forcemerge 845381 845596
tags 845381 pending
thanks
On Fri, Nov 25, 2016 at 01:24:56AM +0100, Svante Signell wrote:
> Source: krb5
> Version: 1.15~beta1-1
> Severity: important
> Tags: patch
> User: debian-h...@lists.debian.org
> Usertags: hurd
>
> HI,
>
> krb5 currently FTBFS on GNU/Hurd due
On Mon, Nov 28, 2016 at 10:17:35AM -0500, Sam Hartman wrote:
> To be clear I've contacted upstream off-list and we'll see what we find
> in the next few days.
Upstream has relicensed the file; we can pull that in for the next upload.
-Ben
>
On Wed, Nov 30, 2016 at 09:11:58PM +0100, Michael Biebl wrote:
> Am 30.11.2016 um 20:01 schrieb Dirk Heinrichs:
>
> Afaics, this will affect any service which was started as a systemd
> --user service. dbus is just one of them.
I have not absorbed the full report yet, but wanted to note that
On Thu, Dec 01, 2016 at 05:50:33PM +0100, Dirk Heinrichs wrote:
> Am 01.12.2016 um 12:35 schrieb Michael Biebl:
>
> > Dirk, could run
> > systemctl --user import-environment KRB5CCNAME
> > systemctl --user restart dbus.service dbus.socket
> > then kill the running dconf-service process and see if
On Sat, Dec 03, 2016 at 06:31:59PM +0100, Svante Signell wrote:
> Hi,
>
> The patches in 845596 and 845341 are different. Maybe it is better to
> include that definition in a header file? Whatever, it is now more than
> a week ago that you promised a new upload. Is anything hindering a new
>
On Wed, Nov 30, 2016 at 07:31:24PM -0300, Felipe Sateler wrote:
>
> `systemctl --user import-environment KRB5CCNAME` might be more
> appropriate if this variable should be copied from an already existing
> environment.
But when would this run, and what package would be responsible for causing
it
On Wed, Nov 30, 2016 at 08:55:02PM -0300, Felipe Sateler wrote:
> On 30 November 2016 at 20:39, Russ Allbery wrote:
> >
> > Apologies for my lack of knowledge of systemd in user mode -- it's really
> > neat but I haven't had a chance to play with it yet. Who would run this
> >
This bug report has been quiet for some time; does that imply that the
status quo is that I should assume that de facto I can only use the
toplevel NEWS.Debian and not binary-package-specific NEWS files?
I ask because openafs is putting out a new major release (currently
in experimental) and the
On Mon, Dec 19, 2016 at 12:03:44PM +0100, Sergio Gelato wrote:
> Source: openafs
> Version: 1.8.0~pre1-4
> Severity: minor
>
> While backporting to jessie (and trusty) I noticed that patch
> 0003-Catch-up-to-roken-s-rename-of-base64-symbols.patch
> implies a build dependency on a version of
On Thu, Dec 22, 2016 at 08:52:51AM +0100, Sergio Gelato wrote:
> * Benjamin Kaduk [2016-12-21 19:10:17 -0600]:
> > > that's 1.7~git20150920 .
> >
> > Hmm, but I thought dpkg-shlibdeps was supposed to notice which symbols were
> > used and propagate the versioned
On Sat, Apr 01, 2017 at 02:30:22AM +0300, Timo Aaltonen wrote:
> Package: krb5-otp
> Severity: wishlist
>
> Hi,
>
> Freeipa server includes a socket-activated daemon for OTP, and it
> listens to {/var}/run/krb5kdc/DEFAULT.socket. But /run/krb5kdc is not
> available, so AIUI it should be created
On Sun, Jul 16, 2017 at 12:53:18PM +1000, Paul Wise wrote:
> On Wed, 12 Jul 2017 04:53:35 -0400 Sam Hartman wrote:
>
> > I'm not actually sure I particularly want it removed from the system.
>
> Policy indicates that old conffiles should be removed on upgrade:
It's not really clear that this
On Mon, Jul 17, 2017 at 04:35:24PM +1000, Paul Wise wrote:
>
> Sounds like a file that should not have been placed in /etc and
> should be removed from /etc during upgrades.
Some further discussion about the role of this file is in #861218
On Mon, Jun 26, 2017 at 12:08:29PM -0500, Benjamin Kaduk wrote:
>
> This does seem likely to be an issue with the systemd integration, yes.
> (Not using the weekly restarts, I didn't observe it in testing.)
>
> Thanks for the report; I'll take a look.
It seems that any ReBozo
Hi Helmut,
On Wed, Apr 26, 2017 at 06:52:58AM +0200, Helmut Grohne wrote:
> Package: libgssapi-krb5-2
> Version: 1.15-1
> Severity: serious
> Justification: violates policy section 8.2
>
> libgssapi-krb5-2 is a shared library package and contains
> /etc/gss/mech.d/README. The latter filename
On Tue, May 02, 2017 at 10:12:35AM +0100, Rowland Penny wrote:
>
> Samba is moving to MIT kerberos instead of Heimdal. Unless the version of MIT
> is raised to 1.15.1, it will become impossible to create an AD DC on Debian
> when Samba 5.0.0 is released and that may be sooner than you think.
>
On Mon, Jun 26, 2017 at 09:26:01AM +0200, Arne Nordmark wrote:
> Package: openafs-fileserver
> Version: 1.6.20-2
> Severity: normal
>
> Dear Maintainer,
>
> This Sunday morning, the bosserver process on all stretch machines was found
> to have stopped.
>
[snip]
>
> The reason why a
On Wed, May 24, 2017 at 11:44:12AM -0700, Russ Allbery wrote:
>
> Kai Wohlfahrt writes:
>
> > Package: kstart
> > Version: 4.2-1
> > Severity: important
> > Tags: upstream
>
> > Dear Maintainer,
>
> > The k5start program repeats attempts to contact the KDC server if it
It seems like an /etc/gss/mech.d/README-- (or similar)
would alleviate the technical problems with having a single file
named README, and would be glob-able for consuming software that is
adapted to know about a broader convention. It would, of course, be
slightly confusing to users even if there
Package: libgssapi-krb5-2
Version: 1.15-1
Tags: security
Upstream has committed a change that causes libgssapi-krb5 to not
automatically free a security context when an error is encountered on
the second or subsequent call to gss_init_sec_context() or
gss_accept_sec_context(), as this is
I am inclined to just put it in unstable and not backport, but
created the bug to see if the security team felt otherwise.
If you look at the pull request history for the upstream commit,
it seems that it was languishing there for a while before getting
merged, as well.
-Ben
Package: lightdm-gtk-greeter
Version: 2.0.3-1
After my latest upgrade/reboot, the behavior of lightdm has changed.
Previously, on fresh boot and lock screen I would be
presented with a username/password entry dialog with empty username,
empty password, and focus on username. The new behavior has
tags 884276 pending upstream fixed-upstream
thanks
Hi Andreas,
Upstream has a fix queued, but it got bumped by last week's security
release (1.6.22) and the release containing it is not out yet.
But it's easy enough to pull the patches in locally until that
happens.
Thanks,
Ben
On Thu, Dec 14, 2017 at 08:38:49PM -0500, Aaron M. Ucko wrote:
> Source: openafs
> Version: 1.6.22-2
> Severity: important
> Tags: upstream
>
> Thanks for looking into #884276. The module now builds successfully,
> but encounters an Oops on load, as detailed below. The issue appears
> to be
On Sun, Dec 17, 2017 at 04:28:36PM +0100, Yves-Alexis Perez wrote:
> On Sat, 2017-12-16 at 09:40 -0600, Benjamin Kaduk wrote:
> > After my latest upgrade/reboot, the behavior of lightdm has changed.
> > Previously, on fresh boot and lock screen I would be
> > presented wit
On Sun, Nov 19, 2017 at 07:07:45PM -0500, Sam Hartman wrote:
>
> Why do you want to replace krb5-config with pkg-config?
> That seems like a good option if we can sell upstream on the idea, but
> something requiring more thought otherwise.
