On 2025-11-25 Sebastian Andrzej Siewior wrote: > I just read it. And I've been told that a proper fix is not happening > any time soon.
Some progress is happening at Red Hat side: https://github.com/tukaani-project/xz/issues/199#issuecomment-3574316280 I don't know how long it will take to be in a stable kernel. Follow the GH thread for updates. > That is the second workaround for the redhat distro if I am not > mistaken. Yes, although these are quite different issues. The first issue came from a broken patch in RHEL/CentOS 7, which some not-Red-Hat packagers decided to use to be ABI compatible with CentOS 7, and so more binaries with the ABI issue were made. In a way the problem became contagious and spread outside of RHEL/CentOS (not far but still). The current RHEL/CentOS 9 kernel issue isn't contagious in this sense, and likely it will be fixed at some point in RHEL/CentOS 9. If xz 5.8.2 is released somewhat soon, perhaps one option would be to have it in trixie-backports. Putting it into trixie-security feels odd when it's not fixing any bug in xz itself, let alone fixing a security bug. But I understand it would be more convenient to some users. Luckily I don't need to decide what Debian does. ;-) -- Lasse Collin
