Bug#1063648: krb5: FTBFS on arm64, armel and ppc64el with "Can't resolve hostname" in dh_auto_test

On Sat, Feb 10, 2024 at 01:33:15PM +0100, Johannes Schauer Marin Rodrigues wrote: > > there as a binNMU "Rebuild to sync binNMU versions" for krb5 and that > failed for arm64, armel and ppc64el: > > https://buildd.debian.org/status/package.php?p=krb5 > > The error logs look very similar: > ***

Bug#1060896: openafs-modules-dkms: module build fails for Linux 6.7: osi_file.c:178:42: error: 'struct inode' has no member named 'i_mtime'

tags -1 + fixed-upstream patch thanks On Tue, Jan 16, 2024 at 10:30:40AM +0100, Andreas Beckmann wrote: > Package: openafs-modules-dkms > Version: 1.8.10-2 > Severity: important > > Hi, > > openafs-modules-dkms fails to build a module for Linux 6.7 that was just > uploaded to experimental:

Bug#1059588: lintian: false positive missing-build-dependency-for-dh_-command for B-D-Indep

Package: lintian Version: 2.116.3 Severity: normal X-Debbugs-Cc: ka...@mit.edu I maintain openafs, which for some time has been reporting an error-level diagnostic from lintian for missing-build-dependency-for-dh_-command ("dh_dkms (does not satisfy dkms:any | dh-sequence-dkms:any)

Bug#1043131: Solution for kernel 6.5 with openafs 1.8.10-1 in debian

Hi Gergely, On Wed, Dec 20, 2023 at 04:26:55PM +0100, Gergely Riskó wrote: > Hey all, > > Yes, OpenAFS is always a pain to work with both on the server and the > client side. :( > > This time I think the client installation is harder than usual, we > have to apply 5 patches. Yes, there's a lot

Bug#1019751: openafs-client: Instructions to setup a new cell is out of date on Debian 9 and possibly on newer versions

On Wed, Sep 14, 2022 at 05:36:00PM +0100, Jose M Calhariz wrote: > Hi > > I am creating a new OpenAFS cell for testing purposes and found the > the file README.server.gz with some instructions a bit out of date. > This makes the new cell setup dificult to a inexperienced OpenAFS > sysadmin. > >

Bug#1048470: openafs: Fails to build source after successful build

On Sun, Aug 13, 2023 at 09:21:04PM +0200, Lucas Nussbaum wrote: > Source: openafs > Version: 1.8.10-1 > Severity: minor > Tags: trixie sid ftbfs > User: lu...@debian.org > Usertags: ftbfs-sab-20230813 ftbfs-source-after-build > User: debian...@lists.debian.org > Usertags: qa-doublebuild > > Hi, >

Bug#1033164: krb5-doc: The documented DEFCCNAME is, probably, not the actual credential cache name

Hmm, on my local machines (one running Debian, one running Ubuntu) I appear to be seeing the expected default /tmp/krb5cc_%{uid} behavior. I couldn't quite follow how your credentials were obtained; were they perhaps obtained as part of the login process? The PAM configuration might well be

Bug#1010764: upstream fix

tags 1010764 upstream fixed-upstream pending thanks On Wed, May 18, 2022 at 01:55:00AM +, Jeremy Stanley wrote: > The fix for this appears to have merged upstream in January, so > could probably be backported in Salsa: > > https://gerrit.openafs.org/14882 Indeed, upstream has been getting

Bug#1009927: krb5: deprecated encryption type for master_key_type

I'm pretty sure that changing the master key encryption type used for new databases has basically no upgrade considerations and could be "just done". Updating the encryption type for that key on existing databases will have nontrivial upgrade considerations (and in fact will not be possible to do

Bug#1005404: Kernel modules fail to build with Linux 5.16 onward

Hi Ben, Thanks for detecting and reporting the build errors. I'm a bit confused as to how this is "grave", though -- I would have classified it as merely "serious" as for, e.g., 970258 and 995134. For upstream, we went with a slightly different patch owing to the unreliability of the linux

Bug#995134: dkms modules fail to build on 5.14.0, error: ‘TIF_IA32’ undeclared

severity 995134 serious tags 995134 upstream fixed-upstream pending thanks On Sun, Sep 26, 2021 at 05:07:44PM -0400, Ryan Kavanagh wrote: > Package: openafs-modules-dkms > Version: 1.8.6-5 > Severity: grave > Justification: Renders package unusable > > The openafs dkms modules fail to build on