I believe we can consider upstream sold.
pkg-config is
On Mon, Nov 13, 2017 at 10:51:10AM -0800, Russ Allbery wrote:
>
> I'm not sure how best to fix this other than no longer using krb5-config
> and shipping a pkgconfig script or something. One could move the
> krb5-config script into an architecture-specific directory, but that just
> moves the
tags 883916 pending
thanks
Hi Lev,
On Sat, Dec 09, 2017 at 03:25:12PM +0500, Lev Lamberov wrote:
>
> Dear Maintainer,
>
> please find attached the updated Russian debconf translation for openafs.
Thanks! I've put it into our version control so it should appear in
the next upload.
-Ben
Source: openafs
Version: 1.6.1-3+deb7u7
Tags: security upstream fixed-upstream pending
Severity: important
Upstream OpenAFS released security advisory OPENAFS-SA-2017-001
today; insufficient validation of data contained in Rx ack packets
leads to the use of an invalid MTU value, ultimately
On Sun, Oct 29, 2017 at 01:02:56PM +0100, Salvatore Bonaccorso wrote:
> Hi
>
> On Fri, Oct 27, 2017 at 08:25:04PM -0500, Benjamin Kaduk wrote:
> > I think upstream actually did the backport earlier today, already.
>
> I retitled the bug (Red Hat has assigned a CVE f
Just noting that David Benjamin has put together a pull request for upstream
at https://github.com/nodejs/node/pull/16130 .
-Ben
Hi Ben,
On Sun, May 06, 2018 at 06:56:08PM +0100, Ben Hutchings wrote:
> I've cloned this bug as #898073 and reassigned that to krb5.
>
> krb5 is using the new(ish) getrandom() system call to read random bits,
> with the code comment "This ensures strong randomness while only
> blocking during
On Sun, May 06, 2018 at 07:05:56PM -0700, Russ Allbery wrote:
> Benjamin Kaduk <ka...@mit.edu> writes:
> > On Sun, May 06, 2018 at 08:43:13PM +0100, Ben Hutchings wrote:
> >> On Sun, 2018-05-06 at 14:02 -0500, Benjamin Kaduk wrote:
>
> >>> Arguably mor
On Sun, May 06, 2018 at 08:43:13PM +0100, Ben Hutchings wrote:
> On Sun, 2018-05-06 at 14:02 -0500, Benjamin Kaduk wrote:
> > Hi Ben,
> >
> > On Sun, May 06, 2018 at 06:56:08PM +0100, Ben Hutchings wrote:
> > > I've cloned this bug as #898073 and reassigned t
On Mon, May 07, 2018 at 05:10:27PM +0100, Ben Hutchings wrote:
> On Mon, 2018-05-07 at 11:57 -0400, Sam Hartman wrote:
>
> There are basically three "strengths" of random numbers available now:
>
> Weak: /dev/urandom
> Medium: getrandom(flags=0)
> Strong: /dev/random,
ping?
I cannot reproduce locally either on bare metal or in schroot.
-Ben
On Fri, May 04, 2018 at 09:15:51AM -0500, Benjamin Kaduk wrote:
> Hi Lucas,
>
> On Wed, May 02, 2018 at 10:52:53PM +0200, Lucas Nussbaum wrote:
> >
> > During a rebuild of all packages in sid
On Tue, May 08, 2018 at 09:28:08AM -0400, Sam Hartman wrote:
> Benjamin> Now, we have getrandom(), which is a great API and is
> Benjamin> pretty much exactly what you want (again, at least in this
> Benjamin> worldview). IIUC Ted says that you should "just use
> Benjamin>
Hi Lucas,
On Wed, May 02, 2018 at 10:52:53PM +0200, Lucas Nussbaum wrote:
>
> During a rebuild of all packages in sid, your package failed to build on
> amd64.
>
> Relevant part (hopefully):
> > rx/perf.ok
> > volser/vos-man..ok
> > volser/vos..FAILED 5
> >
(ditto)
On Wed, May 30, 2018 at 11:18:11AM -0500, Benjamin Kaduk wrote:
> (resetting autoremoval timer)
>
> On Fri, May 11, 2018 at 12:44:01PM -0500, Benjamin Kaduk wrote:
> > ping?
