Timeline for What are ARP hardware type 37, opcode 21 and protocol type 0x90bd?
Current License: CC BY-SA 4.0
8 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 16, 2023 at 18:49 | comment | added | Binarus | Thanks a lot again. I had already read some of the relevant pages on the debian website, but missed the link you gave. Eventually I could use the backports kernel with security updates from unstable (at least for users of testing, debian recommends that security updates from unstable should be enabled; I haven't understood the rationale yet, but I'll look into it that evening). | |
| Mar 15, 2023 at 21:33 | comment | added | A.B | No, backport packages are not receiving any timely updates and surely accumulate security issues before a new one is out. As for testing, it's now frozen. Even sid stops behaving like a rolling-release during freeze, but is here to assist with testing becoming the next stable. (some information there: release.debian.org/bookworm/freeze_policy.html ) | |
| Mar 15, 2023 at 20:52 | comment | added | Binarus | Two last, quick questions if you don't mind :-) Does the backports kernel you mentioned receive timely security updates? I'm a bit hesitant because the machine in question is a firewall, and because I've read that the testing branch does not receive timely security updates. Second, will the old userspace tools from the stable branch, especially nft, play well with the backported kernel? Please excuse the dumb questions, but I didn't work with backports before. | |
| Mar 15, 2023 at 20:41 | comment | added | Binarus | For later readers: In the meantime, I also had tried debian testing (bookworm) and can confirm that the issue is fixed there. However, I surely won't install testing, unstable or whatever on a machine that should act as firewall, and second, I have lost trust in debian, because a) I am pretty sure they already knew about the problems, but didn't care about it although it affects security (see comment above), and b) they obviously don't care about bug reports. | |
| Mar 15, 2023 at 20:37 | vote | accept | Binarus | ||
| Mar 15, 2023 at 20:37 | comment | added | Binarus | Thanks a lot, +1 and accepted. I have come to the same conclusion in the meantime. I also had sent three bug reports (noticed a few more problem than in my question above) to the debian maintainers, but that was a waste of time, as usual. This is a catastrophic fail, and I can prove that it not only logs wrong data, but doesn't execute rules as it should, surely because of the same problem; this definitely is impacting security. However, as expected they didn't condescend to answering, and probably won't. I'll leave debian now after 15 or twenty years. | |
| Mar 13, 2023 at 17:02 | history | edited | A.B | CC BY-SA 4.0 | tested with 5.10.x and 6.1.x kernels to confirm that's this bug |
| Mar 13, 2023 at 16:21 | history | answered | A.B | CC BY-SA 4.0 |