About repackaging: Since this is a bug against the fileserver, I would say that our primary focus should be on getting a fix for dapper. Also Gutsy is of some importance since i do belevie that there is some people out there running gutsy servers. Considering that i have never done any .deb packaging, it would take me a long time to find the relevant security patch from 1.4.5 to 1.4.6, apply it to 1.4.1-2 (dapper) and repackage. Perhaps with some help from Russ to find the actual patch i will give it a go.
Another option: What about debian stable? Is 1.4.2-6 (etch) going to be patched, if so, can we draw from the effort there? Perhaps not relevant: The kernel modules for edgy is broken. This is an old bug which has been closed with a backport release, which essentially does not solve the problem for non-backport users and fresh installs. I'm not sure how many edgy clients are still out here, so perhaps it's not worth the effort. But it should receive both a security patch for the fileserver, and version upgrade to 1.4.4 at least in order to make the kernel modules compile. Also: Don't forget the security issue 2007-001 (#94787) with all versions < 1.4.4, so in fact we should create two patches for dapper. Either that, or we figure out a way to get 1.4.6 to work on dapper, what do you guys say? -- SA 2007-003: Denial of service in OpenAFS fileserver https://bugs.launchpad.net/bugs/180792 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