> >
> > I cannot reproduce locally either on bare metal or in schroot.
> >
(resetting autoremoval timer)
On Fri, May 11, 2018 at 12:44:01PM -0500, Benjamin Kaduk wrote:
> ping?
>
> I cannot reproduce locally either on bare metal or in schroot.
>
> -Ben
>
> On Fri, May 04, 2018 at 09:15:51AM -0500, Benjamin Kaduk wrote:
> > Hi Lucas,
&g
tags 871698 upstream pending
thanks
Upstream has committed a patch to use dynamic allocation to master at
https://github.com/krb5/krb5/pull/707 .
The backport is not entirely trivial, but we should be able to get
a version in (whether our own or upstream's) fairly soon.
-Ben
I think upstream actually did the backport earlier today, already.
-Ben
Hi Aaron,
On Mon, Jan 08, 2018 at 08:14:11PM -0500, Aaron M. Ucko wrote:
> Source: openafs
> Version: 1.8.0~pre4-1
> Severity: important
> Tags: upstream
> Justification: fails to build from source (but built successfully in the past)
> User: debian-al...@lists.debian.org
> Usertags: alpha
>
>
The SRU request for jessie is in #887857.
I don't think there is a way to get a fix into jessie-backports, so
I think we will need to remove openafs-modules-source and
openafs-modules-dkms from jessie-backports and pull the version from
buster into jessie-backports-sloppy (which will be a trip
-proposed-updates; urgency=high
+
+ * Apply upstream patches needed to fix kernel module build against
+linux 3.16.51-3+deb8u1 kernels after security update-induced ABI changes.
+(Closes: #886719)
+
+ -- Benjamin Kaduk <ka...@mit.edu> Sat, 20 Jan 2018 11:48:09 -0600
+
openafs (1
On Thu, Jan 25, 2018 at 09:21:48AM -0800, deb...@lewenberg.com wrote:
>
> The patch you provide works fine with jessie and the 1.6.9 source
> packages. However, I cannot get it to work with wheezy.
>
> I compile the openafs source package against wheezy and the compilation
> completes without
On Sun, Jan 14, 2018 at 06:45:08PM +, Debian Bug Tracking System wrote:
> Processing commands for cont...@bugs.debian.org:
>
> > severity 886768 serious
Could you say a bit more about why you feel that all binary packages
from src:openafs should be subject to autoremoval when only the
On Tue, Jan 09, 2018 at 02:40:23PM -0800, Adam Lewenberg wrote:
> Package: openafs-modules-dkms
> Version: 1.6.9-2+deb8u4~bpo70+1
> Severity: important
>
> After upgrading wheezy kernel to 3.2.0-5-amd64 openafs-modules-dkms could not
> rebuild
> OpenAFS kernel module.
>
> Here is the error
reassign 887018 src:openafs
severity 887018 important
merge 886719 887018
retitle 886719 meltdown/spectre kernel (old)stable-security kernel breaks
openafs module
thanks
On Fri, Jan 12, 2018 at 09:29:52AM -0600, Chad Seys wrote:
> Package: openafs-modules-dkms
> Version: 1.6.18.2-1~bpo8+1
>
Hi folks,
Thanks for all the interest and proposed patches.
I just want to note that the openafs fix will need to go through as
a SRU (Stable Release Update), which requires preapproval from the
stable release managers, and will not actually appear in
stable/oldstable until the next point
On Sun, Feb 18, 2018 at 08:18:48PM +, Adam D. Barratt wrote:
> Control: tags -1 + pending
>
> Uploaded and flagged for acceptance.
Thanks!
> On a side note, the diff as uploaded reverts a couple of bug closures
> from the previous security upload:
>
> openafs (1.6.9-2+deb8u6)
On Thu, Jan 18, 2018 at 10:24:40PM +0100, Pfannenstein Erik wrote:
> Package: openafs
> Version: 1.6.21-3
Thanks for the update. We did recently take a big update, to
1.8.0~pre4-1, if you have a chance to look at the changes it
introduced.
