Hello Peter,
thanks for working and coordinating the next core update in this way.
Hello development folks,
being responsible for upcoming Core Update 167, I would like to close this update roughly at the beginning of next week. This is because it contains several security-relevant updates (such as Apache, Bind [might need another one?], zlib [again], OpenSSH, and so on) which I think should be available to our userbase as soon as possible.
To have CVE-2022-1015 and CVE-2022-1016 covered, I will submit a patch for an updated kernel later this day, since we have enough space to ship one as the linux-firmware changes were reverted (see 8a4780de645a5b3ab42054eaf022c57d6849ae9a).
Looking at Patchwork, it would be great if we could clarify the status of these patches and patch series, and whether they should go into Core Update 167 or not:
Please ignore that patch set.
I'm currently working on improving the IDS again and these patches are obsolete and safely can be dropped.
More about this project on Monday.
Best regards,
-Stefan
https://patchwork.ipfire.org/project/ipfire/patch/66e4978d-6ba4-6c14-329c-6f...
If there are any patches sitting around in your local/private repositories you want to have in Core Update 167, kindly post them. As always, drop me a line in case of questions or comments.
Thanks, and best regards, Peter Müller