Legacy kernel with stack-gap fix?


#1

Hi,
Is there a new legacy VM kernel available/coming with the stack gap increase for the current CVE?

(It would be great if that moved to being able to just boot our own kernel then we could just come up with Debian’s own).


#2

We don’t have one yet, but we’ll definitely be investigating it in the next few days.

With regards to running a stock Debian / internal kernel though, that won’t be an option for our legacy platform. (Primarily because all the kernels live externally to the guests, as you know, and have to be compiled statically for that to work - i.e. Entirely opposite to the common distribution approach of using modular kernels.)

If you do wish to have complete control of your kernels, you might be interested in migrating over to one of our cloud servers - You get the same great support, but much more flexible scaling options, as well as the ability to access the server console via your browser (With a VNC client).

The cloud servers can also be driven automatically via our console-client, or with our panel