-Ben
signature.asc
Description: PGP signature
Hi Erik
On Fri, Jan 19, 2018 at 08:46:11PM +0100, Pfannenstein Erik wrote:
> Hi Ben,
>
> thanks for pointing this out, but I can't find any changes between the
> revision I attached to my report and 1.8.0-pre4 (apart from the ones I made).
Oh, sorry for making you do the extra work, but thanks
On Tue, Sep 11, 2018 at 10:02:20PM +0200, Salvatore Bonaccorso wrote:
> Hey!
>
> On Tue, Sep 11, 2018 at 02:30:51PM -0500, Benjamin Kaduk wrote:
> > Source: openafs
> > Version: 1.6.9-2+deb8u7
> > Tags: security
> > Severity: serious
> >
> > OpenA
On Fri, Oct 05, 2018 at 08:01:04AM +0800, Paul Wise wrote:
>
> The recent upgrade did not deal with obsolete conffiles properly.
> Please use the dpkg-maintscript-helper support provided by
> dh_installdeb to remove these obsolete conffiles on upgrade.
>
>
I think I am experiencing the same issue as Thomas Maaß, though I am
not convinced that it is the same behavior as the initial report.
Namely, sometimes the display does not turn on when light-locker should be
prompting for a password (I think I have seen this both when returning from
hibernation
Source: openafs
Version: 1.6.9-2+deb8u7
Tags: security
Severity: serious
OpenAFS upstream released security releases 1.6.23 and 1.8.2 today, fixing:
http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt
http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt
Hi Paul,
On Wed, Apr 03, 2019 at 01:06:08PM +0100, Paul Martin wrote:
> Source: openafs
> Version: 1.6.20-2+deb9u2
> Severity: normal
> Tags: patch, ftbfs, stretch
>
> It would be nice if openafs were to be available on ARM64 architecture
> in Debian Stretch and Ubuntu Bionic.
>
> The
On Fri, Jul 05, 2019 at 06:35:20PM +0300, Martin-Éric Racine wrote:
>
> This issue is still not resolved in Buster, which is scheduled to become the
> new STABLE release tomorrow.
To me the bug history implies that it is not expected to be resolved, ever.
Do you think otherwise? If so, what
On Wed, Jul 10, 2019 at 04:05:39PM -0400, Sam Hartman wrote:
> Hi.
> In krb5 1.17-4, DES is entirely removed.
>
> src/aklog/aklog.c makes it look like openafs still requires
> des-cbc-crc. If so, please upgrade this bug to RC.
> Kaduk thinks that's probably not the case though.
>
> If not,
On Fri, Jul 05, 2019 at 07:25:26PM +0300, Martin-Éric Racine wrote:
> It is very much expected to be resolved.
Expected by whom?
> Please see:
>
> https://manpages.debian.org/wheezy/dpkg/dpkg-maintscript-helper.1.en.html
I read most of this; it gives some general guidance that conffiles should
severity 934758 important
tags 934758 + fixed-upstream pending
thanks
On Wed, Aug 14, 2019 at 09:53:40AM -0400, Ryan Kavanagh wrote:
> Package: openafs-modules-dkms
> Version: 1.8.2-1
> Severity: grave
> Justification: renders package unusable
>
> The openafs DKMS module fails to build for Linux
On Sun, Aug 25, 2019 at 10:04:30PM -0400, Aaron M. Ucko wrote:
> Package: openafs-modules-source
> Version: 1.8.4~pre1-1
> Severity: normal
>
> Attempting to build modules from openafs-modules-source (or,
> presumably, -dkms) with ctfutils installed fails because the build
> system tries to use
On Thu, Aug 08, 2019 at 03:16:31PM +0200, Arne Nordmark wrote:
> Package: openafs-fileserver
> Version: 1.8.2-1
> Severity: normal
>
> The stanza
>
> if [ -r /etc/openafs/server/rxkad.keytab ] ; then
> akeyconvert
> fi
>
> in the postinst will fail if openafs-krb5 is not installed or is of
On Tue, Jul 23, 2019 at 12:09:29PM -0700, Felix Lechner wrote:
> On Tue, Jul 16, 2019 at 8:07 AM Greg Hudson wrote:
> >
> > Candidate patch here:
>
> Thank you. The update works great, although I now have problems with
> idmap not working on a kerberized NFSv4 mount.
