tags 1104420 fixed-upstream patch pending
thanks
On Tue, Apr 29, 2025 at 10:34:20PM +0200, Andreas Beckmann wrote:
>
> openafs-modules-dkms fails to build a module for Linux 6.14 in
> experimental:
>
> CC [M] osi_vnodeops.o
> osi_vnodeops.c: In function 'afs_linux_dentry_revalidate':
> osi_vn
I asked upstream who notes that this is the stuff covered in the Tervoort
paper
(https://i.blackhat.com/EU-22/Thursday-Briefings/EU-22-Tervoort-Breaking-Kerberos-RC4-Cipher-and-Spoofing-Windows-PACs-wp.pdf)
and that, per https://web.mit.edu/kerberos/krb5-1.21/, you have to
specifically enable issua
Package: xfce4-session
Version: 4.20.2-1
Severity: important
X-Debbugs-Cc: ka...@mit.edu
Upstream's
https://gitlab.xfce.org/xfce/xfce4-session/-/commit/584ba9e6aa46e79aa5821d0b34b684f07c85f3db
("scripts: Make xflock4 blocking again") set a timeout of MAXINT for the
dbus-send call, but used a bash
Note that the upstream change switches back (see #1093378, #1092334,
#1064099) to calling dbus-send rather than gdbus and so we might be able to
drop the recommendation on libglib2.0-bin.
-Ben
On Tue, Mar 11, 2025 at 02:38:20AM +0100, Andreas Beckmann wrote:
>
> I have a few updates for the -source package that I'd like to see in
> trixie. Especially I want all -source packages in trixie to have
> autopkgtests that check buildability of modules with module-assistant.
I was just recentl
I saw this too, but wasn't sure whether it was intentionally excluded as
part of the "only mentions the most used commands and options" threshold.
On the other hand, `apt --help` does list modernize-sources under a heading
of "Most used commands" so there's probably some change needed to the one
o
retitle 1072165 ftpmasters: please decide on sunrpc in dietlibc, openafs
block 1072708 1072165
severity 1072708 important
thanks
Hi ftpmasters,
It seems that (#1072708) openafs is in a similar situation as dietlibc in
that the Sun RPC code is included in openafs and the freeness of this usage
hin
Package: xfce4-session
Version: 4.20.0-1
Severity: important
X-Debbugs-Cc: ka...@mit.edu
It looks like upstream 4.19.1 changed xflock4 from getting a lock command via
xfconf-query to using a D-Bus method to lock the screen. This means it calls
gdbus directly, but gdbus is in libglib2.0-bin which
On Tue, Jan 07, 2025 at 08:36:47PM +0100, Lucas Nussbaum wrote:
>
> Relevant part (hopefully):
> > install: cannot change ownership of
> > 'debian/krb5-admin-server/usr/sbin/krb5_newrealm': Operation not permitted
Hmm, I wonder if that's some unshare fallout -- I know I haven't done any
krb5 bui
Package: openafs-client
Version: 1.8.12.1-1
Severity: serious
Tags: security upstream fixed-upstream patch
Control: clone -1 -2
Control: reassign -2 openafs-fileserver
Quoting upstream's release announcement
(https://lists.openafs.org/pipermail/openafs-devel/2024-November/020961.html):
OPENAFS-SA
On Tue, Aug 06, 2024 at 09:46:40PM +, Jeremy Stanley wrote:
> Unfortunately this is now appearing in sid since Linux 6.10 has been
> uploaded there as well.
Thanks for the heads-up; I should be able to get something in this week.
(I think Andreas would typically bump the severity at this point
On Thu, Jul 04, 2024 at 12:23:11AM +0200, Bastian Germann wrote:
> Am 03.07.24 um 23:56 schrieb Benjamin Kaduk:
> > On Wed, Jul 03, 2024 at 11:27:50PM +0200, Bastian Germann wrote:
> > > Am 03.07.24 um 05:23 schrieb Benjamin Kaduk:
> > > > I do not see how it would be
On Wed, Jul 03, 2024 at 11:27:50PM +0200, Bastian Germann wrote:
> Am 03.07.24 um 05:23 schrieb Benjamin Kaduk:
> > I do not see how it would be possible to replace this code in Debian before
> > upstream can do so; this code is a core part of the functionality of the
> > s
Hi Bastian,
Sorry for the slow reply. Life has throwna a lot of things at me this
month.
