On 2024-05-15 at 03:05, Hans wrote:

> Dear developers,

As usual, most of us here are not Debian developers, even if some of us
may be software developers.

> in April 2024 the security hole CVE-2023-6546 was discovered in linux-image, 
> and I believe, it 
> is fixed in kernel 6.1.0 (from debian/stable) as soon after this a new kernel 
> was released.
> However, there is no new kernel 6.5.0-*-bpo released at that time, so my 
> question: 
> Does anyone know, if this fix was also integrated in kernel 6.5.0-*.bpo ?

I don't have a definitive answer, but you might look at:


The only place it mentions 6.5 is in the Notes section, where it
mentions 6.5-rc7 (with a kernel.org link) in the context of a statement
that the Linux kernel in Debian buster does not include the vulnerable

I would therefore suspect that any 6.5.x kernel probably was not
affected by this vulnerability to begin with.

   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man.         -- George Bernard Shaw

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to