>
> I write with
On Tue, Dec 10, 2019 at 03:03:02PM +0100, Frédéric Bonnard wrote:
> Package: src:openafs
> Version: 1.8.5-1
>
> --
>
> Dear maintainer,
> thanks for enabling ppc64el. It seems some more changes are needed for
> openafs to build properly :
>
On Tue, Dec 10, 2019 at 01:19:11PM +0100, Andreas Beckmann wrote:
> Please check my reply on #946497 which is about the same problem in
> zfs-dkms. Perhaps both of you find a solution that will work for the two
> packages.
Thanks for the pointer.
I think that having dkms set CC/etc.
Hi Andreas,
On Tue, Nov 26, 2019 at 02:38:21AM +0100, Andreas Beckmann wrote:
> Package: openafs-modules-dkms
> Version: 1.8.5-1
> Severity: serious
> Tags: ftbfs
> Justification: fails to build from source
> User: debian...@lists.debian.org
> Usertags: piuparts
>
> Hi,
>
>
On Thu, Oct 03, 2019 at 03:03:55PM +0200, Frédéric Bonnard wrote:
> Package: src:openafs
> Version: 1.8.4~pre1-1
>
> --
>
> Dear maintainer,
> is there any reason that openafs isn't built on ppc64el(maybe linux-any) ?
> I tested on ppc64el and with minor modifications (arch verifications in
>
On Sun, Feb 09, 2020 at 09:53:26AM +, Witold Baryluk wrote:
> Package: openafs
> Followup-For: Bug #948307
>
> Dear Maintainer,
>
> The 1.8.5-1 fails to compile with kernel 5.3.0-2-amd64:
>
> Setting up openafs-modules-dkms (1.8.5-1) ...
> Loading new openafs-1.8.5 DKMS files...
> It is
On Sat, Feb 29, 2020 at 02:17:49PM +0100, Beatrice Torracca wrote:
> Package: openafs
> Severity: wishlist
> Tags: patch l10n
>
> Hi.
>
> Please find attached the Italian translation of openafs debconf messages
>
>
> Please include it in your next upload.
Thanks, Beatrice, I will do so.
-Ben
severity 956358 important
tags 956358 + moreinfo
thanks
On Fri, Apr 10, 2020 at 11:30:10AM +0300, Adrian Bunk wrote:
>
> https://piuparts.debian.org/sid/source/o/openafs.html
>
> ...
> Loading new openafs-1.8.6pre1 DKMS files...
> It is likely that 4.19.0-8-amd64 belongs to a chroot's host
On Thu, Apr 30, 2020 at 03:40:30AM +0100, peter green wrote:
> On 29/04/2020 17:47, Jochen Sprickerhof wrote:
> >
> > What I found up to now:
> >
> > - pkg-config=0.29.2-1:
> >
> > $ pkg-config --cflags-only-I libzmq
> > -isystem /usr/include/mit-krb5 -I/usr/include/pgm-5.2
> >
> > - Whereas
tags 926321 moreinfo
thanks
On Sat, Apr 06, 2019 at 10:10:57AM -0500, Benjamin Kaduk wrote:
> Hi Paul,
>
> On Wed, Apr 03, 2019 at 01:06:08PM +0100, Paul Martin wrote:
> > Source: openafs
> > Version: 1.6.20-2+deb9u2
> > Severity: normal
> > Tags: patch, ftbfs,
Hi Jose,
Sorry that I missed this when it first came in.
A couple notes inline, if you still remember much about the original
report...
