diff options
author | jakllsch <jakllsch> | 2016-03-18 17:11:37 +0000 |
---|---|---|
committer | jakllsch <jakllsch> | 2016-03-18 17:11:37 +0000 |
commit | 658aba277a336ea3fc1b42b357fa22cebd212c4e (patch) | |
tree | 8e11d94445caf2c09fd8bd95cc9878ddd95b4436 /filesystems/openafs | |
parent | 5665d74f18efcad4db77cf5781c991a2c330c49a (diff) | |
download | pkgsrc-658aba277a336ea3fc1b42b357fa22cebd212c4e.tar.gz |
Update OpenAFS to 1.6.17, fixes security vulnerabilities.
User-Visible OpenAFS Changes
OpenAFS 1.6.17 (Security Release)
All server platforms
* Fix for OPENAFS-SA-2016-001: foreign users can create groups as
if they were an administrator (RT #132822) (CVE-2016-2860)
All client platforms
* Fix for OPENAFS-SA-2016-002: information leakage from sending
uninitialized memory over the network. Multiple call sites
were vulnerable, with potential for leaking both kernel and
userland stack data (RT #132847)
* Update to the GCO CellServDB update from 01 January 2016 (12188)
Linux clients
* Fix a crash when the root volume is not found and dynroot is not
in use, a regression introduced in 1.6.14.1 (12166)
* Avoid introducing a dependency on the kernel-devel package corresponding
to the currently running system while building the srpm (12195)
* Create systemd unit files with mode 0644 instead of 0755
(12196) (RT #132662)
OpenAFS 1.6.16
All platforms
* Documentation improvements (11932 12096 12100 12112 12120)
* Improved diagnostics and error messages (11586 11587)
* Distribute the contributor code of conduct with the stable release (12056)
All server platforms
* Create PID files in the right location when bosserver is started with
the "-pidfiles" argument and transarc paths are not being used (12086)
* Several fixes regarding volume dump creation and restore (11433 11553
11825 11826 12082)
* Avoid a reported bosserver crash, and potentially others, by replacing
fixed size buffers with dynamically allocated ones in some user handling
functions (11436) (RT #130719)
* Obey the "-toname" parameter in "vos clone" operations (11434)
* Avoid writing a loopback address into the server CellServDB - search
for a non-loopback one, and fail if none is found (12083 12105)
* Rebuild the vldb free list with "vldb_check -fix" (12084)
* Fixed and improved the "check_sysid" utility (12090)
* Fixed and improved the "prdb_check" utility (12101..04)
All client platforms
* Avoid a potential denial of service issue, by fixing a bug in pioctl
logic that allowed a local user to overrun a kernel buffer with a single
NUL byte (commit 2ef86372) (RT #132256) (CVE-2015-8312)
* Refuse to change multi-homed server entries with "vos changeaddr",
unless "-force" is given, to avoid corruption of those entries (12087)
* Provide a new vos subcommand "remaddrs" for removing server entries, to
replace the slightly confusing "vos changeaddr -remove" (12092 12094)
* Make "fs flushall" actually invalidate all cached data (11894)
* Prevent spurious call aborts due to erroneous idle timeouts (11594)
* Provide a "--disable-gtx" configure switch to avoid building and
installing libgtx and its header files as well as the depending
"scout" and "afsmonitor" applications (12095)
* Fixed building the gtx applications against newer ncurses (12125)
* Allow pioctls to work in environments where the syscall emulation
pseudo file is created in a read-only pseudo filesystem, like in
containers under recent versions of docker (12124)
Linux clients
* In Red Hat packaging, avoid following a symbolic link when writing
the client CellServDB, which could overwrite the server CellServDB,
by removing an existing symlink before writing the file (12081)
* In Red Hat packaging, avoid a conflict of openafs-debuginfo with
krb5-debuginfo by excluding our kpasswd executable from debuginfo
processing (12128) (RT #131771)
Diffstat (limited to 'filesystems/openafs')
-rw-r--r-- | filesystems/openafs/Makefile | 6 | ||||
-rw-r--r-- | filesystems/openafs/distinfo | 10 |
2 files changed, 8 insertions, 8 deletions
diff --git a/filesystems/openafs/Makefile b/filesystems/openafs/Makefile index c6e4a79d478..31db4b60b0d 100644 --- a/filesystems/openafs/Makefile +++ b/filesystems/openafs/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.10 2015/10/28 19:43:01 jakllsch Exp $ +# $NetBSD: Makefile,v 1.11 2016/03/18 17:11:37 jakllsch Exp $ -DISTNAME= openafs-1.6.15-src +DISTNAME= openafs-1.6.17-src PKGNAME= ${DISTNAME:C/-src//} CATEGORIES= filesystems net sysutils -MASTER_SITES= http://www.openafs.org/dl/openafs/1.6.15/ +MASTER_SITES= http://www.openafs.org/dl/openafs/1.6.17/ EXTRACT_SUFX= .tar.bz2 MAINTAINER= gendalia@NetBSD.org diff --git a/filesystems/openafs/distinfo b/filesystems/openafs/distinfo index 958d607aaf5..218bf833127 100644 --- a/filesystems/openafs/distinfo +++ b/filesystems/openafs/distinfo @@ -1,7 +1,7 @@ -$NetBSD: distinfo,v 1.12 2015/11/04 17:41:18 agc Exp $ +$NetBSD: distinfo,v 1.13 2016/03/18 17:11:37 jakllsch Exp $ -SHA1 (openafs-1.6.15-src.tar.bz2) = f6d300a408943a1f3edada4d12a8f0b60635d839 -RMD160 (openafs-1.6.15-src.tar.bz2) = b88ff1914fa5566649f218aec063a0b1be1fc54a -SHA512 (openafs-1.6.15-src.tar.bz2) = 17ac239366bb6dc8f7978b74ae5069bedab1976b7a39da76886ada5808159aa4ddc6347f49aae49c2d4e9ea14044a375217e48d443059967e50b0f82e0596065 -Size (openafs-1.6.15-src.tar.bz2) = 14388197 bytes +SHA1 (openafs-1.6.17-src.tar.bz2) = 1898679226a87659eb71e073de29384e4d8d4739 +RMD160 (openafs-1.6.17-src.tar.bz2) = b21fc9986cae46385c6440b14ac562d08cbc59c9 +SHA512 (openafs-1.6.17-src.tar.bz2) = 3ca61a7731c9bd9bae7da2f7b3900438fcc9f75c95b354574389c2203af2ec0a7b4dcaaf13a437743477fcad8a46c3bbb8c68255a976b9a9917b8f0a0cdf028f +Size (openafs-1.6.17-src.tar.bz2) = 14607107 bytes SHA1 (patch-src_comerr_Makefile.in) = dd5e996481d7ef908710868aa9dc1b65feb98717 |