Your message dated Thu, 21 Nov 2024 18:19:30 +0000
with message-id <[email protected]>
and subject line Bug#1087718: fixed in debian-security-support 1:13+2024.11.21
has caused the Debian Bug report #1087718,
regarding debian-security-support: Please mark intel-mediasdk as unsupported 
for bullseye
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
1087718: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087718
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: debian-security-support
Severity: normal
Tags: security
X-Debbugs-Cc: Debian Security Team <[email protected]>, Freexian Debian 
LTS <[email protected]>

Hi

I'm going to prepare a MR to add intel-mediasdk to be added to
security-support-ended.deb11.

(I've sent this mail originaly to the LTS team mailing list, quoting for
context. Conclusion was to drop support for intel-mediasdk for LTS,
especially as a RM bug has been filed too, #1082801)


    TL;DR: I was triaging intel-mediasdk and I'd propose either ignore the 
package
    or updating to the version in bookworm for partial fixing.
    
    Please share your thoughts!
    
    Updating would fix CVE-2022-27170 CVE-2022-34346 CVE-2022-34841
    CVE-2022-35883 and CVE-2022-36289.
    
    The remaining are CVE-2023-45221 CVE-2023-47169
    CVE-2023-47282 CVE-2023-48368 and CVE-2023-48727 and should probably
    marked as "ignored" as the security team did for bookwom
    (For completeness, CVE-2023-22656 is marked "no-dsa" for bookworm,
    not enough informatio to fix that one either.)
    
    intel-mediadsk is dead upstream since May 17, 2023 and for all their
    CVEs there is no information beside that there is a Intel SAA available.
    The SAA are basically nothing-saying, except that some of the CVES state
    that upstream version 22.2.2 fixes them, backed up by the information in
    the Intel SAA.  Bookworm is at 22.5.4.
    
    The remaining CVEs have never been fixed upstream and Intel made it
    clear that they won't. The successor of mediasdk is onevpl and while
    onevpl has bascially the same CVEs (which have been fixed upstream
    according to the SAAs) it lacks enough information to be able to hunt
    down required patches. Alas, I even cannot find the source for the
    openvpl version claiming that it fixes the bugs at all (the repo the
    Debian package links to has only a very old version or the upstream
    versions numbers refer to some other piece of software...)

--
tobi

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message ---
Source: debian-security-support
Source-Version: 1:13+2024.11.21
Done: Holger Levsen <[email protected]>

We believe that the bug you reported is fixed in the latest version of
debian-security-support, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Holger Levsen <[email protected]> (supplier of updated debian-security-support 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 21 Nov 2024 13:54:29 +0100
Source: debian-security-support
Architecture: source
Version: 1:13+2024.11.21
Distribution: unstable
Urgency: medium
Maintainer: Debian Security Team <[email protected]>,
Changed-By: Holger Levsen <[email protected]>
Closes: 1087718
Changes:
 debian-security-support (1:13+2024.11.21) unstable; urgency=medium
 .
   [ Holger Levsen ]
   * Add intel-mediasdk to security-support-ended.deb12. Closes: #1087718
 .
   [ Tobias Frost ]
   * Add intel-mediasdk to security-support-ended.deb11. Closes: #1087718
Checksums-Sha1:
 6bce296225a162f21d03c2e8503e4789b7629abf 1909 
debian-security-support_13+2024.11.21.dsc
 f1eb9c787958a47ede1a61aa9abb256c43b3d93f 35520 
debian-security-support_13+2024.11.21.tar.xz
 b5f5600b445af6fd2463a046274e81e56172291d 8531 
debian-security-support_13+2024.11.21_source.buildinfo
Checksums-Sha256:
 40cb556b8eac40d0372041bbf1004d630ca6a1f746ab928ac0815ba9c55e1c97 1909 
debian-security-support_13+2024.11.21.dsc
 909d4a54bb3bff5d8a266cb3099e1acc3f3f7a988e69711c8766d11f51d68590 35520 
debian-security-support_13+2024.11.21.tar.xz
 74a11bafb805422f98840d0f4211a93be911e16d105f1287e294872be0c56a73 8531 
debian-security-support_13+2024.11.21_source.buildinfo
Files:
 78399a87a9d5a55c8fa9078c8bf75979 1909 admin optional 
debian-security-support_13+2024.11.21.dsc
 57dd7a8a06f69b76246af86c3014f705 35520 admin optional 
debian-security-support_13+2024.11.21.tar.xz
 175440fb4b2f555b66800dee5efeea2f 8531 admin optional 
debian-security-support_13+2024.11.21_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAmc/dSwACgkQCRq4Vgaa
qhwx6g//c37951w9jfTvKaFuFrOTVJ75Pf4sX67hah4liYXGsSAM7ec24ezMtS9E
ScgF6vxdAVpyrC4wCgAGjwvuYLfTASoDKSH4dVT0oN0S4VShpsvrPAH6P7Ys6Mzc
Y4WZ7xkjIEZiuFM7CD0IGs9DGvzHwVeyLdxh59xkXCMeVi7JQVAp5Qa4ieb5n36D
Fhw8VS8ji9zpWJ+Gpuit6zQSXq03svW66S0chOgCG2duwkE0mtqybwSU3MAhc3IX
yAuetFwllSzLAItBDJQr0Be6mlP/BbSMuSSgQNkPz0AyHuEkrYpO8A6FTEGmXukx
0GYqcCZPjOVot2lBDH7qBgdbmHml0R1FW4YvqBxsC5M0YYUV3sWfxC5RMjGp8iwD
HuW2hy7MIJ6TiPR/u5FIbsgx648RwgMuyNQR8jg0+9Q/TMAgq0K7uCb2IeO9sBrV
pbwQDksrrdzoZKKXPflmWx2vVU0oF1hDThS0VcHp0QjMBfouOHKegAfddDdRHJAL
aGxCP6B3h3J4wBolBJJ91tqUiBvpyrV8ZObABBKr1Z6FsPL7p8uXLtAVf6FiE3Gc
zb1eWnPM9i2M0jdcPWlG1HAzV4kKsfHENMRBVCsiyb5LKSkYobovcG9+L1WXOWYo
IhJzL8lpROebbJTiTFkuHbkVNWA+f4XMjoaZ5zwAySrLPOb/O4E=
=dtu5
-----END PGP SIGNATURE-----

Attachment: pgpCGHsBrLEKA.pgp
Description: PGP signature


--- End Message ---

Reply via email to