On Sat, Aug 08, 2020 at 06:32:07PM +0100, Jose M Calhariz wrote:
> Package: openafs-client
> Version: 1.8.6-1~dsi10+1
> Severity: normal
>
> Hi,
>
> I have
On Tue, Sep 01, 2020 at 03:43:37PM +0100, Jose M Calhariz wrote:
> Package: openafs-client
> Version: 1.8.6-1~dsi10+1
> Severity: normal
>
> I am using a private backport of openafs from testing. On this server I
> am getting multiples strange errors about openafs cache. This server
> is
tags 970258 fixed-upstream
thanks
On Wed, Sep 16, 2020 at 09:27:30AM +0200, Malte Eggers wrote:
> I'm (unsurprisingly) experiencing the same problem on sid. This appears to be
> the relevant section of the make.log
Indeed, this is not surprising -- the patches for kernel 5.8 compatibility
Hi Robert,
On Mon, Oct 26, 2020 at 07:08:41PM +0100, Robert Senger wrote:
> Package: openafs-modules-dkms
> Version: 1.8.6-3
> Severity: serious
> Tags: ftbfs
> Justification: fails to build from source (but built successfully in the past)
>
> DKMS fails to build module on bullseye with kernel
tags 966881 fixed-upstream
thanks
On Mon, Aug 03, 2020 at 10:04:57AM +0200, Lucas Nussbaum wrote:
> Source: openafs
> Version: 1.8.6-1
> Severity: serious
> Justification: FTBFS on amd64
> Tags: bullseye sid ftbfs
> Usertags: ftbfs-20200802 ftbfs-bullseye
>
> Hi,
>
> During a rebuild of all
tags 964027 pending fixed-upstream
thanks
On Tue, Jun 30, 2020 at 12:48:41PM -0400, Ryan Kavanagh wrote:
> Package: openafs-modules-dkms
> Version: 1.8.6~pre1-3
> Severity: grave
> Justification: package is not compatible with the current kernel
>
> The package cannot successfully be installed
Package: openafs-client
Version: 1.8.2-1
Severity: grave
Control: clone -1 -2
Control: reassign -2 openafs-fileserver
The Rx RPC stack requires a connection identifier for each new connection a
system initiates. In 2014 support to generate the initial identifier
randomly was added to the core Rx
On Mon, Jan 18, 2021 at 06:04:39PM +, Jeremy Stanley wrote:
> Thanks for pulling this into unstable and testing! Is there any work
> in progress to fix it in stable as well? I took a quick peek in
> Salsa and didn't see any merge requests or an obvious branch for
> Buster's 1.8.2 (just the
Hi Salvatore,
On Wed, Feb 03, 2021 at 09:39:25PM +0100, Salvatore Bonaccorso wrote:
> HI Benjamin,
>
> On Mon, Jan 18, 2021 at 07:19:14PM -0800, Benjamin Kaduk wrote:
> > On Mon, Jan 18, 2021 at 06:04:39PM +, Jeremy Stanley wrote:
> > > Thanks for pulling this i
reopen 987690
thanks
This looks to be a typo in the changelog closer.
-Ben
On Mon, May 03, 2021 at 06:51:03PM +, Debian Bug Tracking System wrote:
> Your message dated Mon, 03 May 2021 18:48:29 +
> with message-id
> and subject line Bug#987690: fixed in libass 1:0.15.0-2
> has caused
On Fri, Feb 05, 2021 at 05:11:31PM +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Fri, 2021-02-05 at 08:38 -0800, Benjamin Kaduk wrote:
> > All upstream openafs releases from the 1.8.x series, prior to 1.8.7,
> > contain a "time bomb" bug tha
gelog 2021-01-26 20:13:14.0 -0800
@@ -1,3 +1,10 @@
+openafs (1.8.2-1+deb10u1) buster; urgency=high
+
+ * Pull in upstream patches to fix outgoing connections after unix
+epoch time 0x6000 (Closes: #980115, #980116)
+
+ -- Benjamin Kaduk Tue, 26 Jan 2021 20:13:14 -0800
+
On Wed, Feb 03, 2021 at 01:05:38PM -0800, Benjamin Kaduk wrote:
> >
> > Do you still have this on your radar? While as discussed this is not a
> > DSA candidate a fix can be released out of order from a point release
> > via the stable-updates mechanism, and t
On Mon, Mar 15, 2021 at 06:27:41AM +, Witold Baryluk wrote:
> Package: openafs-modules-dkms
> Version: 1.8.6-5
> Followup-For: Bug #985254
> X-Debbugs-Cc: witold.bary...@gmail.com
>
> Actually after digging more, it is not due to HIGHMEM. In fact the
> kmap_atomic takes single argument since
Hi Andreas,
Thanks for filing 984929.
