1. Forum
  2. Usenet
  3. LINUX.DEBIAN.KERNEL

  • Bug#1106070: Raising the severity?

    From Salvatore Bonaccorso@1:229/2 to Roland Clobus on Sun May 25 16:50:01 2025
    XPost: linux.debian.bugs.dist, linux.debian.maint.boot, linux.debian.devel.release
    From: carnil@debian.org

    Hi Roland,

    Thanks for your feedback.

    On Sun, May 25, 2025 at 11:37:17AM +0200, Roland Clobus wrote:
    Hi,

    I saw in the PTS that an unblock was granted. Please block linux-image 6.12.29 again and wait for the pending upload instead.

    Should the priority be raised to the next level above 'Important'?

    Pro/Con:
    + With 6.12.29 additional security fixes get in
    - With 6.12.29 all live images will cease to boot to live mode

    I see your point and having though the ITS mitigations in my opinion
    is more important. But stepping a bit back I fully understand as well
    your point of view.

    Cyril and Debian boot people, would you actually want to not get
    6.12.29-1 into trixie?

    FWIW, the next upload *will* include a fix for the loop issue. I have
    already imported 6.12.30 for the packaging and marked the loop fix as
    to be backported to 6.12.

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)
  • From Cyril Brulebois@1:229/2 to All on Sun May 25 17:10:02 2025
    XPost: linux.debian.bugs.dist, linux.debian.maint.boot, linux.debian.devel.release
    From: kibi@debian.org

    Hi,

    To be honest, I almost asked what the plans were for 6.12.29-1 regarding
    this issue, and whether Severity: important was appropriate. But I got
    busy with other things and let this fly…

    Salvatore Bonaccorso <carnil@debian.org> (2025-05-25):
    I see your point and having though the ITS mitigations in my opinion
    is more important. But stepping a bit back I fully understand as well
    your point of view.

    Cyril and Debian boot people, would you actually want to not get
    6.12.29-1 into trixie?

    Regarding the installer itself, I'm fine with either having .29 then .30
    or just waiting for .30. I definitely can see how live people might want
    to avoid a known broken kernel's reaching testing though.

    FWIW, the next upload *will* include a fix for the loop issue. I have
    already imported 6.12.30 for the packaging and marked the loop fix as
    to be backported to 6.12.

    Great news!


    Cheers,
    --
    Cyril Brulebois (kibi@debian.org) <https://debamax.com/>
    D-I release manager -- Release team member -- Freelance Consultant

    -----BEGIN PGP SIGNATURE-----

    iQIzBAABCgAdFiEEtg6/KYRFPHDXTPR4/5FK8MKzVSAFAmgzMG8ACgkQ/5FK8MKz VSD+gQ//b8WdFLU4tPF97gbhkv7NO2OnDkaslP2mpSzu07ycyOFf4nokWIU9rFax ZPnJGIl8rXeYORHT9e3GKbCpyTR9VD7QgYYnfj28m43zXXvO5AedmVPRWBBUgsCe Bgtu67Z6gfV1vqIhSW6jCDfhTXtzqZNpRfVuADWQaflRJXVHNfPjRaGeGVO1o1LZ q1ek1UYS2u3H6I2anLVF+FryFOyquHj1dqBVEA6ql6sq5ig2U3cJd+Em0Nyt/6+B zoXgOOw0OyipgOPJtzJ8pT6uIQCmS3l9ZdijWQPZLeV66l1Yr/tXqiZeJvcIIXii +ZKvYUOtdjJU2f92vVYI9UGpGo77syT6Kago6YGVWhatke1QtAiyTXtZhhuWeS5h bLbEVDEBFti4AzD5L9VO6LU2lRbson9dm9de/FqMJ7JBhY3mPLi0lHFUUXlNNBzN I9HbVlzKzFcauc6V3K0K/6yGuPtpgiyLofaLWE8vZtCHJSejOrTVK6c1JGTpG65X lM8pqMRaqzz4R9svidr84NFw3wsWPxuI8lHRPy7qqRp2Huf8xGSHyCCwBZKzMIsv VmCtJJ8GpkQvTRf/ABTNjkTtCksuVQJZmtbexUZCu8bwgW2L6qHmRrC5iU0Qm2PC GRiqzStAlg3OKkmMaGYgUwdDpomjllKwSaFh0hgNsgkVl/ZN2UA=
    =gqvC
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    *
  • From Salvatore Bonaccorso@1:229/2 to Roland Clobus on Sun May 25 20:40:01 2025
    XPost: linux.debian.bugs.dist, linux.debian.maint.boot, linux.debian.devel.release
    From: carnil@debian.org

    Control: severity -1 serious

    Hi Roland, hi Cyril,

    On Sun, May 25, 2025 at 05:44:42PM +0200, Roland Clobus wrote:
    Hello,

    On 25/05/2025 17:00, Cyril Brulebois wrote:
    Hi,

    To be honest, I almost asked what the plans were for 6.12.29-1 regarding this issue, and whether Severity: important was appropriate. But I got
    busy with other things and let this fly…

    Salvatore Bonaccorso <carnil@debian.org> (2025-05-25):
    I see your point and having though the ITS mitigations in my opinion
    is more important. But stepping a bit back I fully understand as well your point of view.

    Cyril and Debian boot people, would you actually want to not get 6.12.29-1 into trixie?

    Regarding the installer itself, I'm fine with either having .29 then .30
    or just waiting for .30. I definitely can see how live people might want
    to avoid a known broken kernel's reaching testing though.

    FWIW, the next upload *will* include a fix for the loop issue. I have already imported 6.12.30 for the packaging and marked the loop fix as
    to be backported to 6.12.

    If 6.12.30 is nearly ready to be uploaded, I would propose to skip 6.12.29 and have 6.12.30 in (perhaps even faster than with a 10 day delay)

    If we were to have 6.12.29, the live images based on trixie will be untestable and we would fly blind regarding trixie until 6.12.30 lands
    there. We are currently unable to test the live images based on sid, which
    is already a bit uncomfortable to me, I have even considered writing a hack to use the trixie kernel instead.

    So 6.12.27 in trixie and 6.12.30 in sid seems the better option to me.

    While I think the ITS mitigations would be important, I do not want to
    have your life harder working on the life images. Let's raise the
    severity of this bug to RC and it will be fixed with the next upload
    to unstable.

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)