On Thu, Jun 06, 2024 at 10:17:33PM +0200, Bastian Germann wrote:
>
> OpenAFS includes the Sun RPC code under the original, non-free license.
> That code was relicensed by Oracle under a BSD license (see
>
On Sat, Feb 10, 2024 at 01:33:15PM +0100, Johannes Schauer Marin Rodrigues
wrote:
>
> there as a binNMU "Rebuild to sync binNMU versions" for krb5 and that
> failed for arm64, armel and ppc64el:
>
> https://buildd.debian.org/status/package.php?p=krb5
>
> The error logs look very similar:
> ***
tags -1 + fixed-upstream patch
thanks
On Tue, Jan 16, 2024 at 10:30:40AM +0100, Andreas Beckmann wrote:
> Package: openafs-modules-dkms
> Version: 1.8.10-2
> Severity: important
>
> Hi,
>
> openafs-modules-dkms fails to build a module for Linux 6.7 that was just
> uploaded to experimental:
Than
Package: lintian
Version: 2.116.3
Severity: normal
X-Debbugs-Cc: ka...@mit.edu
I maintain openafs, which for some time has been reporting an error-level
diagnostic from lintian for missing-build-dependency-for-dh_-command ("dh_dkms
(does not satisfy dkms:any | dh-sequence-dkms:any) [debian/rules]"
Hi Gergely,
On Wed, Dec 20, 2023 at 04:26:55PM +0100, Gergely Riskó wrote:
> Hey all,
>
> Yes, OpenAFS is always a pain to work with both on the server and the
> client side. :(
>
> This time I think the client installation is harder than usual, we
> have to apply 5 patches.
Yes, there's a lot
On Wed, Sep 14, 2022 at 05:36:00PM +0100, Jose M Calhariz wrote:
> Hi
>
> I am creating a new OpenAFS cell for testing purposes and found the
> the file README.server.gz with some instructions a bit out of date.
> This makes the new cell setup dificult to a inexperienced OpenAFS
> sysadmin.
>
>
On Sun, Aug 13, 2023 at 09:21:04PM +0200, Lucas Nussbaum wrote:
> Source: openafs
> Version: 1.8.10-1
> Severity: minor
> Tags: trixie sid ftbfs
> User: lu...@debian.org
> Usertags: ftbfs-sab-20230813 ftbfs-source-after-build
> User: debian...@lists.debian.org
> Usertags: qa-doublebuild
>
> Hi,
>
Hmm, on my local machines (one running Debian, one running Ubuntu) I appear
to be seeing the expected default /tmp/krb5cc_%{uid} behavior.
I couldn't quite follow how your credentials were obtained; were they
perhaps obtained as part of the login process? The PAM configuration might
well be releva
tags 1010764 upstream fixed-upstream pending
thanks
On Wed, May 18, 2022 at 01:55:00AM +, Jeremy Stanley wrote:
> The fix for this appears to have merged upstream in January, so
> could probably be backported in Salsa:
>
> https://gerrit.openafs.org/14882
Indeed, upstream has been getting th
I'm pretty sure that changing the master key encryption type used for new
databases has basically no upgrade considerations and could be "just done".
Updating the encryption type for that key on existing databases will have
nontrivial upgrade considerations (and in fact will not be possible to do
a
Hi Ben,
Thanks for detecting and reporting the build errors.
I'm a bit confused as to how this is "grave", though -- I would have
classified it as merely "serious" as for, e.g., 970258 and 995134.
For upstream, we went with a slightly different patch owing to the
unreliability of the linux versio
severity 995134 serious
tags 995134 upstream fixed-upstream pending
thanks
On Sun, Sep 26, 2021 at 05:07:44PM -0400, Ryan Kavanagh wrote:
> Package: openafs-modules-dkms
> Version: 1.8.6-5
> Severity: grave
> Justification: Renders package unusable
>
> The openafs dkms modules fail to build on 5.
