forked from pool/openafs
- update to pre-release 1.8.3pre1
* fix builds for Linux-kernels 4.20 and 5.0 * other fixes, see RELNOTES-1.8.3pre1 OBS-URL: https://build.opensuse.org/package/show/filesystems/openafs?expand=0&rev=34
This commit is contained in:
parent
76b05411fa
commit
25f10a55af
@ -1,34 +0,0 @@
|
||||
User-Visible OpenAFS Changes
|
||||
|
||||
OpenAFS 1.8.2
|
||||
|
||||
All platforms
|
||||
|
||||
* Fix OPENAFS-SA-2018-002: information leakage in RPC output variables
|
||||
Various RPC routines did not always initialize all output fields,
|
||||
exposing memory contents to network attackers. The relevant RPCs include
|
||||
an AFSCB_ RPC, so cache managers are affected as well as servers.
|
||||
|
||||
All server platforms
|
||||
|
||||
* Fix OPENAFS-SA-2018-003: denial of service due to excess resource consumption
|
||||
Various RPCs were defined as allowing unbounded arrays as input, allowing
|
||||
an unauthenticated attacker to cause excess memory allocation and tie up
|
||||
network bandwidth by sending (or claiming to send) large input arrays.
|
||||
|
||||
* Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc
|
||||
On systems using the in-tree backup system, the butc process was running
|
||||
with administrative credentials, but accepted incoming RPCs over
|
||||
unauthenticated connections; these incoming RPCs in turn triggered
|
||||
outgoing RPCs using the administrative credentials. Unauthenticated
|
||||
attackers could construct volue dumps containing arbitrary contents
|
||||
and cause these dumps to be restored and overwrite arbitrary volume
|
||||
contents; afterward, the backup database could be restored to its
|
||||
initial state, hiding evidence of the unauthorized changes.
|
||||
|
||||
Running butc with -localauth now requires authenticated incoming
|
||||
connections, and the backup utility makes authenticated connections to
|
||||
the butc. Audit capabilities have been added to the butc RPC handlers.
|
||||
Command-line arguments are provided to retain the (insecure) historical
|
||||
behavior until all systems have been upgraded.
|
||||
|
59
RELNOTES-1.8.3pre1
Normal file
59
RELNOTES-1.8.3pre1
Normal file
@ -0,0 +1,59 @@
|
||||
User-Visible OpenAFS Changes
|
||||
|
||||
OpenAFS 1.8.3 (in progress)
|
||||
|
||||
All platforms
|
||||
|
||||
* Improved diagnostics and error messages (13186 13411 13417)
|
||||
|
||||
* Avoid sending RX packets with random garbage in the userStatus field
|
||||
(13332)
|
||||
|
||||
* Fixed detection of the RX initialization status (13416)
|
||||
|
||||
* Assorted fixes to avoid segmentation faults and other potential problems
|
||||
by detecting internal errors rather than letting them go unnoticed
|
||||
(13329 13372)
|
||||
|
||||
All server platforms
|
||||
|
||||
* Fixed a build problem accidentally introduced in release 1.8.2 (13328)
|
||||
|
||||
* Assorted efficiency improvements in the ubik implementation (13153 13218
|
||||
13188 13353)
|
||||
|
||||
* Fixed locking around transaction list processing in volserver to avoid
|
||||
segmentation faults and other potential problems (13336 13337)
|
||||
|
||||
* When the volserver attempts to remove a temporary volume after a
|
||||
transaction, but the volume was already removed, e.g., by the salvager,
|
||||
this is no longer treated as an error (13235)
|
||||
|
||||
All client platforms
|
||||
|
||||
* Update the CellServDB to the latest version from grand.central.org from
|
||||
May 14th 2018 (13409)
|
||||
|
||||
* Avoid a panic during cache initialization when allocating the required
|
||||
memory fails (13307)
|
||||
|
||||
* Add back the packet counters and timestamps to "vos status" output
|
||||
which had been missing since release 1.8.0 (13421)
|
||||
|
||||
* Correctly handle errors encountered while reading data from the server
|
||||
and writing it to the cache, e.g., due to a full cache partition (13443)
|
||||
|
||||
* Avoid a panic due to a recoverable error while flushing cache items
|
||||
(13503)
|
||||
|
||||
Linux clients
|
||||
|
||||
* Support mainline kernels 4.20 and 5.0 and distribution kernels with
|
||||
backports from those (13405 13406 13440 13441 13442)
|
||||
|
||||
* DKMS-related fixes in Red Hat packaging (13438 13479)
|
||||
|
||||
macOS
|
||||
|
||||
* Support building and packaging on macOS 10.14 "Mojave" (13412 13413)
