Navigation:
Browse pkgsrc
(this page)
filesystems openafs
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2024-11-15 19:14:42 by Jonathan A. Kollasch | Files touched by this commit (2) |  |
Log message:
update openafs to 1.8.13:
User-Visible OpenAFS Changes
OpenAFS 1.8.13
All client platforms
* Fix OPENAFS-SA-2024-001: theft of credentials in Unix client PAGs
(CVE-2024-10394)
Local users can bypass the PAG throttling mechanism in Unix clients and
create a PAG using an existing id number and thereby gain access to any
credentials in that PAG.
* Fix OPENAFS-SA-2024-003: buffer overflows in XDR responses
(CVE-2024-10397)
A malicious server can return more data than the preallocated buffer
holds and cause a buffer overflow, which can crash the OpenAFS cache
manager and other client utilities, and possibly result in arbitrary
code execution.
All platforms
* Fix OPENAFS-SA-2024-002: unsafe memory access in ACL processing
(CVE-2024-10396)
Authenticated users can provide malformed ACLs to the fileserver's
StoreACL RPC, causing the fileserver to crash, possibly expose the
contents of uninitialized memory, and possibly store garbage data
in the audit log.
Malicious servers or network MITM can provide malformed ACLs to
clients, possibly causing the process to crash and possibly storing
the contents of uninitialized memory in ACLs stored on the server.
|
| 2024-10-10 21:49:58 by Thomas Klausner | Files touched by this commit (1) |
Log message: openafs: simplify MASTER_SITES |
| 2024-10-10 17:53:21 by Jonathan A. Kollasch | Files touched by this commit (2) |
Log message:
Update openafs to 1.8.12
User-Visible OpenAFS Changes
OpenAFS 1.8.12
All client platforms
* Avoid panics when writing to the cache fails while creating
or extending directories. (15742..15744, 15758)
Linux clients
* Add support for Linux 6.9 (15739)
* Add support for Linux 6.8 (15679..15706, 15727)
* Resolve a kernel module loading issue on the AArch64 architecture,
which occurs due to an unsupported RELA relocation (15728)
|
| 2024-10-10 17:46:20 by Jonathan A. Kollasch | Files touched by this commit (2) |
Log message:
Update openafs to 1.8.11
User-Visible OpenAFS Changes
OpenAFS 1.8.11
All platforms
* Check Rx RPC call number in incoming packets before allocating new
RPC calls to avoid re-running RPC calls when spurious packets are
received (15562)
* Fix memory leaks (15516 15517)
* Fix build failure when building with _FORTIFY_SOURCE (15518 15519)
* Fix build failures when building with the clang compiler (15540 15541
15547 15548)
* Improve error detection in OpenAFS directories for both clients
and servers (15544 15545 15546)
* Add a Makefile target to build Red Hat RPM packages (15514)
* Add support for custom version numbers in Red Hat RPM packages (15513)
All server platforms
* Fix File Server and Protection Server crashes due to recursive thread
lock bug (15609)
* Fix fileserver crashes during startup (15509 15543)
* The bosserver no longer creates the client configuration directory and
"ThisCell" and "CellServDB" symlinks. The \
"vos", "pts", and "bos"
commands now read cell configuration from the server cell configuration
directory when the client cell configuration directory is not present.
This change allows server packaging to be independent of client packaging
and removes the need for client configuration artifacts on hosts running
server processes only (15510 15511 15512)
* Print a warning in the volserver log when an older version of a volume
is restored over an existing volume, unless the volume was restored with
"-overwrite full" (15531)
* Print a warning in the bosserver log when the bosserver was not started
in restricted mode (15537)
* Avoid unbounded string copies when looking up volumes by name in
the vlserver (15538)
* Fix off-by-one directory entry name size check in salvager (15598)
All client platforms
* Updated the CellServDB to the latest version from grand.central.org
(15603)
All UNIX/Linux client platforms
* Fix PAG object memory leak which can degrade performance (15506)
* Improve kernel memory reclamation after accessing a large number of
files (15536)
* Improve cache corruption detection and refetch cache entries
when cache entry size mismatches are detected (15532 15533 15535)
* Fix panic in user-space client (libuafs, Fuse client) (15539)
Linux clients
* Add support for Linux 6.7 (15600)
* Add support for Linux 6.6 (15575 15589 15590)
* Add support for Linux 6.5 (15520 15521 15522 15523 15558)
* Fix BUG when directory entry names are longer than 16 characters.
