[15:52] <SvenKieske> I got a question regarding: USN-5442-2; https://ubuntu.com/security/CVE-2022-29581 says for bionic linux-hwe-5.4 "Released (5.4.0-113.127~18.04.1)" but I did not get an email about this update, USN-5442-2 only mentions "linux-image-raspi-hwe-18.04"
[15:52] <ubottu> Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29581>
[15:53] <SvenKieske> so where is the update for "normal" "linux-hwe-5.4" for x86/64 and where is the announcement? am I missing something? thank you very much!
[16:03] <sbeattie> oh argh, did the emails for the first round not go out? I'm not seeing them in the archives...
[16:03] <sbeattie> SvenKieske: covered in https://ubuntu.com/security/notices/USN-5442-1
[17:44] <jdstrand_> boy, that's certainly an old version of influxdb you're playing with in https://ubuntu.com/security/notices/USN-5451-1 ;)
=== jdstrand_ is now known as jdstrand
[17:56] <sbeattie> jdstrand: Hi! You're always welcome to help us maintain it.
[18:03] <jdstrand> sbeattie: how did I know you were going to say that. fyi, Debian isn't taking care of it: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914035
[18:03] <ubottu> Debian bug 914035 in wnpp "RFA: influxdb -- Scalable datastore for metrics, events, and real-time analytics" [Normal, Open]
[18:25] <sarnold> if only there were a way to run influxdb the service without needing to maintain influxdb the software yourself.. :D
[18:25] <sarnold> ouch, abandoned since 2018 :(