pool/openafs
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 742532 from filesystems

Browse Source 
security update 1.8.5

OBS-URL: https://build.opensuse.org/request/show/742532
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openafs?expand=0&rev=15
This commit is contained in:
Dominique Leuenberger 2019-10-24 21:10:51 +00:00 committed by Git OBS Bridge
commit 4b8b14656c
17 changed files with 204 additions and 1862 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1917
ChangeLog
View File

File diff suppressed because it is too large Load Diff

90
RELNOTES-1.8.4
View File

@ -1,90 +0,0 @@
User-Visible OpenAFS Changes
OpenAFS 1.8.4
All platforms
Build system updates to remove obsolete autoconf macros and remove missing
script warning during builds (13480, 13481, 13482, 13483, 13484, 13486,
13789, 13790).
Build system update to fix a conditional check in the pthread.m4 autoconf
file (13595)
Build system update to create the man3 subdirectory, fixing a
reported build failure (13535).
Remove the last reference to src/mcas in the documentation (13558).
All server platforms
Fix fileserver's parsing of the options -vlruthresh, -vlruinterval,
-vlrumax and -novbc (13680).
Fixes to make ptserver's behaviour when run in restricted mode consistent
with the documentation: Non-members of the system:administrators group
are no longer allowed to issue the adduser, setfields and delete pts
commands, and all members of system:administrators are now allowed to
issue pts commands in this mode, not just the admin principal (13686..88).
All client platforms
Fix missing Rx call clean-up after failing to read dcaches from a file
server (13511).
Fix an Rx call leak for calls aborted by a connection abort after the call
was initialized but before use (13517).
Remove the obsolete afs_xosi lock to remove unnecessary serialization of
VOP_GETATTR calls. This can lead to improved performance under heavy
workloads (13529).
Increase the size of the Directory Name Lookup Cache (DNLC) to improve
cache performance (13559).
Fix getting tokens for cells with a three character name (13679).
Avoid a misleading message about the cell being used when aklog is run
with the -cell parameter but the AFSCELL environment variable is set to
a different cell (13676).
Build system update to honor the CFLAGS environment variable when building
libuafs (13544).
Linux
Support for mainline kernels up to 5.3 (13787, 13789).
More fixes for improper use of ENOENT fixes to avoid incorrect use of linux
negative dentry cache, which can lead to false ENOENT errors (13542, 13543,
13590, 13692) (RT #134904).
Return errors instead of returning incomplete directory listings when the
directory objects are incomplete in the cache (13591).
Add ppc64le_linux26 sysname for the ppc64le architecture (13636, 13637,
13589).
Fix configure check for a kernel time function in order to build on
Linux 5.0 (13523).
RPM packaging update for RHEL8 adding a build requirement to ensure the
kernel module can be built from the SRPM (13563) (RT #134900).
On systemd based RHEL/Fedora systems, start the client after dkms startup
is finished if the latter is installed and enabled, to avoid attempting
starts without the kernel module being available yet (13674) (RT #134974).
MacOS
Build system updates for MacOS (13584).
Solaris
Add CTF debugging records to userspace objects to improve debugging
of servers (13487).
Convert the cache manager vnodes to be non-embebbed on Solaris 11 in order
to make the cache manager more resilient across Solaris 11 changes (13524,
13525, 13526, 13527, 13528).

29
RELNOTES-1.8.5 Normal file
View File

@ -0,0 +1,29 @@
User-Visible OpenAFS Changes
OpenAFS 1.8.5
All platforms
* Fix OPENAFS-SA-2019-001: information leakage in failed RPC output
Generated RPC handler routines ran output variables through XDR encoding
even when the call had failed and would shortly be aborted (and for
which uninitialized output variables is common); any complete packets
assembled in the process would be sent to the peer, leaking the contents
of the uninitialized memory in question.
* Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars
Generated RPC handler routines did not initialize output variables of
scalar (fixed-length) type, since they did not require dedicated logic to
free. Such variables allocated on the stack could remain uninitialized
in some cases (including those affected by OPENAFS-SA-2019-001), and the
contents of uninitialized memory would be returned to the peer.
All server platforms
* Fix OPENAFS-SA-2019-003: fix crash in database servers
The ubik debugging RPCs prioritize being fast and non-disruptive to
database operations over strict correctness, and do not adhere to the
usual locking protocol for data access. A data race could cause a NULL
dereference if the second memory load was not optimized out by the
compiler.

