Hi Colin,
On Sat, Oct 05, 2019 at 10:39:29PM +0100, Colin Watson wrote:
> Package: release.debian.org
> Severity: normal
> Tags: buster
> User: release.debian.org@packages.debian.org
> Usertags: pu
>
> https://bugs.debian.org/941663 reports an OpenSSH regression on old
> kernels prompted by the interaction between an OpenSSL update and a
> seccomp filter; https://bugs.debian.org/941665 and
> https://github.com/openssh/openssh-portable/pull/149 have more details.
> The patch is an easy one to cherry-pick, and I've attached the resulting
> diff. I'd like approval to upload it.
>
> I'm not sure where's best to upload this to. Although I've filed this
> as a stable update request, there's an argument that perhaps it should
> be issued through the same channels as the OpenSSL update
> (stable-security and then copied to stable-proposed-updates, according
> to https://tracker.debian.org/pkg/openssl), so I've CCed team@security.
> Any advice?
Okay let's be on the safe side and update openssh for this functional
regression via buster-security.
Can you adjust the changelog accordingly and upload to
security-master? (Make sure to build with -sa, and to not include a
_{arch}.buildinfo file in case you perform a source only upload).
Regards,
Salvatore
Attachment:
signature.asc
Description: PGP signature