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:b9b6ae396952b888192bc3e70d11b13779f8af16965ea8a003cb5f98abb7c826
|
||||
size 3801937
|
@ -1 +0,0 @@
|
||||
3661375b0925446416c09a97c605acbf /home/kaduk/openafs/1.8.2/openafs-1.8.2-doc.tar.bz2
|
@ -1 +0,0 @@
|
||||
b9b6ae396952b888192bc3e70d11b13779f8af16965ea8a003cb5f98abb7c826 openafs-1.8.2-doc.tar.bz2
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:25fd3e4261a72a2cbdd40367e5f981895d80c32aaf309a5842aecc739dd3138e
|
||||
size 15109003
|
@ -1 +0,0 @@
|
||||
19f97a11b13e6da51a6dac56d1c42289 /home/kaduk/openafs/1.8.2/openafs-1.8.2-src.tar.bz2
|
@ -1 +0,0 @@
|
||||
25fd3e4261a72a2cbdd40367e5f981895d80c32aaf309a5842aecc739dd3138e openafs-1.8.2-src.tar.bz2
|
3
openafs-1.8.3pre1-doc.tar.bz2
Normal file
3
openafs-1.8.3pre1-doc.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:495e09a585a63e645437ecf42d43d2cfde3874de6e9c1d90cc7e41deb6309acd
|
||||
size 3846539
|
1
openafs-1.8.3pre1-doc.tar.bz2.md5
Normal file
1
openafs-1.8.3pre1-doc.tar.bz2.md5
Normal file
@ -0,0 +1 @@
|
||||
c0f7a24287d38d48445dac2d59abcd85 openafs-1.8.3pre1-doc.tar.bz2
|
1
openafs-1.8.3pre1-doc.tar.bz2.sha256
Normal file
1
openafs-1.8.3pre1-doc.tar.bz2.sha256
Normal file
@ -0,0 +1 @@
|
||||
495e09a585a63e645437ecf42d43d2cfde3874de6e9c1d90cc7e41deb6309acd openafs-1.8.3pre1-doc.tar.bz2
|
3
openafs-1.8.3pre1-src.tar.bz2
Normal file
3
openafs-1.8.3pre1-src.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:95aa3fa70117f34f52a03cdb8abdd99db84850c4fb1067ac7202b049e7f64c2e
|
||||
size 15080848
|
1
openafs-1.8.3pre1-src.tar.bz2.md5
Normal file
1
openafs-1.8.3pre1-src.tar.bz2.md5
Normal file
@ -0,0 +1 @@
|
||||
f10b5048d256914d401c5b44f1533263 openafs-1.8.3pre1-src.tar.bz2
|
1
openafs-1.8.3pre1-src.tar.bz2.sha256
Normal file
1
openafs-1.8.3pre1-src.tar.bz2.sha256
Normal file
@ -0,0 +1 @@
|
||||
95aa3fa70117f34f52a03cdb8abdd99db84850c4fb1067ac7202b049e7f64c2e openafs-1.8.3pre1-src.tar.bz2
|
@ -1,3 +1,10 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 14 08:37:04 UTC 2019 - Christof Hanke <christof.hanke@mpcdf.mpg.de>
|
||||
|
||||
- update to pre-release 1.8.3pre1
|
||||
* fix builds for Linux-kernels 4.20 and 5.0
|
||||
* other fixes, see RELNOTES-1.8.3pre1
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 16 11:28:27 UTC 2019 - christof.hanke@mpcdf.mpg.de
|
||||
|
||||
|
21
openafs.spec
21
openafs.spec
@ -56,27 +56,27 @@
|
||||
|
||||
# used for %setup only
|
||||
# leave upstream tar-balls untouched for integrity checks.
|
||||
%define upstream_version 1.8.2
|
||||
%define upstream_version 1.8.3pre1
|
||||
|
||||
Name: openafs
|
||||
|
||||
Version: 1.8.2
|
||||
Version: 1.8.3~pre1
|
||||
Release: 0
|
||||
Summary: OpenAFS Distributed File System
|
||||
License: IPL-1.0
|
||||
Group: System/Filesystems
|
||||
Url: http://www.openafs.org/
|
||||
|
||||
Source0: openafs-%{version}-src.tar.bz2
|
||||
Source1: openafs-%{version}-doc.tar.bz2
|
||||
Source2: openafs-%{version}-src.tar.bz2.md5
|
||||
Source3: openafs-%{version}-doc.tar.bz2.md5
|
||||
Source4: openafs-%{version}-src.tar.bz2.sha256
|
||||
Source5: openafs-%{version}-doc.tar.bz2.sha256
|
||||
Source0: openafs-%{upstream_version}-src.tar.bz2
|
||||
Source1: openafs-%{upstream_version}-doc.tar.bz2
|
||||
Source2: openafs-%{upstream_version}-src.tar.bz2.md5
|
||||
Source3: openafs-%{upstream_version}-doc.tar.bz2.md5
|
||||
Source4: openafs-%{upstream_version}-src.tar.bz2.sha256
|
||||
Source5: openafs-%{upstream_version}-doc.tar.bz2.sha256
|
||||
Source10: README.SUSE.openafs
|
||||
Source15: logrotate.openafs-server
|
||||
Source16: ld.conf.openafs
|
||||
Source18: RELNOTES-%{version}
|
||||
Source18: RELNOTES-%{upstream_version}
|
||||
Source19: ChangeLog
|
||||
Source20: kernel-source.build-modules.sh
|
||||
Source22: sysconfig.openafs-fuse-client
|
||||
@ -98,8 +98,6 @@ Patch3: dir_layout.patch
|
||||
Patch4: openafs-1.8.x.ncurses6.patch
|
||||
# PATCH-SUSE-SPECIFIC make KMP work again
|
||||
Patch5: add_arch_to_linux_kernel_make.patch
|
||||
# PATCH-BACKPORT-FROM-UPSTREAM make KMP build for kernel 4.20
|
||||
Patch6: Linux-4.20.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
#
|
||||
@ -309,7 +307,6 @@ done
|
||||
%setup -q -n openafs-%{upstream_version} -T -b 0 -b 1
|
||||
%patch3 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
|
||||
%if %{run_regen}
|
||||
%patch4 -p1
|
||||
|
Loading…
Reference in New Issue
Block a user