Bug#1069642: linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20

[Jacob Rhoads]

Seeing this same issue. In my case, it ended up being caused by Crowdstrike
Falcon Sensor combined with this specific kernel. Reverting the kernel or
upgrading Falcon (via Falcon upgrade policy) works around this issue, for
now.

I think I see that 6.1.87 has attempted to fix some BHI implementation
issues that were originally introduced in 6.1.85. Perhaps certain kernel
modules aren't ready for this syscall hardening?

Bug#1013091: sssd: Bullseye SSSD - Still Broken

[Jacob Rhoads]

Package: sssd
Version: 2.4.1-2
Severity: important

Dear Maintainer,

SSSD on bullseye remains broken even after #991274 and #994879. SSSD (2.5.2-3) 
supposedly fixes the issue, but the bullseye repo is held to an older, broken 
version.

I'm not sure how this old version works with LDAP in any scenario, as it 
expects libldap to support CLDAP (without falling back to LDAP) and debian 
libldap isn't compiled with CLDAP support.

Are we expected to install the newer .deb (outside of the repo) and/or compile 
libldap with CLDAP support? If we're expected to use the fixed version, please 
advise on the best practice for doing so. Or is it possible to add SSSD to 
bullseye-backports instead?

Thanks

-- System Information:
Debian Release: 11.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.0-15-amd64 (SMP w/2 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages sssd depends on:
ii  python3-sss  2.4.1-2
ii  sssd-ad  2.4.1-2
ii  sssd-common  2.4.1-2
ii  sssd-ipa 2.4.1-2
ii  sssd-krb52.4.1-2
ii  sssd-ldap2.4.1-2
ii  sssd-proxy   2.4.1-2

sssd recommends no packages.

sssd suggests no packages.

-- no debconf information