I need to have builds/tests of security updates for Dapper through Gutsy
for a number of updates.
I've already merged fixes for the following CVEs:
* CVE-2007-3107 - e f -
* CVE-2007-5966 - e f g
* CVE-2007-6063 d e f g
* CVE-2007-6151 d e f g
* CVE-2007-6206 d e f g
* CVE-2007-6417 d e f g
* CVE-2008-0001 d e f g
And incorporated fixes from the NFSv4 regression (bug 164231) needed in
Feisty and Gutsy. They are in the security git trees:
The following CVE needs more attention from the kernel team, as it did
not merge cleanly:
It is fixed with upstream commits:
I would also ask that Dapper's update be regenerated to include all the
outstanding updates in 2.6.15-51.65 (which hasn't been released yet,
pending the 6.06.2 publication, which just happened). When doing the
upload to jackass, all packages tied to the Dapper kernel ABI need to be
version-bumped as well, and uploaded to jackass so that people only
using -updates will have a sane view of what to install.
These updates are rather urgent (due to CVE-2008-0001).
Let me know if I can help further, I want to make sure this gets
published before the Distro Sprint.
kernel-team mailing list