Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Thu, Mar 31, 2005 at 12:08:18AM +0900, Horms wrote: On Wed, Mar 30, 2005 at 11:55:27AM -0300, Henrique de Moraes Holschuh wrote: On Wed, 30 Mar 2005, Horms wrote: It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... Yes, but the problem is that each time it changes backages have to go through a NEW cycle. I assume you mean for the binary packages? I was only paying attention to the kernel-source, kernel-patch and kernel-tree packages... To follow the current naming convention, I believe that they all would have to go through new, and also would not be an upgrade path, but a fresh install for users. No, the packages would still be kernel-*-2.6.11, but the version number would be 2.6.11.6-debianversion, yiedling stuff like : kernel-source-2.6.11_2.6.11.6-1_all.deb Which is ok, and doesn't trigger NEW. I vote for that. Friendly, Sven Luther -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Mon, 04 Apr 2005, Sven Luther wrote: No, the packages would still be kernel-*-2.6.11, but the version number would be 2.6.11.6-debianversion, yiedling stuff like : kernel-source-2.6.11_2.6.11.6-1_all.deb Which is ok, and doesn't trigger NEW. I vote for that. Which is what I thought would happen. PLEASE accept this bug and number the kernel versions accordingly. We have two seconds now for this proposal, and no valid complains against it ;-) -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Mon, Apr 04, 2005 at 12:41:33PM +0200, Sven Luther wrote: On Thu, Mar 31, 2005 at 12:08:18AM +0900, Horms wrote: On Wed, Mar 30, 2005 at 11:55:27AM -0300, Henrique de Moraes Holschuh wrote: On Wed, 30 Mar 2005, Horms wrote: It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... Yes, but the problem is that each time it changes backages have to go through a NEW cycle. I assume you mean for the binary packages? I was only paying attention to the kernel-source, kernel-patch and kernel-tree packages... To follow the current naming convention, I believe that they all would have to go through new, and also would not be an upgrade path, but a fresh install for users. No, the packages would still be kernel-*-2.6.11, but the version number would be 2.6.11.6-debianversion, yiedling stuff like : kernel-source-2.6.11_2.6.11.6-1_all.deb Which is ok, and doesn't trigger NEW. I vote for that. Understood. It looks a bit weird to me, but I guess it is fine, especially as we are including the relevant patches - all of them the last time I checked. dilinger, do you have any objections? -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Mon, 2005-04-04 at 23:19 +0900, Horms wrote: On Mon, Apr 04, 2005 at 12:41:33PM +0200, Sven Luther wrote: On Thu, Mar 31, 2005 at 12:08:18AM +0900, Horms wrote: On Wed, Mar 30, 2005 at 11:55:27AM -0300, Henrique de Moraes Holschuh wrote: On Wed, 30 Mar 2005, Horms wrote: It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... Yes, but the problem is that each time it changes backages have to go through a NEW cycle. I assume you mean for the binary packages? I was only paying attention to the kernel-source, kernel-patch and kernel-tree packages... To follow the current naming convention, I believe that they all would have to go through new, and also would not be an upgrade path, but a fresh install for users. No, the packages would still be kernel-*-2.6.11, but the version number would be 2.6.11.6-debianversion, yiedling stuff like : kernel-source-2.6.11_2.6.11.6-1_all.deb Which is ok, and doesn't trigger NEW. I vote for that. Understood. It looks a bit weird to me, but I guess it is fine, especially as we are including the relevant patches - all of them the last time I checked. dilinger, do you have any objections? In the long run, I have no problem with that; however, I'd rather wait to see the tree become a bit more established. -- Andres Salomon [EMAIL PROTECTED] signature.asc Description: This is a digitally signed message part
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Mon, Mar 28, 2005 at 10:10:20AM -0300, Henrique de Moraes Holschuh wrote: Package: kernel-tree-2.6.11 Version: 2.6.11-1 Severity: grave Tags: security Justification: user security hole As usual. I feel weird filling what used to be a wishlist-level report as grave, but... Summary of changes from v2.6.11.5 to v2.6.11.6 == Chris Wright: o isofs: more defensive checks against corrupt isofs images o Linux 2.6.11.6 Herbert Xu: o Potential DOS in load_elf_library Linus Torvalds: o isofs: Handle corupted rock-ridge info slightly better o isofs: more corrupted iso image error cases Marcel Holtmann: o Fix signedness problem at socket creation Mathieu Lafon: o Suspected information leak (mem pages) in ext2 With the exception of the load_elf_library problem, which I will check on now, I believe I have patches for the rest in SVN as neccessary for: kernel-source-2.6.11: http://svn.debian.org/wsvn/kernel/trunk/kernel/source/kernel-source-2.6.11-2.6.11/debian/changelog?op=filerev=0sc=0 kernel-source-2.6.8: http://svn.debian.org/wsvn/kernel/trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog?op=filerev=0sc=0 kernel-source-2.4.27: http://svn.debian.org/wsvn/kernel/trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog?op=filerev=0sc=0 If you could take a moment to verify this I would be most appreciative. I have some recent builds that include these patches at http://debian.vergenet.net/testing/. Though please note, I have not taken much care with version numbering of the packages. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Processed: Re: Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
Processing commands for [EMAIL PROTECTED]: tag 301799 +pending Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6 Tags were: security Tags added: pending thanks Stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator (administrator, Debian Bugs database) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
