Install systemd-resolved from Debian Backports when appropriate
#6
Labels
improvement
This issue or pull request will add new or improve existing functionality
Comments
mcdonnnj
added
the
improvement
mcdonnnj
changed the title
systemd-resolve from Debian Backports when appropriatesystemd-resolved from Debian Backports when appropriate
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
💡 Summary
We should consider installing the systemd-resolved package from Debian Backports when both available and appropriate.
Motivation and context
I noticed that systemd-resolved has a version available from
bookworm-backportscurrently. That got me curious about what was different between the versions so I checked the changelog and noticed that what probably drove the Backports release wasBackport patch to fix CVE-2023-7008 (Closes: #1059278). Since the Backports release fixes a CVE it seems like it would be worth inclusion.Implementation notes
This role would possibly need to configure Backports via cisagov/ansible-role-backports to enable this capability.
The text was updated successfully, but these errors were encountered: