13:02:38 #startmeeting CIP IRC weekly meeting 13:02:38 Meeting started Thu May 2 13:02:38 2024 UTC and is due to finish in 60 minutes. The chair is jki. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:02:38 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 13:02:38 The meeting name has been set to 'cip_irc_weekly_meeting' 13:02:43 #topic AI review 13:02:48 - prepare blog entry on SLTS kernel state and challenges [Jan] 13:03:05 [re-]started, but I was too optimistic. so: ongoing 13:03:32 I don't think we have more AI, so 13:03:35 5 13:03:37 4 13:03:39 3 13:03:40 2 13:03:42 1 13:03:43 #topic Kernel maintenance updates 13:03:54 I did reviews, 6.1.88 and .90 13:04:09 Yesterday was holiday here, May 8th will be another one. 13:06:01 ok 13:06:17 how about the 4.19-rt? 13:06:51 I'll take a look. 13:07:08 thanks 13:08:17 "This week reported 207 new CVEs and 10 updated CVEs." - going up again 13:08:47 pavel: thanks for summarizing the HW CVEs on the list 13:08:50 Yep. And the titles are still copy-pasted so they make no sense in CVE context. 13:09:06 jki: No problem, but I did not exactly get a response there. 13:09:29 at least we warned, no one can complain 13:10:05 Yes. There's no way to fix that, anyway. We are just piling workarounds, but underlying bugs are not fixable. 13:10:19 Last week was OSS-NA, so only a few CVEs reported. This week... 13:10:58 are the CVEs documented as unfixed in our affected kernels? 13:10:59 hi 13:11:23 sorry for being late. i'm preparing the next 4.4 13:11:55 No, we should probably fix that. 13:12:11 KNOWN-BUGS is only in 4.4 so far, right? 13:12:23 But this whole thing is a bit of mess w.r.t. CVEs. 13:12:32 well, yes 13:12:51 but we could at least use that manually for the major CVEs 13:13:21 The CVEs should be against the CPUs... but we have CVEs for bug workarounds... 13:13:45 CVEs are CVEs 13:13:54 Well.. These days CVEs are spam. 13:13:56 :-( 13:14:25 I'll look at KNOWN-BUGS for 4.19/5.10. 13:14:33 the HW CVEs are unique and properly described, and if we add them to our kernels that do not even have mitigation attempts, that should be clear 13:15:30 ok - anything else on maintenance? 13:15:38 Yes. But my observation is that CVEs start to have "tree structure" in the case of CPU bugs. 13:15:48 Intel CPU leaks secrets. 13:16:13 Then we have kernel not doing proper workarounds for Intel bug. 13:16:40 Plus we know many of the workarounds are just incomplete, they are just patching the exploits at this point. 13:16:51 Ok, lets continue. 13:17:07 5 13:17:09 4 13:17:11 3 13:17:12 2 13:17:14 1 13:17:17 #topic Kernel release status 13:17:26 just 4.19-rt is late, we already discussed 13:17:40 5 13:17:42 4 13:17:44 3 13:17:46 2 13:17:48 1 13:17:49 #topic Kernel testing 13:19:09 patersonc: anything from you? 13:19:17 Not really! 13:20:06 our lab is still in reconstruction, hope to have that fixed "soon" 13:20:18 Thanks, I meant to ask 13:20:55 on Tuesday, the network socket was without network yet... 13:20:59 ok 13:21:05 :) 13:21:18 moving on... 13:21:20 5 13:21:21 4 13:21:23 3 13:21:25 2 13:21:27 1 13:21:30 #topic AOB 13:21:56 the 9th is public holiday here (and possibly also elsewhere) 13:22:02 I'm out for next week 13:23:11 Do we cancel the meeting, or do I just take over it? 13:23:29 if you can take over, we don't need to cancel 13:23:42 Ok, I believe I can do that. 13:23:47 I suspect, Japan will be back, and if no one else is on leave... 13:23:49 thanks! 13:24:50 anything else for today? 13:25:00 5 13:25:02 4 13:25:03 3 13:25:05 2 13:25:07 1 13:25:08 #endmeeting