Three 6.2 kernels released without Wake on lan!

Why isn’t the wol fix applied to the latest 6.2.x kernel.
By default 3 kernels is all you get if that. It’s good because if one is bad you can go back but now with 3 unpatched broken kernels folks who depend on wake on lan have the nightmare of uninstalling kernels.

And where can I find information on fedora kernel bug fixes?
Fedora 37 Update: kernel-6.2.10-200.fc37 - package-announce - Fedora Mailing-Lists
(the latter two links are the mailing list archive)

If a Fedora kernel contains patches/backports that are not yet part of the currently released kernel (e.g., if the patch is intended for the next kernel but backported because it is security-critical) or if something would be removed from the current kernel release for whatever reason, you will find the information at the above links. I have added the links of 6.2.10 and 6.2.11, although 6.2.11 is still in testing (you can see this in the…- links), which is the reason why there is not yet a…- link for 6.2.11.

You can find further related discussions in the mailing lists (especially the devel mailing list: devel - Fedora Mailing-Lists )

It maybe can happen that a Fedora kernel gets a backport if something is too critical to wait for the next release, and I could imagine that something is removed if it has no purpose for the majority of Fedora users but causes stability issues or so (I have no experience with / knowledge of cases of the latter), but generally Fedora keeps and tailors to what comes from the upstream kernel community, and there is no customization or third party patches or so. You might also follow the kernel mailing lists to identify some reasoning when something is added/backported/removed (including further indications for why Fedora adds/backports/removes from/to a released kernel).

Supplement: I forgot another important institution (the most important for current bugs) when it comes to the information you ask about:
Bugzilla - Fedora Project Wiki

Just increase the number of kernels that your system keeps to 5 or 6 (or even more if you have enough space in /boot). Set installonly_limit=5 in /etc/dnf/dnf.conf

Of course this is an interim way out if there is no other solution. However, it should be no long term solution since old kernels are sometimes replaced for good reasons (e.g., security issues), and they do no longer receive updates/fixes. So if new vulnerabilities are discovered in commits that a given old kernel contains, there will be no explicit means to find out or to get informed about it. And the older existing/open vulnerabilities become, the more possibilities and documentation rise to exploit their given issues. Its comparable with other bugs.

It should be considered that 6.2.9 was considered a security-critical update. So if someone keeps using 6.2.8, it should be evaluated if and how far the vulnerability is dangerous to them. And of course be aware that any future vulnerability that is discovered could be applicable to it as well (there will be no documentation if so because it will be no longer supported).

With Flo’s points in mind: My suggestion would be to estimate if your use cases are vulnerable to CVE-2023-1611 (see 1, 2), if so avoid these use cases as long as using 6.2.8, and wait for F38, which is already the focus of development. If the release of F38 does not solve your problem, file a bug at Bugzilla!

1 Like

Or use a LTS Kernel. It still gets security updates, it is just not maintained officially from Fedora.

kwizart/kernel-longterm-6.1 Copr

kwizart/kernel-longterm-5.15 Copr

I use the 5.15, as second option on my system. It get regularly updates. If one misses you can report and it will get updated.

Thank you all for responding.

I used to get updates-testing emails on the test list that had information on bug fixes but not since fc36.

I think the fix will go into the 6.3 kernel which is due shortly. I may just go with the long term release kernel that was suggested.