Your message dated Mon, 26 Jul 2021 21:33:30 +0000 with message-id <e1m88e6-000dhv...@fasolo.debian.org> and subject line Bug#989080: fixed in cifs-utils 2:6.11-3.1 has caused the Debian Bug report #989080, regarding cifs-utils: Fix for CVE-2021-20208 breaks cifs.upcall to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 989080: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989080 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: cifs-utils Version: 2:6.11-3 Severity: important Tags: upstream X-Debbugs-Cc: finnkr...@physik.fu-berlin.de Dear Maintainer, when using cifs-utils to mount a samba share using a krb5 ticket cifs.upcall fails: $ mount -t cifs --verbose -o seal,idsfromsid,cifsacl,rw,sec=krb5i,user=finnkrein,cruid=finnkrein //storage.physik.fu-berlin.de/finnkrein /net/test mount error(126): Required key not available >From journalctl -e: cifs.upcall[34940]: switch_to_process_ns: setns() failed for cgroup cifs.upcall[34940]: unable to switch to process namespace: Operation not> cifs.upcall[34940]: Exit status 1 This bug was likely introduced by the fix for CVE-2021-20208 (#987308), is known upstream and discussed at https://www.spinics.net/lists/linux-cifs/msg21550.html. The respective patch is currently included as "0010-CVE-2021-20208.patch". -- System Information: Debian Release: 11.0 APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.10.0-6-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_WARN Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages cifs-utils depends on: ii libc6 2.31-12 ii libcap-ng0 0.7.9-2.2+b1 ii libkeyutils1 1.6.1-2 ii libkrb5-3 1.18.3-5 ii libpam0g 1.4.0-7 ii libtalloc2 2.3.1-2+b1 ii libwbclient0 2:4.13.5+dfsg-2 ii python3 3.9.2-3 Versions of packages cifs-utils recommends: ii keyutils 1.6.1-2 Versions of packages cifs-utils suggests: ii bash-completion 1:2.11-2 ii smbclient 2:4.13.5+dfsg-2 pn winbind <none> -- no debconf information
--- End Message ---
--- Begin Message ---Source: cifs-utils Source-Version: 2:6.11-3.1 Done: Sebastian Ramacher <sramac...@debian.org> We believe that the bug you reported is fixed in the latest version of cifs-utils, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 989...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Sebastian Ramacher <sramac...@debian.org> (supplier of updated cifs-utils package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 26 Jul 2021 23:16:25 +0200 Source: cifs-utils Architecture: source Version: 2:6.11-3.1 Distribution: unstable Urgency: medium Maintainer: Debian Samba Maintainers <pkg-samba-ma...@lists.alioth.debian.org> Changed-By: Sebastian Ramacher <sramac...@debian.org> Closes: 989080 Changes: cifs-utils (2:6.11-3.1) unstable; urgency=medium . * Non-maintainer upload . [ Hideki Yamane ] * debian/patches - Add 0011-fix-regression-for-CVE-2021-20208.patch (Closes: #989080) Checksums-Sha1: b7d17e2de86cecd59f269712d13f62ef75e3d15b 2487 cifs-utils_6.11-3.1.dsc d4c76de3671cf92003f25bb5e04b9a2ede49ddc5 15256 cifs-utils_6.11-3.1.debian.tar.xz Checksums-Sha256: 30128105abd07bc69dd477f31d2f15593404e73696d2c480cd150f1c17d859e5 2487 cifs-utils_6.11-3.1.dsc f3e6c6d6cba64b661f44a7bc03462244f3e8e5879476d21a9d86cbc81cdc6b5f 15256 cifs-utils_6.11-3.1.debian.tar.xz Files: 8e9698a753e74e9b50c59d7eb46153fb 2487 otherosfs optional cifs-utils_6.11-3.1.dsc 6aed878a96ee3342845e59c305201ec6 15256 otherosfs optional cifs-utils_6.11-3.1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE94y6B4F7sUmhHTOQafL8UW6nGZMFAmD/Jr0ACgkQafL8UW6n GZPOABAAwZ3Pata39/NYK4nwsee04VmyqBLlCzlYl4+fX7x5VQE9Yzg9a+Fh3bZo RqjnG4ctprF/H48fJmXY0S3EDxYBLqQBRihmpD1aXPXF1A8e9/8DU6oSFcffq5Ll M6gmTFcEcbeYtgYA4X1gNfrRA4Y5dDrNET2xCCr0ic9aPJX1/YtOxYlovdpvYZ6c AEZmd56q2P2LKtW8QdrGzrLr+YCUMT6sDcCmgrhTe1vJL334d6IxN3lxqCHrs9pR ZMrhYtIzkcnE+UXRZlLfIcMW+ipddEgu0JZPYwN3s3PHiSOeQCfSI8nReZ1oTvXy YwX+rhzXsARrjVsg6EwnHOEGdR0vUl+Bvda38QV4hSXXPCUDYrhqabHDvzSB68K0 M+0cMQr/FgHfCoU8mF66zbq1ekE47g+CJcinCU3Kp4vPnqq/SZbhsCmKS/xQRXTy X7oO8tf9pMWHf4FS7R+TDEc526+Xx+hqnpCm0ZFe3ctULosHk+PbwcRM+VOV42lg 1H9jKpS0aVt2sAA39w/5aNc8/TmJDbZU+9CeUqlLN7tGEcdjMs7rG75pL8NWEmIT 9+B5XUc1QDwwmopc9EueGNCQNTI9gFj0J7u1tJbokRDaRink8a/AetQDMsjhao+F hQXKUI7cT3hJI1ic0iuJk2DwwrBdl80Hm8wTSAqMnN8e6v2RNgU= =bW26 -----END PGP SIGNATURE-----
--- End Message ---
