SHA256
1
0
forked from pool/openafs

- update to pre-release 1.8.3pre1

* fix builds for Linux-kernels 4.20 and 5.0 
  * other fixes, see RELNOTES-1.8.3pre1

OBS-URL: https://build.opensuse.org/package/show/filesystems/openafs?expand=0&rev=34
This commit is contained in:
Christof Hanke 2019-03-14 08:42:07 +00:00 committed by Git OBS Bridge
parent 76b05411fa
commit 25f10a55af
17 changed files with 1252 additions and 561 deletions

1672
ChangeLog

File diff suppressed because it is too large Load Diff

View File

@ -1,34 +0,0 @@
User-Visible OpenAFS Changes
OpenAFS 1.8.2
All platforms
* Fix OPENAFS-SA-2018-002: information leakage in RPC output variables
Various RPC routines did not always initialize all output fields,
exposing memory contents to network attackers. The relevant RPCs include
an AFSCB_ RPC, so cache managers are affected as well as servers.
All server platforms
* Fix OPENAFS-SA-2018-003: denial of service due to excess resource consumption
Various RPCs were defined as allowing unbounded arrays as input, allowing
an unauthenticated attacker to cause excess memory allocation and tie up
network bandwidth by sending (or claiming to send) large input arrays.
* Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc
On systems using the in-tree backup system, the butc process was running
with administrative credentials, but accepted incoming RPCs over
unauthenticated connections; these incoming RPCs in turn triggered
outgoing RPCs using the administrative credentials. Unauthenticated
attackers could construct volue dumps containing arbitrary contents
and cause these dumps to be restored and overwrite arbitrary volume
contents; afterward, the backup database could be restored to its
initial state, hiding evidence of the unauthorized changes.
Running butc with -localauth now requires authenticated incoming
connections, and the backup utility makes authenticated connections to
the butc. Audit capabilities have been added to the butc RPC handlers.
Command-line arguments are provided to retain the (insecure) historical
behavior until all systems have been upgraded.

59
RELNOTES-1.8.3pre1 Normal file
View File

@ -0,0 +1,59 @@
User-Visible OpenAFS Changes
OpenAFS 1.8.3 (in progress)
All platforms
* Improved diagnostics and error messages (13186 13411 13417)
* Avoid sending RX packets with random garbage in the userStatus field
(13332)
* Fixed detection of the RX initialization status (13416)
* Assorted fixes to avoid segmentation faults and other potential problems
by detecting internal errors rather than letting them go unnoticed
(13329 13372)
All server platforms
* Fixed a build problem accidentally introduced in release 1.8.2 (13328)
* Assorted efficiency improvements in the ubik implementation (13153 13218
13188 13353)
* Fixed locking around transaction list processing in volserver to avoid
segmentation faults and other potential problems (13336 13337)
* When the volserver attempts to remove a temporary volume after a
transaction, but the volume was already removed, e.g., by the salvager,
this is no longer treated as an error (13235)
All client platforms
* Update the CellServDB to the latest version from grand.central.org from
May 14th 2018 (13409)
* Avoid a panic during cache initialization when allocating the required
memory fails (13307)
* Add back the packet counters and timestamps to "vos status" output
which had been missing since release 1.8.0 (13421)
* Correctly handle errors encountered while reading data from the server
and writing it to the cache, e.g., due to a full cache partition (13443)
* Avoid a panic due to a recoverable error while flushing cache items
(13503)
Linux clients
* Support mainline kernels 4.20 and 5.0 and distribution kernels with
backports from those (13405 13406 13440 13441 13442)
* DKMS-related fixes in Red Hat packaging (13438 13479)
macOS
* Support building and packaging on macOS 10.14 "Mojave" (13412 13413)

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b9b6ae396952b888192bc3e70d11b13779f8af16965ea8a003cb5f98abb7c826
size 3801937

View File

@ -1 +0,0 @@
3661375b0925446416c09a97c605acbf /home/kaduk/openafs/1.8.2/openafs-1.8.2-doc.tar.bz2

View File

@ -1 +0,0 @@
b9b6ae396952b888192bc3e70d11b13779f8af16965ea8a003cb5f98abb7c826 openafs-1.8.2-doc.tar.bz2

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:25fd3e4261a72a2cbdd40367e5f981895d80c32aaf309a5842aecc739dd3138e
size 15109003

View File

@ -1 +0,0 @@
19f97a11b13e6da51a6dac56d1c42289 /home/kaduk/openafs/1.8.2/openafs-1.8.2-src.tar.bz2

