Bug#1136736: linux-vulnerability-mitigation: Package update did not ask to enable newly added mitigations

Fri, 15 May 2026 06:11:17 -0700 

Package: linux-vulnerability-mitigation
Version: 20260515-1
Severity: wishlist
Tags: security
X-Debbugs-Cc: [email protected], Debian Security Team 
<[email protected]>

Dear Maintainer,

   * What led up to the situation?
I installed the latest update of the package.

   * What exactly did you do (or not do) that was effective (or
     ineffective)?
Upon initial installation of the package,
I had reconfigured the package to only enable the mitigations CVE-2026-43284 
and CVE-2026-43500
(since the fix for Copyfail was already available in the linux-image package on 
my system).

   * What was the outcome of this action?
The installation process did not ask to enable the newly added mitigations.

   * What outcome did you expect instead?
I expected the installation process to ask to reconfigure the list of enabled 
mitigations,
since new options were now available, similar to the way an update of the
ca-certificates package will ask to reconfigure the list trusted certificates
when new certificates are added to that package.


Thank you for your work on this package.
It is greatly appreciated in these volatile times.

Kind regards,
Peter Verbaan


-- System Information:
Debian Release: forky/sid
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 
'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.12.86+deb13-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_IE:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages linux-vulnerability-mitigation depends on:
ii  debconf [debconf-2.0]  1.5.92

linux-vulnerability-mitigation recommends no packages.

linux-vulnerability-mitigation suggests no packages.

-- debconf information:
  linux-vulnerability-mitigation/title:
* linux-vulnerability-mitigation/mitigations: CVE-2026-43284, CVE-2026-43500, 
CVE-2026-46300, ssh-keysign-pwn

Reply via email to