Package: krb5-kdc
Version: 1.15-1
Tags: security fixed-upstream
quoting from
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
CVE-2021-37750:
In MIT krb5 releases 1.14 and later, an authenticated attacker can
cause a null dereference in the KDC by sending a FAST TGS r
Yes, I started working on an upload for buster, but got a bit sidetracked
since the 1.17-3+deb10u1 in the archive was not imported into the packaging
repo previously.
I expect to make progress today.
-Ben
angelog
--- krb5-1.18.3/debian/changelog2021-03-28 10:43:01.0 -0700
+++ krb5-1.18.3/debian/changelog2021-07-21 11:07:07.0 -0700
@@ -1,3 +1,10 @@
+krb5 (1.18.3-6) unstable; urgency=high
+
+ * Pull in upstream patch to fix CVE-2021-36222 (KDC NULL dereference),
+C
It looks like the leak was independently(?) reported to upstream and fixed
in a somewhat different way, see
https://github.com/krb5/krb5/commit/593e16448e1af23eef74689afe06a7bcc86e79c7
.
The fix is marked for pullup to the stable branches, so it should get fixed
in Debian when we next import an ups
On Wed, Jul 21, 2021 at 07:13:49PM +0200, Salvatore Bonaccorso wrote:
>
> On Wed, Jul 21, 2021 at 10:01:23AM -0600, Sam Hartman wrote:
>
> About buster: Given the above we can fix via the upcoming point
> release for buster, I guess that can be enough in this case. What
> would happen if the unau
to argue for important, although if you want to push to
> serious, I won't fight it.
> I'm busy with Family obligat scattered throughout the day ions, but it
> sounded like Benjamin Kaduk
> might be available to help.
Yes, I have some time to help.
Given that Salvatore filed the r
reopen 987690
thanks
This looks to be a typo in the changelog closer.
-Ben
On Mon, May 03, 2021 at 06:51:03PM +, Debian Bug Tracking System wrote:
> Your message dated Mon, 03 May 2021 18:48:29 +
> with message-id
> and subject line Bug#987690: fixed in libass 1:0.15.0-2
> has caused th
On Fri, Apr 09, 2021 at 03:29:48PM -0400, Chaskiel Grundman wrote:
> Package: openafs-fileserver
> Version: 1.8.2-1+deb10u1
> Severity: important
>
> Dear Maintainer,
> While upgrading a system from stretch (9.9) to buster (10.9), I had a
> failure in this package:
>
> Setting up openafs-fileserv
On Mon, Mar 15, 2021 at 06:27:41AM +, Witold Baryluk wrote:
> Package: openafs-modules-dkms
> Version: 1.8.6-5
> Followup-For: Bug #985254
> X-Debbugs-Cc: witold.bary...@gmail.com
>
> Actually after digging more, it is not due to HIGHMEM. In fact the
> kmap_atomic takes single argument since a
Hi Andreas,
Thanks for filing 984929.
Do you have a sense for what the cutoff should be for trying to get 984929
resolved vs. just uploading a workaround in the dkms-consuming packages
(e.g., openafs)?
Thanks,
Ben
On Wed, Mar 10, 2021 at 01:09:06PM +, Debian Bug Tracking System wrote:
> Pro
Hi Adam,
On Sat, Feb 06, 2021 at 02:40:02PM +, Adam D. Barratt wrote:
> On Fri, 2021-02-05 at 09:17 -0800, Benjamin Kaduk wrote:
> > On Fri, Feb 05, 2021 at 05:11:31PM +, Adam D. Barratt wrote:
> > > Control: tags -1 + confirmed
> > >
> > > On Fri,
On Fri, Feb 05, 2021 at 05:11:31PM +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Fri, 2021-02-05 at 08:38 -0800, Benjamin Kaduk wrote:
> > All upstream openafs releases from the 1.8.x series, prior to 1.8.7,
> > contain a "time bomb" bug tha
On Wed, Feb 03, 2021 at 01:05:38PM -0800, Benjamin Kaduk wrote:
> >
> > Do you still have this on your radar? While as discussed this is not a
> > DSA candidate a fix can be released out of order from a point release
> > via the stable-updates mechanism, and thi
fs-1.8.2/debian/changelog 2021-01-26 20:13:14.0 -0800