View File

@ -1 +0,0 @@
25fd3e4261a72a2cbdd40367e5f981895d80c32aaf309a5842aecc739dd3138e openafs-1.8.2-src.tar.bz2

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:495e09a585a63e645437ecf42d43d2cfde3874de6e9c1d90cc7e41deb6309acd
size 3846539

View File

@ -0,0 +1 @@
c0f7a24287d38d48445dac2d59abcd85 openafs-1.8.3pre1-doc.tar.bz2

View File

@ -0,0 +1 @@
495e09a585a63e645437ecf42d43d2cfde3874de6e9c1d90cc7e41deb6309acd openafs-1.8.3pre1-doc.tar.bz2

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:95aa3fa70117f34f52a03cdb8abdd99db84850c4fb1067ac7202b049e7f64c2e
size 15080848

View File

@ -0,0 +1 @@
f10b5048d256914d401c5b44f1533263 openafs-1.8.3pre1-src.tar.bz2

View File

@ -0,0 +1 @@
95aa3fa70117f34f52a03cdb8abdd99db84850c4fb1067ac7202b049e7f64c2e openafs-1.8.3pre1-src.tar.bz2

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Mar 14 08:37:04 UTC 2019 - Christof Hanke <christof.hanke@mpcdf.mpg.de>
- update to pre-release 1.8.3pre1
* fix builds for Linux-kernels 4.20 and 5.0
* other fixes, see RELNOTES-1.8.3pre1
------------------------------------------------------------------- -------------------------------------------------------------------
Wed Jan 16 11:28:27 UTC 2019 - christof.hanke@mpcdf.mpg.de Wed Jan 16 11:28:27 UTC 2019 - christof.hanke@mpcdf.mpg.de

View File

@ -56,27 +56,27 @@
# used for %setup only # used for %setup only
# leave upstream tar-balls untouched for integrity checks. # leave upstream tar-balls untouched for integrity checks.
%define upstream_version 1.8.2 %define upstream_version 1.8.3pre1
Name: openafs Name: openafs
Version: 1.8.2 Version: 1.8.3~pre1
Release: 0 Release: 0
Summary: OpenAFS Distributed File System Summary: OpenAFS Distributed File System
License: IPL-1.0 License: IPL-1.0
Group: System/Filesystems Group: System/Filesystems
Url: http://www.openafs.org/ Url: http://www.openafs.org/
Source0: openafs-%{version}-src.tar.bz2 Source0: openafs-%{upstream_version}-src.tar.bz2
Source1: openafs-%{version}-doc.tar.bz2 Source1: openafs-%{upstream_version}-doc.tar.bz2
Source2: openafs-%{version}-src.tar.bz2.md5 Source2: openafs-%{upstream_version}-src.tar.bz2.md5
Source3: openafs-%{version}-doc.tar.bz2.md5 Source3: openafs-%{upstream_version}-doc.tar.bz2.md5
Source4: openafs-%{version}-src.tar.bz2.sha256 Source4: openafs-%{upstream_version}-src.tar.bz2.sha256
Source5: openafs-%{version}-doc.tar.bz2.sha256 Source5: openafs-%{upstream_version}-doc.tar.bz2.sha256
Source10: README.SUSE.openafs Source10: README.SUSE.openafs
Source15: logrotate.openafs-server Source15: logrotate.openafs-server
Source16: ld.conf.openafs Source16: ld.conf.openafs
Source18: RELNOTES-%{version} Source18: RELNOTES-%{upstream_version}
Source19: ChangeLog Source19: ChangeLog
Source20: kernel-source.build-modules.sh Source20: kernel-source.build-modules.sh
Source22: sysconfig.openafs-fuse-client Source22: sysconfig.openafs-fuse-client
@ -98,8 +98,6 @@ Patch3: dir_layout.patch
Patch4: openafs-1.8.x.ncurses6.patch Patch4: openafs-1.8.x.ncurses6.patch
# PATCH-SUSE-SPECIFIC make KMP work again # PATCH-SUSE-SPECIFIC make KMP work again
Patch5: add_arch_to_linux_kernel_make.patch Patch5: add_arch_to_linux_kernel_make.patch
# PATCH-BACKPORT-FROM-UPSTREAM make KMP build for kernel 4.20
Patch6: Linux-4.20.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
# #
@ -309,7 +307,6 @@ done
%setup -q -n openafs-%{upstream_version} -T -b 0 -b 1 %setup -q -n openafs-%{upstream_version} -T -b 0 -b 1
%patch3 -p1 %patch3 -p1
%patch5 -p1 %patch5 -p1
%patch6 -p1
%if %{run_regen} %if %{run_regen}
%patch4 -p1 %patch4 -p1