additional support for hardware in the arm64 area. [ Valentin Vidic ] * [s390x] udeb: Include standard scsi-modules containing the virtio_blk module (Closes: #988005) "Acked"/wished by KiBi, to align s390x installer support to the other architectures. The current state is at https://salsa.debian.org/kernel-team/linux/-/tree/sid Let me know what you think of it, I would in any case send the usual "Upload announcement" to the various involved teams before the upload summarizing again the changes. Regards, Salvatore
--- End Message ---
--- Begin Message ---> This happened, so this bug can be closed now. Intended to do so already... PaulOpenPGP_signature
Description: OpenPGP digital signature
--- End Message ---