@@ -1,3 +1,10 @@
+openafs (1.8.2-1+deb10u1) buster; urgency=high
+
+ * Pull in upstream patches to fix outgoing connections after unix
+epoch time 0x6000 (Closes: #980115, #980116)
+
+ -- Benjamin Kaduk Tue, 26 Jan 202
Hi Salvatore,
On Wed, Feb 03, 2021 at 09:39:25PM +0100, Salvatore Bonaccorso wrote:
> HI Benjamin,
>
> On Mon, Jan 18, 2021 at 07:19:14PM -0800, Benjamin Kaduk wrote:
> > On Mon, Jan 18, 2021 at 06:04:39PM +, Jeremy Stanley wrote:
> > > Thanks for pulling this into
On Mon, Jan 18, 2021 at 06:04:39PM +, Jeremy Stanley wrote:
> Thanks for pulling this into unstable and testing! Is there any work
> in progress to fix it in stable as well? I took a quick peek in
> Salsa and didn't see any merge requests or an obvious branch for
> Buster's 1.8.2 (just the debi
Package: openafs-client
Version: 1.8.2-1
Severity: grave
Control: clone -1 -2
Control: reassign -2 openafs-fileserver
The Rx RPC stack requires a connection identifier for each new connection a
system initiates. In 2014 support to generate the initial identifier
randomly was added to the core Rx
Hi Robert,
On Mon, Oct 26, 2020 at 07:08:41PM +0100, Robert Senger wrote:
> Package: openafs-modules-dkms
> Version: 1.8.6-3
> Severity: serious
> Tags: ftbfs
> Justification: fails to build from source (but built successfully in the past)
>
> DKMS fails to build module on bullseye with kernel 5.
tags 970258 fixed-upstream
thanks
On Wed, Sep 16, 2020 at 09:27:30AM +0200, Malte Eggers wrote:
> I'm (unsurprisingly) experiencing the same problem on sid. This appears to be
> the relevant section of the make.log
Indeed, this is not surprising -- the patches for kernel 5.8 compatibility
haven'
On Tue, Sep 01, 2020 at 03:43:37PM +0100, Jose M Calhariz wrote:
> Package: openafs-client
> Version: 1.8.6-1~dsi10+1
> Severity: normal
>
> I am using a private backport of openafs from testing. On this server I
> am getting multiples strange errors about openafs cache. This server
> is differe
Hi Jose,
Sorry that I missed this when it first came in.
A couple notes inline, if you still remember much about the original
report...
On Sat, Aug 08, 2020 at 06:32:07PM +0100, Jose M Calhariz wrote:
> Package: openafs-client
> Version: 1.8.6-1~dsi10+1
> Severity: normal
>
> Hi,
>
> I have mad
tags 926321 moreinfo
thanks
On Sat, Apr 06, 2019 at 10:10:57AM -0500, Benjamin Kaduk wrote:
> Hi Paul,
>
> On Wed, Apr 03, 2019 at 01:06:08PM +0100, Paul Martin wrote:
> > Source: openafs
> > Version: 1.6.20-2+deb9u2
> > Severity: normal
> > Tags: patch, ftbfs,
tags 966881 fixed-upstream
thanks
On Mon, Aug 03, 2020 at 10:04:57AM +0200, Lucas Nussbaum wrote:
> Source: openafs
> Version: 1.8.6-1
> Severity: serious
> Justification: FTBFS on amd64
> Tags: bullseye sid ftbfs
> Usertags: ftbfs-20200802 ftbfs-bullseye
>
> Hi,
>
> During a rebuild of all pack
tags 964027 pending fixed-upstream
thanks
On Tue, Jun 30, 2020 at 12:48:41PM -0400, Ryan Kavanagh wrote:
> Package: openafs-modules-dkms
> Version: 1.8.6~pre1-3
> Severity: grave
> Justification: package is not compatible with the current kernel
>
> The package cannot successfully be installed un
On Thu, Apr 30, 2020 at 03:40:30AM +0100, peter green wrote:
> On 29/04/2020 17:47, Jochen Sprickerhof wrote:
> >
> > What I found up to now:
> >
> > - pkg-config=0.29.2-1:
> >
> > $ pkg-config --cflags-only-I libzmq
> > -isystem /usr/include/mit-krb5 -I/usr/include/pgm-5.2
> >
> > - Whereas pk
severity 956358 important
tags 956358 + moreinfo
thanks
On Fri, Apr 10, 2020 at 11:30:10AM +0300, Adrian Bunk wrote:
>
> https://piuparts.debian.org/sid/source/o/openafs.html
>
> ...
