Better living through software

Ben Hutchings's diary of life and technology

Email: ben@decadent.org.uk • Twitter: @benhutchingsuk • Debian: benh • Gitweb: git.decadent.org.uk • Github: github.com/bwhacks

Wed, 31 Oct 2018

Debian LTS work, October 2018

I was assigned 15 hours of work by Freexian's Debian LTS initiative and carried over 4 hours from September. I worked all 19 hours.

I released security updates for the linux (DLA 1529-1) and linux-4.9 (DLA 1531-1) packages. I prepared and released another stable update for Linux 3.16 (3.16.60), but have not yet included this in a Debian upload. I also released a security update for libssh (DLA 1548-1).

posted at: 22:26 | path: / | permanent link to this entry

Mon, 01 Oct 2018

Debian LTS work, September 2018

I was assigned 15 hours of work by Freexian's Debian LTS initiative and carried over 18 hours from July and August. I worked 29 hours and therefore carry over 4 hours to October.

I prepared and released a stable update for Linux 3.16, and prepared a second stable update (3.16.59) which is now under review. This required substantial work to backport mtitigations for Speculative Store Bypass (CVE-2018-3639) and L1 Terminal Fault (kernel) (CVE-2018-3620), and other changes that they depend on. I also rebased jessie's linux package in preparation to release a security update early in October.

posted at: 13:50 | path: / | permanent link to this entry

Thu, 13 Sep 2018

Debian LTS work, August 2018

I was assigned 15 hours of work by Freexian's Debian LTS initiative and carried over 8 hours from July. I worked only 5 hours and therefore carried over 18 hours to September.

I prepared and uploaded updates to the linux-4.9 (DLA 1466-1, DLA 1481-1) and linux-latest-4.9 packages.

posted at: 12:54 | path: / | permanent link to this entry

Fri, 24 Aug 2018

Debian LTS work, July 2018

I was assigned 15 hours of work by Freexian's Debian LTS initiative and carried over 3 hours from June. I worked 10 hours and therefore carried over 8 hours to August.

I uploaded an update to the linux package with fixes for a large number of security (and other) issues (DLA-1422-1). I had to make a second update to resolve a build failure on armhf (DLA-1422-2).

Since the "jessie-backports" suite is no longer accepting updates, and there are LTS users depending on the updated kernel (Linux 4.9) there, I added the linux-4.9 (DLA-1423-1) and linux-latest-4.9 (DLA-1424-1) packages to provide an upgrade path for these users. I also updated the linux-base package (DLA-1434-1) to satisfy the dependencies of the new linux-image binary packages.

posted at: 05:28 | path: / | permanent link to this entry

Wed, 11 Jul 2018

Debian LTS work, June 2018

I was assigned 15 hours of work by Freexian's Debian LTS initiative and worked 12 hours, so I have carried 3 hours over to July. Since Debian 7 "wheezy" LTS ended at the end of May, I prepared for Debian 8 "jessie" to enter LTS status.

I prepared a stable update of Linux 3.16, sent it out for review, and then released it. I rebased jessie's linux package on this, but didn't yet upload it.

Since the "jessie-backports" suite is no longer accepting updates, and there are LTS users depending on the updated kernel (Linux 4.9) there, I prepared to add it to the jessie-security suite. The source package I have prepared is similar to what was in jessie-backports, but I have renamed it to "linux-4.9" and disabled building some binary packages to avoid conflicting with the standard linux source package. I also disabled building the "udeb" packages used in the installer, since I don't expect anyone to need them and building them would require updating the "kernel-wedge" package too. I didn't upload this either, since there wasn't a new linux version in "stretch" to backport yet.

posted at: 02:46 | path: / | permanent link to this entry