3
openafs-1.8.4-doc.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:30ac5ec5030845d2d435a7c85a6e7f23e929d49be5a2f53d0a0b7af86d141827
size 3846752

1
openafs-1.8.4-doc.tar.bz2.md5
View File

@ -1 +0,0 @@
6f336bc7fb0ddc13ce896f4283bc6564 openafs-1.8.4-doc.tar.bz2

1
openafs-1.8.4-doc.tar.bz2.sha256
View File

@ -1 +0,0 @@
30ac5ec5030845d2d435a7c85a6e7f23e929d49be5a2f53d0a0b7af86d141827 openafs-1.8.4-doc.tar.bz2

3
openafs-1.8.4-src.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b18a654b8224bbefcff4e63ead312da2754aca17943ded60b9475062b506639a
size 15067929

1
openafs-1.8.4-src.tar.bz2.md5
View File

@ -1 +0,0 @@
bf25489158158653982b19228e62eef2 openafs-1.8.4-src.tar.bz2

1
openafs-1.8.4-src.tar.bz2.sha256
View File

@ -1 +0,0 @@
b18a654b8224bbefcff4e63ead312da2754aca17943ded60b9475062b506639a openafs-1.8.4-src.tar.bz2

3
openafs-1.8.5-doc.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3abab824485429674b8f60b228c35d77667f55ca2848388356ee4581811daf22
size 3801635

1
openafs-1.8.5-doc.tar.bz2.md5 Normal file
View File

@ -0,0 +1 @@
313dc4d38e5fffbbb6322d90c10c7292 /home/kaduk/openafs/1.8.5/openafs-1.8.5-doc.tar.bz2

1
openafs-1.8.5-doc.tar.bz2.sha256 Normal file
View File

@ -0,0 +1 @@
3abab824485429674b8f60b228c35d77667f55ca2848388356ee4581811daf22 openafs-1.8.5-doc.tar.bz2

3
openafs-1.8.5-src.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:eeded68f238be2d6fc37522b7feae5e0b1ea9815b90ea5da91e5d43e00b28523
size 15089716

1
openafs-1.8.5-src.tar.bz2.md5 Normal file
View File

@ -0,0 +1 @@
3c41e2a512a41eb9ee3377339fb9d6d0 /home/kaduk/openafs/1.8.5/openafs-1.8.5-src.tar.bz2

1
openafs-1.8.5-src.tar.bz2.sha256 Normal file
View File

@ -0,0 +1 @@
eeded68f238be2d6fc37522b7feae5e0b1ea9815b90ea5da91e5d43e00b28523 openafs-1.8.5-src.tar.bz2

8
openafs.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Wed Oct 23 13:48:04 UTC 2019 - Christof Hanke <christof.hanke@mpcdf.mpg.de>
- update to security-release 1.8.5, adresses:
* OPENAFS-SA-2019-001: Skip server OUT args on error
* OPENAFS-SA-2019-002: Zero all server RPC args
* OPENAFS-SA-2019-003: ubik: Avoid unlocked ubik_currentTrans deref
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Oct 10 09:10:27 UTC 2019 - Christof Hanke <christof.hanke@mpcdf.mpg.de> Thu Oct 10 09:10:27 UTC 2019 - Christof Hanke <christof.hanke@mpcdf.mpg.de>

4
openafs.spec
View File

@ -57,11 +57,11 @@
# used for %setup only # used for %setup only
# leave upstream tar-balls untouched for integrity checks. # leave upstream tar-balls untouched for integrity checks.
%define upstream_version 1.8.4 %define upstream_version 1.8.5
Name: openafs Name: openafs
Version: 1.8.4 Version: 1.8.5
Release: 0 Release: 0
Summary: OpenAFS Distributed File System Summary: OpenAFS Distributed File System
License: IPL-1.0 License: IPL-1.0