> Loading new openafs-1.8.6pre1 DKMS files...
> It is likely that 4.19.0-8-amd64 belongs to a chroot's host
>
On Sat, Feb 29, 2020 at 02:17:49PM +0100, Beatrice Torracca wrote:
> Package: openafs
> Severity: wishlist
> Tags: patch l10n
>
> Hi.
>
> Please find attached the Italian translation of openafs debconf messages
>
>
> Please include it in your next upload.
Thanks, Beatrice, I will do so.
-Ben
On Sun, Feb 09, 2020 at 09:53:26AM +, Witold Baryluk wrote:
> Package: openafs
> Followup-For: Bug #948307
>
> Dear Maintainer,
>
> The 1.8.5-1 fails to compile with kernel 5.3.0-2-amd64:
>
> Setting up openafs-modules-dkms (1.8.5-1) ...
> Loading new openafs-1.8.5 DKMS files...
> It is
On Tue, Dec 10, 2019 at 03:03:02PM +0100, Frédéric Bonnard wrote:
> Package: src:openafs
> Version: 1.8.5-1
>
> --
>
> Dear maintainer,
> thanks for enabling ppc64el. It seems some more changes are needed for
> openafs to build properly :
> https://buildd.debian.org/status/fetch.php?pkg=openafs&a
On Tue, Dec 10, 2019 at 01:19:11PM +0100, Andreas Beckmann wrote:
> Please check my reply on #946497 which is about the same problem in
> zfs-dkms. Perhaps both of you find a solution that will work for the two
> packages.
Thanks for the pointer.
I think that having dkms set CC/etc. appropriately
Hi Andreas,
On Tue, Nov 26, 2019 at 02:38:21AM +0100, Andreas Beckmann wrote:
> Package: openafs-modules-dkms
> Version: 1.8.5-1
> Severity: serious
> Tags: ftbfs
> Justification: fails to build from source
> User: debian...@lists.debian.org
> Usertags: piuparts
>
> Hi,
>
> openafs-modules-dkms/
On Thu, Oct 03, 2019 at 03:03:55PM +0200, Frédéric Bonnard wrote:
> Package: src:openafs
> Version: 1.8.4~pre1-1
>
> --
>
> Dear maintainer,
> is there any reason that openafs isn't built on ppc64el(maybe linux-any) ?
> I tested on ppc64el and with minor modifications (arch verifications in
> deb
On Sun, Aug 25, 2019 at 10:04:30PM -0400, Aaron M. Ucko wrote:
> Package: openafs-modules-source
> Version: 1.8.4~pre1-1
> Severity: normal
>
> Attempting to build modules from openafs-modules-source (or,
> presumably, -dkms) with ctfutils installed fails because the build
> system tries to use ..
severity 934758 important
tags 934758 + fixed-upstream pending
thanks
On Wed, Aug 14, 2019 at 09:53:40AM -0400, Ryan Kavanagh wrote:
> Package: openafs-modules-dkms
> Version: 1.8.2-1
> Severity: grave
> Justification: renders package unusable
>
> The openafs DKMS module fails to build for Linux
On Thu, Aug 08, 2019 at 03:16:31PM +0200, Arne Nordmark wrote:
> Package: openafs-fileserver
> Version: 1.8.2-1
> Severity: normal
>
> The stanza
>
> if [ -r /etc/openafs/server/rxkad.keytab ] ; then
> akeyconvert
> fi
>
> in the postinst will fail if openafs-krb5 is not installed or is of v
On Tue, Jul 23, 2019 at 12:09:29PM -0700, Felix Lechner wrote:
> On Tue, Jul 16, 2019 at 8:07 AM Greg Hudson wrote:
> >
> > Candidate patch here:
>
> Thank you. The update works great, although I now have problems with
> idmap not working on a kerberized NFSv4 mount.
>
> I write with hesitation.
On Fri, Jul 05, 2019 at 07:25:26PM +0300, Martin-Éric Racine wrote:
> It is very much expected to be resolved.
Expected by whom?
> Please see:
>
> https://manpages.debian.org/wheezy/dpkg/dpkg-maintscript-helper.1.en.html
I read most of this; it gives some general guidance that conffiles should
On Wed, Jul 10, 2019 at 04:05:39PM -0400, Sam Hartman wrote:
> Hi.
> In krb5 1.17-4, DES is entirely removed.
>
> src/aklog/aklog.c makes it look like openafs still requires
> des-cbc-crc. If so, please upgrade this bug to RC.
> Kaduk thinks that's probably not the case though.
>
> If not, pleas
On Fri, Jul 05, 2019 at 06:35:20PM +0300, Martin-Éric Racine wrote:
>
> This issue is still not resolved in Buster, which is scheduled to become the
> new STABLE release tomorrow.
To me the bug history implies that it is not expected to be resolved, ever.
Do you think otherwise? If so, what cou
Hi Paul,
On Wed, Apr 03, 2019 at 01:06:08PM +0100, Paul Martin wrote:
> Source: openafs
> Version: 1.6.20-2+deb9u2
> Severity: normal
> Tags: patch, ftbfs, stretch
>
> It would be nice if openafs were to be available on ARM64 architecture
> in Debian Stretch and Ubuntu Bionic.
>
> The OpenStack
On Fri, Oct 05, 2018 at 08:01:04AM +0800, Paul Wise wrote:
>
> The recent upgrade did not deal with obsolete conffiles properly.
> Please use the dpkg-maintscript-helper support provided by
> dh_installdeb to remove these obsolete conffiles on upgrade.
>
> https://www.debian.org/doc/debian-policy
I think I am experiencing the same issue as Thomas Maaß, though I am
not convinced that it is the same behavior as the initial report.
Namely, sometimes the display does not turn on when light-locker should be
prompting for a password (I think I have seen this both when returning from
hibernation a
On Tue, Sep 11, 2018 at 10:02:20PM +0200, Salvatore Bonaccorso wrote:
> Hey!
>
> On Tue, Sep 11, 2018 at 02:30:51PM -0500, Benjamin Kaduk wrote:
> > Source: openafs
> > Version: 1.6.9-2+deb8u7
> > Tags: security
> > Severity: serious
> >
> > OpenAFS u
Source: openafs
Version: 1.6.9-2+deb8u7
Tags: security
Severity: serious
OpenAFS upstream released security releases 1.6.23 and 1.8.2 today, fixing:
http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt
http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt
http://openafs.org/pages/security
(ditto)
On Wed, May 30, 2018 at 11:18:11AM -0500, Benjamin Kaduk wrote:
> (resetting autoremoval timer)
>
> On Fri, May 11, 2018 at 12:44:01PM -0500, Benjamin Kaduk wrote:
> > ping?
> >
> > I cannot reproduce locally either on bare metal or in schroot.
> >
(resetting autoremoval timer)
On Fri, May 11, 2018 at 12:44:01PM -0500, Benjamin Kaduk wrote:
> ping?
>
> I cannot reproduce locally either on bare metal or in schroot.
>
> -Ben
>
> On Fri, May 04, 2018 at 09:15:51AM -0500, Benjamin Kaduk wrote:
> > Hi Lucas,
>
ping?
I cannot reproduce locally either on bare metal or in schroot.
