/srv/irclogs.ubuntu.com/2022/01/28/#ubuntu-security.txt

hallynSo is there a good way to tell whether livepatch is actually working here? I'm sorried about this:  Livepatch kernel mismatch: Kernel version is "4.15.0-166.174-generic", payload targeted for "4.15.0-151.157-generic"02:47
=== smeso_ is now known as smeso
=== ahayzen_ is now known as ahayzen
=== haggertk_ is now known as haggertk
blahdeblahThis new cryptsetup vuln (CVE-2021-4122) sounds like a fun one.  They say for cryptsetup 2.2.x mitigation we need to use --disable-luks2-reencryption, but that doesn't appear to be present in the man page or command help for cryptsetup on focal.  Is it undocumented, or just missing?07:00
ubottu** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122>07:00
blahdeblahhttps://seclists.org/oss-sec/2022/q1/34, since ubottu doesn't seem to know about it07:00
rbasakblahdeblah: that sounds like a build-time flag12:06
mdeslaurblahdeblah: I have some packages to test here: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages12:21
mdeslaur(you need to add a patch that adds that new build-time flag)12:21

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!