Do you have a sense for what the cutoff should be for trying to get 984929
resolved vs. just uploading a workaround in the dkms-consuming packages
(e.g., openafs)?
Thanks,
Ben
On Wed, Mar 10, 2021 at 01:09:06PM +, Debian Bug Tracking System wrote:
>
On Fri, Apr 09, 2021 at 03:29:48PM -0400, Chaskiel Grundman wrote:
> Package: openafs-fileserver
> Version: 1.8.2-1+deb10u1
> Severity: important
>
> Dear Maintainer,
> While upgrading a system from stretch (9.9) to buster (10.9), I had a
> failure in this package:
>
> Setting up
Hi Adam,
On Sat, Feb 06, 2021 at 02:40:02PM +, Adam D. Barratt wrote:
> On Fri, 2021-02-05 at 09:17 -0800, Benjamin Kaduk wrote:
> > On Fri, Feb 05, 2021 at 05:11:31PM +, Adam D. Barratt wrote:
> > > Control: tags -1 + confirmed
> > >
> > > On Fri,
Package: krb5-kdc
Version: 1.15-1
Tags: security fixed-upstream
quoting from
https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49
CVE-2021-37750:
In MIT krb5 releases 1.14 and later, an authenticated attacker can
cause a null dereference in the KDC by sending a FAST TGS
severity 995134 serious
tags 995134 upstream fixed-upstream pending
thanks
On Sun, Sep 26, 2021 at 05:07:44PM -0400, Ryan Kavanagh wrote:
> Package: openafs-modules-dkms
> Version: 1.8.6-5
> Severity: grave
> Justification: Renders package unusable
>
> The openafs dkms modules fail to build on
It looks like the leak was independently(?) reported to upstream and fixed
in a somewhat different way, see
https://github.com/krb5/krb5/commit/593e16448e1af23eef74689afe06a7bcc86e79c7
.
The fix is marked for pullup to the stable branches, so it should get fixed
in Debian when we next import an
On Wed, Jul 21, 2021 at 07:13:49PM +0200, Salvatore Bonaccorso wrote:
>
> On Wed, Jul 21, 2021 at 10:01:23AM -0600, Sam Hartman wrote:
>
> About buster: Given the above we can fix via the upcoming point
> release for buster, I guess that can be enough in this case. What
> would happen if the
o argue for important, although if you want to push to
> serious, I won't fight it.
> I'm busy with Family obligat scattered throughout the day ions, but it
> sounded like Benjamin Kaduk
> might be available to help.
Yes, I have some time to help.
Given that Salvatore filed the report, I am ass
angelog
--- krb5-1.18.3/debian/changelog2021-03-28 10:43:01.0 -0700
+++ krb5-1.18.3/debian/changelog2021-07-21 11:07:07.0 -0700
@@ -1,3 +1,10 @@
+krb5 (1.18.3-6) unstable; urgency=high
+
+ * Pull in upstream patch to fix CVE-2021-36222 (KDC NULL dereference),
+C
Yes, I started working on an upload for buster, but got a bit sidetracked
since the 1.17-3+deb10u1 in the archive was not imported into the packaging
repo previously.
I expect to make progress today.
-Ben
Hi Ben,
Thanks for detecting and reporting the build errors.
I'm a bit confused as to how this is "grave", though -- I would have
classified it as merely "serious" as for, e.g., 970258 and 995134.
For upstream, we went with a slightly different patch owing to the
unreliability of the linux
I'm pretty sure that changing the master key encryption type used for new
databases has basically no upgrade considerations and could be "just done".
Updating the encryption type for that key on existing databases will have
nontrivial upgrade considerations (and in fact will not be possible to do
201 - 300 of 308 matches
Mail list logo