Package: linux-image-amd64 Version: 4.15+91~bpo9+1 Severity: normal Tags: security
The Debian kernels are currently built with CONFIG_SYSTEM_TRUSTED_KEYS="debian/certs/b...@debian.org.cert.pem" This was introduced with https://alioth-lists-archive.debian.net/pipermail/kernel-svn-changes/2016-April/022904.html We are now two years after Ben's contribution and we are still not using kernel module signing (CONFIG_MODULE_SIG is not set in config). As there is no need for the kernel trusting Ben's certificate, please, remove the setting. Best regards Heinrich Schuchardt -- System Information: Debian Release: 9.2 APT prefers stable-updates APT policy: (500, 'stable-updates'), (100, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: arm64, armhf, i386 Kernel: Linux 4.15.0-0.bpo.2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages linux-image-amd64 depends on: ii linux-image-4.15.0-0.bpo.2-amd64 4.15.11-1~bpo9+1 linux-image-amd64 recommends no packages. linux-image-amd64 suggests no packages. -- no debconf information