Affects Linux 6.5 or higher built with GCC 13 or higher (15599)
* Invalidate Linux VFS dentry caches in the AFS filesystem when running
"fs flush*" commands. This reduces the need to drop Linux VFS caches
by writing to the "/proc/sys/vm/drop_caches" file when
troubleshooting (15515)
* Fix build failures (15507 15508 15596 15542 15549)
macOS
* Add support for MacOS 14 ("Sonoma") (15602)
|
| 2024-10-10 17:35:38 by Jonathan A. Kollasch | Files touched by this commit (2) |
Log message:
Update openafs to 1.8.10
User-Visible OpenAFS Changes
OpenAFS 1.8.10
All platforms
* Improved error messages and diagnostics (15302 15313)
* Fixes for parallel or out of tree builds (15297..9)
* Fixed "make clean" to remove several artifacts overlooked in the past
(15377)
* Fixed the autoconf check for ncurses to catch libs built with
"--enable-reentrant" (15296)
* Removed the obsolete kdump debugging tool (15315)
* Avoid some more possible string buffer overflows (15240)
All client platforms
* Take the readonly volume offline during "vos convertROtoRW" (15233)
* Updated the CellServDB to the latest version from grand.central.org
(15323)
All UNIX/Linux client platforms
* Trim trailing slashes from paths given to "fs lsmount" and
"fs flushmount" (15242)
* Provide the "-literal" option for the "fs getfid" \
command, which allows
querying a symlink or mount point rather than the object pointed to
(15235)
* Avoid some potential kernel panics (15295 15324 15331)
AIX
* Improved support for this platform, including releases 7.1, 7.2 and 7.3
(15309 15368..76 15378..86 15403 15422 15424..5 15441..2)
macOS
* Added support for Apple Silicon and macOS releases up to 13 \
("Ventura")
(15246 15250..1 15254 15258..64)
* Fixes around signing and notarization of the OpenAFS packages (15255..7)
* Build "afscell" on supported platforms, and only those (15247)
Linux
* Support building for newer distributions and compilers (15266..71
15273..5 15277)
Linux clients
* Support mainline kernels up to 6.4 and distribution kernels
derived from those (15228 15281 15388..9 15410..11)
* Fixes and enhancements around the kernel module build (15229..31 15265)
* Fixed potential cache inconsistencies for symbolic link metadata (15443)
|
| 2024-10-10 17:19:04 by Jonathan A. Kollasch | Files touched by this commit (4) | |
Log message:
openafs: update to 1.8.9
User-Visible OpenAFS Changes
OpenAFS 1.8.9
All platforms
* Support for building with more recent compilers (14970 14982..14987
14990 14991 15056 15057 15061..15064)
* Build fixes and improvements around the test suite (14879 14880
14909..14911 15133)
* Removed a vestigial autoconf check for GSSAPI support that could
cause unnecessary configure errors (15137)
* Documentation improvements (14980 15047)
* Improved diagnostics and error messages. In particular, warn when
server processes are started without keys and properly print the
volume transaction flags in "vos status" output (14594 14968)
All server platforms
* Avoid several second delays in some situations when the file server
is breaking callbacks on clients with alternate addresses. Avoid
unnecessary several second delays in some cases during database
quorum processing (14815)
* Detect invalid (negative) inputs to FetchData RPCs and reject them
early. The previous behavior only detected the error when actually
attempting to read from storage, which resulted in the volume being
taken offline since errors were assumed to originate from the
underlying storage (15224)
All UNIX/Linux client platforms
* Do not perform DNS SRV/AFSDB record queries when running "fs
getcellstatus", "fs checkservers", and "fs \
setcell". The DNS
lookups incur network delays and were not needed to process these
commands. (14814)
* Avoid possible string buffer overflows with long cell names (15151)
FreeBSD
* Added support for release 12.3 and further improvements (14878
14920 14921)
Linux clients
* Support mainline kernels up to 6.0 (14942..14944 14989 14945
14946 15058 15065 15094 15095 15148)
* Fixed a potential memory leak (15096)
* Avoid a possible performance penalty during file reads when
the file was opened for both reading and writing (15129)
* Fixed a type cast which could make builds fail against older kernels
(15134)
* In Red Hat packaging, systemd will no longer load the openafs module
during boot (15128)
Most client platforms
* Handle certain failure conditions rather than panicking the system
(14927 15052)
|
| 2024-10-10 16:43:25 by Jonathan A. Kollasch | Files touched by this commit (2) |
Log message: filesystems/openafs: fix build on Linux; switch to gmake |
| 2024-10-10 16:04:05 by Jonathan A. Kollasch | Files touched by this commit (5) |
Log message: filesystems/openafs: fix pkglint errors |
New packages: