[02:47] <hallyn> So is there a good way to tell whether livepatch is actually working here? I'm sorried about this:  Livepatch kernel mismatch: Kernel version is "4.15.0-166.174-generic", payload targeted for "4.15.0-151.157-generic"
=== smeso_ is now known as smeso
=== ahayzen_ is now known as ahayzen
=== haggertk_ is now known as haggertk
[07:00] <blahdeblah> This new cryptsetup vuln (CVE-2021-4122) sounds like a fun one.  They say for cryptsetup 2.2.x mitigation we need to use --disable-luks2-reencryption, but that doesn't appear to be present in the man page or command help for cryptsetup on focal.  Is it undocumented, or just missing?
[07:00] <ubottu> ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4122>
[07:00] <blahdeblah> https://seclists.org/oss-sec/2022/q1/34, since ubottu doesn't seem to know about it
[12:06] <rbasak> blahdeblah: that sounds like a build-time flag
[12:21] <mdeslaur> blahdeblah: I have some packages to test here: https://launchpad.net/~ubuntu-security-proposed/+archive/ubuntu/ppa/+packages
[12:21] <mdeslaur> (you need to add a patch that adds that new build-time flag)