-Ben
On Fri, May 04, 2018 at 09:15:51AM -0500, Benjamin Kaduk wrote:
> Hi Lucas,
>
> On Wed, May 02, 2018 at 10:52:53PM +0200, Lucas Nussbaum wrote:
> >
> > During a rebuild of all packages in sid, y
On Tue, May 08, 2018 at 09:28:08AM -0400, Sam Hartman wrote:
> Benjamin> Now, we have getrandom(), which is a great API and is
> Benjamin> pretty much exactly what you want (again, at least in this
> Benjamin> worldview). IIUC Ted says that you should "just use
> Benjamin> getrando
On Mon, May 07, 2018 at 05:10:27PM +0100, Ben Hutchings wrote:
> On Mon, 2018-05-07 at 11:57 -0400, Sam Hartman wrote:
>
> There are basically three "strengths" of random numbers available now:
>
> Weak: /dev/urandom
> Medium: getrandom(flags=0)
> Strong: /dev/random, getrandom(flags=GRND_RANDO
On Sun, May 06, 2018 at 07:05:56PM -0700, Russ Allbery wrote:
> Benjamin Kaduk writes:
> > On Sun, May 06, 2018 at 08:43:13PM +0100, Ben Hutchings wrote:
> >> On Sun, 2018-05-06 at 14:02 -0500, Benjamin Kaduk wrote:
>
> >>> Arguably more preferable would
On Sun, May 06, 2018 at 08:43:13PM +0100, Ben Hutchings wrote:
> On Sun, 2018-05-06 at 14:02 -0500, Benjamin Kaduk wrote:
> > Hi Ben,
> >
> > On Sun, May 06, 2018 at 06:56:08PM +0100, Ben Hutchings wrote:
> > > I've cloned this bug as #898073 and reassigned
Hi Ben,
On Sun, May 06, 2018 at 06:56:08PM +0100, Ben Hutchings wrote:
> I've cloned this bug as #898073 and reassigned that to krb5.
>
> krb5 is using the new(ish) getrandom() system call to read random bits,
> with the code comment "This ensures strong randomness while only
> blocking during fi
Hi Lucas,
On Wed, May 02, 2018 at 10:52:53PM +0200, Lucas Nussbaum wrote:
>
> During a rebuild of all packages in sid, your package failed to build on
> amd64.
>
> Relevant part (hopefully):
> > rx/perf.ok
> > volser/vos-man..ok
> > volser/vos..FAILED 5
> > bu
On Sun, Feb 18, 2018 at 08:18:48PM +, Adam D. Barratt wrote:
> Control: tags -1 + pending
>
> Uploaded and flagged for acceptance.
Thanks!
> On a side note, the diff as uploaded reverts a couple of bug closures
> from the previous security upload:
>
> openafs (1.6.9-2+deb8u6) jessie-securi
On Thu, Jan 25, 2018 at 09:21:48AM -0800, deb...@lewenberg.com wrote:
>
> The patch you provide works fine with jessie and the 1.6.9 source
> packages. However, I cannot get it to work with wheezy.
>
> I compile the openafs source package against wheezy and the compilation
> completes without e
The SRU request for jessie is in #887857.
I don't think there is a way to get a fix into jessie-backports, so
I think we will need to remove openafs-modules-source and
openafs-modules-dkms from jessie-backports and pull the version from
buster into jessie-backports-sloppy (which will be a trip thr
penafs (1.6.9-2+deb8u7) jessie-proposed-updates; urgency=high
+
+ * Apply upstream patches needed to fix kernel module build against
+linux 3.16.51-3+deb8u1 kernels after security update-induced ABI changes.
+(Closes: #886719)
+
+ -- Benjamin Kaduk Sat, 20 Jan 2018 11:48:09 -0600
+
o
Hi Erik
On Fri, Jan 19, 2018 at 08:46:11PM +0100, Pfannenstein Erik wrote:
> Hi Ben,
>
> thanks for pointing this out, but I can't find any changes between the
> revision I attached to my report and 1.8.0-pre4 (apart from the ones I made).
Oh, sorry for making you do the extra work, but thanks
On Thu, Jan 18, 2018 at 10:24:40PM +0100, Pfannenstein Erik wrote:
> Package: openafs
> Version: 1.6.21-3
Thanks for the update. We did recently take a big update, to
1.8.0~pre4-1, if you have a chance to look at the changes it
introduced.
-Ben
signature.asc
Description: PGP signature
On Sun, Jan 14, 2018 at 06:45:08PM +, Debian Bug Tracking System wrote:
> Processing commands for cont...@bugs.debian.org:
>
> > severity 886768 serious
Could you say a bit more about why you feel that all binary packages
from src:openafs should be subject to autoremoval when only the
functio
reassign 887018 src:openafs
severity 887018 important
merge 886719 887018
retitle 886719 meltdown/spectre kernel (old)stable-security kernel breaks
openafs module
thanks
On Fri, Jan 12, 2018 at 09:29:52AM -0600, Chad Seys wrote:
> Package: openafs-modules-dkms
> Version: 1.6.18.2-1~bpo8+1
> Sever
Hi folks,
Thanks for all the interest and proposed patches.