tag 301799 +pending thanks Hi, I have now applied the fix for the load_elf_library DOS to 2.6.11, 2.6.8 and 2.4.27 in SVN and will run some builds. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Wed, 30 Mar 2005, Horms wrote: With the exception of the load_elf_library problem, which I will check on now, I believe I have patches for the rest in SVN as neccessary for: I have checked 2.6.11 (looked it over, I am not running 2.6.11 here yet), and it looks OK. It would be a very good thing if we kept 2.6.11 in sync with 2.6.11.X, including the numbering (i.e. next upload should be kernel-source-2.6.11, package version 2.6.11.6-1). -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Wed, Mar 30, 2005 at 10:17:18AM -0300, Henrique de Moraes Holschuh wrote: On Wed, 30 Mar 2005, Horms wrote: With the exception of the load_elf_library problem, which I will check on now, I believe I have patches for the rest in SVN as neccessary for: I have checked 2.6.11 (looked it over, I am not running 2.6.11 here yet), and it looks OK. It would be a very good thing if we kept 2.6.11 in sync with 2.6.11.X, including the numbering (i.e. next upload should be kernel-source-2.6.11, package version 2.6.11.6-1). I agree it would be good to sync up the patches, but I don't think there is any need to include the .6 in the debian version as we never did this for 2.6.8. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Wed, 30 Mar 2005, Horms wrote: with 2.6.11.X, including the numbering (i.e. next upload should be kernel-source-2.6.11, package version 2.6.11.6-1). I agree it would be good to sync up the patches, but I don't think there is any need to include the .6 in the debian version as we never did this for 2.6.8. It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
Henrique de Moraes Holschuh wrote: On Wed, 30 Mar 2005, Horms wrote: with 2.6.11.X, including the numbering (i.e. next upload should be kernel-source-2.6.11, package version 2.6.11.6-1). I agree it would be good to sync up the patches, but I don't think there is any need to include the .6 in the debian version as we never did this for 2.6.8. It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... The kernel usually also includes backports from newer versions, the fourth level would thus lead to incorrect assumptions. The Debian kernel is not simply the upstream version in Debian packaging. Thiemo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Wed, Mar 30, 2005 at 11:27:19AM -0300, Henrique de Moraes Holschuh wrote: On Wed, 30 Mar 2005, Horms wrote: with 2.6.11.X, including the numbering (i.e. next upload should be kernel-source-2.6.11, package version 2.6.11.6-1). I agree it would be good to sync up the patches, but I don't think there is any need to include the .6 in the debian version as we never did this for 2.6.8. It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... Yes, but the problem is that each time it changes backages have to go through a NEW cycle. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Wed, 30 Mar 2005, Horms wrote: It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... Yes, but the problem is that each time it changes backages have to go through a NEW cycle. I assume you mean for the binary packages? I was only paying attention to the kernel-source, kernel-patch and kernel-tree packages... -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Wed, Mar 30, 2005 at 11:55:27AM -0300, Henrique de Moraes Holschuh wrote: On Wed, 30 Mar 2005, Horms wrote: It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... Yes, but the problem is that each time it changes backages have to go through a NEW cycle. I assume you mean for the binary packages? I was only paying attention to the kernel-source, kernel-patch and kernel-tree packages... To follow the current naming convention, I believe that they all would have to go through new, and also would not be an upgrade path, but a fresh install for users. -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
On Wed, Mar 30, 2005 at 04:55:57PM +0200, Thiemo Seufer wrote: Henrique de Moraes Holschuh wrote: On Wed, 30 Mar 2005, Horms wrote: with 2.6.11.X, including the numbering (i.e. next upload should be kernel-source-2.6.11, package version 2.6.11.6-1). I agree it would be good to sync up the patches, but I don't think there is any need to include the .6 in the debian version as we never did this for 2.6.8. It is much more user-friendly, and it readly provides information on the most up-to-date tree it was synced with, in aptitude/dselect/synaptic... The kernel usually also includes backports from newer versions, the fourth level would thus lead to incorrect assumptions. The Debian kernel is not simply the upstream version in Debian packaging. Yes I agree. -- Horms -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#301799: kernel-tree-2.6.11: new upstream source available: 2.6.11.6
Package: kernel-tree-2.6.11 Version: 2.6.11-1 Severity: grave Tags: security Justification: user security hole As usual. I feel weird filling what used to be a wishlist-level report as grave, but... Summary of changes from v2.6.11.5 to v2.6.11.6 == Chris Wright: o isofs: more defensive checks against corrupt isofs images o Linux 2.6.11.6 Herbert Xu: o Potential DOS in load_elf_library Linus Torvalds: o isofs: Handle corupted rock-ridge info slightly better o isofs: more corrupted iso image error cases Marcel Holtmann: o Fix signedness problem at socket creation Mathieu Lafon: o Suspected information leak (mem pages) in ext2 -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (990, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.10-debian6+libata9dev1+bluesmoke Locale: LANG=pt_BR.ISO-8859-1, LC_CTYPE=pt_BR.ISO-8859-1 (charmap=ISO-8859-1) Versions of packages kernel-tree-2.6.11 depends on: ii kernel-patch-debian-2.6.112.6.11-1 Debian patches to Linux 2.6.11 ii kernel-source-2.6.11 2.6.11-1 Linux kernel source for version 2. -- no debconf information -- One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie. -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]