On Fri, Mar 12, 2010 at 05:30:33AM +0100, Guillem Jover wrote: > You might also want to cherry-pick these, which fix some minor security > related bugs, althought the Debian security team didn't consider them > worth a DSA (some are really corner cases): > > 4c9d2d0eeed8b077a19da5bac5f2e8183e27e850 > ffccc65580189420a0a64736bba0fb661de56dcb > 7738fe5398d6610723c3def2ddc50eea1a73c327 > > And the database dir sync patches (there are some missing patches from > the series, but they should not be needed for the final one, although > I've not actually checked the convination, only split them so that > they could be ignored): > > a35f0e37a46b2e3721149a25c36f3352c1cdf881 > 15daa22fa94d19cc059d2755e5164db1a3a62791 > ab9482eb45e27a0b0c058a2662b28b7d3642173d > 20fdb395cc721a5060c5623eda956d73ea840a21
Thanks, I'll have a look. I'm worried about the syncing changes though; apparently they're *really* *really* pessimal on some systems, e.g. ext4 with data=ordered (which considers rename() as a barrier itself so the fsync() isn't necessary in that configuration). Scott James Remnant reported that it took over an hour to unpack a linux-headers-* package! I don't know what the right answer is here. On the one hand, not fsyncing kills reliability on some systems; on the other hand, fsyncing kills performance on other systems. > Or you could just wait for 1.15.6.1 (or 1.15.7) to get into unstable, > although Raphaƫl tells me you guys have already frozen dpkg? :/ We have - I wouldn't be inclined to merge at this point. -- Colin Watson [[email protected]] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
