Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-12-12 Thread Mattia Rizzolo
This thread went OT talking about ports, but oh well… On Wed, Dec 12, 2018 at 04:03:25AM +0100, Adam Borowski wrote: > On Tue, Dec 11, 2018 at 09:46:21PM +0100, Gregor Riepl wrote: > > The build and package delivery infrastructure should offer the same features > > for both first and second class

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-12-11 Thread Adam Borowski
[Oy vey, crosspost list from hell -- not sure how to trim...] On Tue, Dec 11, 2018 at 09:46:21PM +0100, Gregor Riepl wrote: > I do think this just reinforces the point that second-class architectures > should have better, more robust support from the Debian project. > For example, arch-specific

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-12-11 Thread Gregor Riepl
Hi Adrian I do think this just reinforces the point that second-class architectures should have better, more robust support from the Debian project. For example, arch-specific packages most decidedly have a place in Debian (although they should not be the norm). There will always be such

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-12-11 Thread John Paul Adrian Glaubitz
Hello! On 12/9/18 3:18 PM, Matthias Klose wrote: > To me it looks sometimes that Debian is used for testing by upstream, and for > that the mips architectures don't need to be release architectures. A note on this: If you decide to move MIPS to Debian Ports, you will make the port unusable to

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-12-09 Thread Matthias Klose
On 07.07.18 17:24, YunQiang Su wrote: > Niels Thykier 于2018年6月28日周四 上午4:06写道: >> List of concerns for architectures >> == >> >> The following is a summary from the current architecture qualification >> table. >> >> * Concern for ppc64el and s390x: we are dependent

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-07-07 Thread YunQiang Su
Niels Thykier 于2018年6月28日周四 上午4:06写道: > > Hi, > > > As part of the interim architecture qualification for buster, we request > that DSA, the security team and the toolchain maintainers review and > update their list of known concerns for buster release architectures. > > Summary of the current

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Florian Weimer
* Riku Voipio: > On Thu, Jun 28, 2018 at 08:11:14PM +0200, Florian Weimer wrote: >> * Niels Thykier: >> >> > armel/armhf: >> > >> > >> > * Undesirable to keep the hardware running beyond 2020. armhf VM >> >support uncertain. (DSA) >> >- Source: [DSA Sprint report] >> >>

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Lennart Sorensen
On Fri, Jun 29, 2018 at 10:20:50AM +0100, Luke Kenneth Casson Leighton wrote: > in addition, arm64 is usually speculative OoO (Cavium ThunderX V1 > being a notable exception) which means it's vulnerable to spectre and > meltdown attacks, whereas 32-bit ARM is exclusively in-order. if you > want

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Luke Kenneth Casson Leighton
On Fri, Jun 29, 2018 at 12:50 PM, Julien Cristau wrote: > Everyone, please avoid followups to debian-po...@lists.debian.org. > Unless something is relevant to *all* architectures (hint: discussion of > riscv or arm issues don't qualify), keep replies to the appropriate > port-specific mailing

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Julien Cristau
On 06/27/2018 10:03 PM, Niels Thykier wrote: > Hi, > > > As part of the interim architecture qualification for buster, we request > that DSA, the security team and the toolchain maintainers review and > update their list of known concerns for buster release architectures. > Everyone, please

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Luke Kenneth Casson Leighton
On Fri, Jun 29, 2018 at 12:23 PM, Adam D. Barratt wrote: >> i don't know: i'm an outsider who doesn't have the information in >> short-term memory, which is why i cc'd the debian-riscv team as they >> have current facts and knowledge foremost in their minds. which is >> why i included them. >

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Adam D. Barratt
On Fri, 2018-06-29 at 11:44 +0100, Luke Kenneth Casson Leighton wrote: [...] > On Fri, Jun 29, 2018 at 10:35 AM, Adam D. Barratt > wrote: > > > >  what is the reason why that package is not moving forward? > > > > I assume you're referring to the dpkg upload that's in proposed- > > updates > >

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Luke Kenneth Casson Leighton
--- crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68 On Fri, Jun 29, 2018 at 10:35 AM, Adam D. Barratt wrote: >> what is the reason why that package is not moving forward? > > I assume you're referring to the dpkg upload that's in proposed-updates > waiting for the

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Adam D. Barratt
On Fri, 2018-06-29 at 10:20 +0100, Luke Kenneth Casson Leighton wrote: [...] >  debian-riscv has been repeatedly asking for a single zero-impact > line > to be included in *one* file in *one* dpkg-related package which > would > allow riscv to stop being a NMU architecture and become part of >

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Luke Kenneth Casson Leighton
On Wed, Jun 27, 2018 at 9:03 PM, Niels Thykier wrote: > armel/armhf: > > > * Undesirable to keep the hardware running beyond 2020. armhf VM >support uncertain. (DSA) >- Source: [DSA Sprint report] [other affected 32-bit architectures removed but still relevant] ... i'm

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-29 Thread Riku Voipio
On Thu, Jun 28, 2018 at 08:11:14PM +0200, Florian Weimer wrote: > * Niels Thykier: > > > armel/armhf: > > > > > > * Undesirable to keep the hardware running beyond 2020. armhf VM > >support uncertain. (DSA) > >- Source: [DSA Sprint report] > > Fedora is facing an issue

Re: Arch qualification for buster: call for DSA, Security, toolchain concerns

2018-06-28 Thread Florian Weimer
* Niels Thykier: > armel/armhf: > > > * Undesirable to keep the hardware running beyond 2020. armhf VM >support uncertain. (DSA) >- Source: [DSA Sprint report] Fedora is facing an issue running armhf under virtualization on arm64: