> Thank you for your note. I do /not/ speak for the Debian kernel > team, but an upgrade of Linux fixing these TCP SACK > vulnerabilities are in the pipeline in Debian Sid, in Linux > version 4.19.37-5. There is an unconditional ten days delay for > introduction of upgrades from Sid to Testing,
> The delay period is frequently shortened for packages with high > urgency. > "Unconditional ten days" is quite false. > Thank you both for your replies. Indeed, the delay for important packages like linux is shorter, especially if the fix is urgent. I know that the work devs do is voluntary and I'm certain they do their best. I'll wait for the fixes to arrive in Buster naturally. I just don't want to use Chrome. It is enough that I'm using Google's services :) Oh, and please excuse me for my poor use of these mailing lists, I'm new here. Regards, Lazar