I just want to note that the openafs fix will need to go through as
a SRU (Stable Release Update), which requires preapproval from the
stable release managers, and will not actually appear in
stable/oldstable until the next point release.
On Tue, Jan 09, 2018 at 02:40:23PM -0800, Adam Lewenberg wrote:
> Package: openafs-modules-dkms
> Version: 1.6.9-2+deb8u4~bpo70+1
> Severity: important
>
> After upgrading wheezy kernel to 3.2.0-5-amd64 openafs-modules-dkms could not
> rebuild
> OpenAFS kernel module.
>
> Here is the error mess
Hi Aaron,
On Mon, Jan 08, 2018 at 08:14:11PM -0500, Aaron M. Ucko wrote:
> Source: openafs
> Version: 1.8.0~pre4-1
> Severity: important
> Tags: upstream
> Justification: fails to build from source (but built successfully in the past)
> User: debian-al...@lists.debian.org
> Usertags: alpha
>
> Hi
On Sun, Dec 17, 2017 at 04:28:36PM +0100, Yves-Alexis Perez wrote:
> On Sat, 2017-12-16 at 09:40 -0600, Benjamin Kaduk wrote:
> > After my latest upgrade/reboot, the behavior of lightdm has changed.
> > Previously, on fresh boot and lock screen I would be
> > presented wit
Package: lightdm-gtk-greeter
Version: 2.0.3-1
After my latest upgrade/reboot, the behavior of lightdm has changed.
Previously, on fresh boot and lock screen I would be
presented with a username/password entry dialog with empty username,
empty password, and focus on username. The new behavior has
On Thu, Dec 14, 2017 at 08:38:49PM -0500, Aaron M. Ucko wrote:
> Source: openafs
> Version: 1.6.22-2
> Severity: important
> Tags: upstream
>
> Thanks for looking into #884276. The module now builds successfully,
> but encounters an Oops on load, as detailed below. The issue appears
> to be that
tags 884276 pending upstream fixed-upstream
thanks
Hi Andreas,
Upstream has a fix queued, but it got bumped by last week's security
release (1.6.22) and the release containing it is not out yet.
But it's easy enough to pull the patches in locally until that
happens.
Thanks,
Ben
tags 883916 pending
thanks
Hi Lev,
On Sat, Dec 09, 2017 at 03:25:12PM +0500, Lev Lamberov wrote:
>
> Dear Maintainer,
>
> please find attached the updated Russian debconf translation for openafs.
Thanks! I've put it into our version control so it should appear in
the next upload.
-Ben
Source: openafs
Version: 1.6.1-3+deb7u7
Tags: security upstream fixed-upstream pending
Severity: important
Upstream OpenAFS released security advisory OPENAFS-SA-2017-001
today; insufficient validation of data contained in Rx ack packets
leads to the use of an invalid MTU value, ultimately leading
On Sun, Nov 19, 2017 at 07:07:45PM -0500, Sam Hartman wrote:
>
> Why do you want to replace krb5-config with pkg-config?
> That seems like a good option if we can sell upstream on the idea, but
> something requiring more thought otherwise.
I believe we can consider upstream sold.
pkg-config is t
On Mon, Nov 13, 2017 at 10:51:10AM -0800, Russ Allbery wrote:
>
> I'm not sure how best to fix this other than no longer using krb5-config
> and shipping a pkgconfig script or something. One could move the
> krb5-config script into an architecture-specific directory, but that just
> moves the pro
On Sun, Oct 29, 2017 at 01:02:56PM +0100, Salvatore Bonaccorso wrote:
> Hi
>
> On Fri, Oct 27, 2017 at 08:25:04PM -0500, Benjamin Kaduk wrote:
> > I think upstream actually did the backport earlier today, already.
>
> I retitled the bug (Red Hat has assigned a CVE f
I think upstream actually did the backport earlier today, already.
-Ben
tags 871698 upstream pending
thanks
Upstream has committed a patch to use dynamic allocation to master at
https://github.com/krb5/krb5/pull/707 .
The backport is not entirely trivial, but we should be able to get
a version in (whether our own or upstream's) fairly soon.
-Ben
1 - 100 of 322 matches
Mail list logo