Bug#992607: CVE-2021-37750 in krb5: NULL dereference in authenticated FAST TGS request

Package: krb5-kdc Version: 1.15-1 Tags: security fixed-upstream quoting from https://github.com/krb5/krb5/commit/d775c95af7606a51bf79547a94fa52ddd1cb7f49 CVE-2021-37750: In MIT krb5 releases 1.14 and later, an authenticated attacker can cause a null dereference in the KDC by sending a FAST TGS

Bug#991365: krb5: CVE-2021-36222

Yes, I started working on an upload for buster, but got a bit sidetracked since the 1.17-3+deb10u1 in the archive was not imported into the packaging repo previously. I expect to make progress today. -Ben

Bug#991374: unblock: krb5/1.18.3-6

angelog --- krb5-1.18.3/debian/changelog2021-03-28 10:43:01.0 -0700 +++ krb5-1.18.3/debian/changelog2021-07-21 11:07:07.0 -0700 @@ -1,3 +1,10 @@ +krb5 (1.18.3-6) unstable; urgency=high + + * Pull in upstream patch to fix CVE-2021-36222 (KDC NULL dereference), +C

Bug#991140: memory leak in krb5_gss_inquire_cred()

It looks like the leak was independently(?) reported to upstream and fixed in a somewhat different way, see https://github.com/krb5/krb5/commit/593e16448e1af23eef74689afe06a7bcc86e79c7 . The fix is marked for pullup to the stable branches, so it should get fixed in Debian when we next import an

Bug#991365: krb5: CVE-2021-36222

On Wed, Jul 21, 2021 at 07:13:49PM +0200, Salvatore Bonaccorso wrote: > > On Wed, Jul 21, 2021 at 10:01:23AM -0600, Sam Hartman wrote: > > About buster: Given the above we can fix via the upcoming point > release for buster, I guess that can be enough in this case. What > would happen if the

Bug#991365: krb5: CVE-2021-36222

o argue for important, although if you want to push to > serious, I won't fight it. > I'm busy with Family obligat scattered throughout the day ions, but it > sounded like Benjamin Kaduk > might be available to help. Yes, I have some time to help. Given that Salvatore filed the report, I am ass

Bug#987690: marked as done (openafs-fileserver: Servers do not work with des3-cbc-sha1 keys)

reopen 987690 thanks This looks to be a typo in the changelog closer. -Ben On Mon, May 03, 2021 at 06:51:03PM +, Debian Bug Tracking System wrote: > Your message dated Mon, 03 May 2021 18:48:29 + > with message-id > and subject line Bug#987690: fixed in libass 1:0.15.0-2 > has caused

Bug#986702: openafs-fileserver: Upgrade from stretch broken (missing dependency)

On Fri, Apr 09, 2021 at 03:29:48PM -0400, Chaskiel Grundman wrote: > Package: openafs-fileserver > Version: 1.8.2-1+deb10u1 > Severity: important > > Dear Maintainer, > While upgrading a system from stretch (9.9) to buster (10.9), I had a > failure in this package: > > Setting up

Bug#985254: openafs-modules-dkms: Fails to build on -rt / non-HIGHMEM kernels

On Mon, Mar 15, 2021 at 06:27:41AM +, Witold Baryluk wrote: > Package: openafs-modules-dkms > Version: 1.8.6-5 > Followup-For: Bug #985254 > X-Debbugs-Cc: witold.bary...@gmail.com > > Actually after digging more, it is not due to HIGHMEM. In fact the > kmap_atomic takes single argument since

Bug#945506: Processed: dkms: export CC pointing to the kernels compiler

Hi Andreas, Thanks for filing 984929. Do you have a sense for what the cutoff should be for trying to get 984929 resolved vs. just uploading a workaround in the dkms-consuming packages (e.g., openafs)? Thanks, Ben On Wed, Mar 10, 2021 at 01:09:06PM +, Debian Bug Tracking System wrote: >

Bug#982002: buster-pu: package openafs/1.8.2-1

Hi Adam, On Sat, Feb 06, 2021 at 02:40:02PM +, Adam D. Barratt wrote: > On Fri, 2021-02-05 at 09:17 -0800, Benjamin Kaduk wrote: > > On Fri, Feb 05, 2021 at 05:11:31PM +, Adam D. Barratt wrote: > > > Control: tags -1 + confirmed > > > > > > On Fri,

Bug#982002: buster-pu: package openafs/1.8.2-1

On Fri, Feb 05, 2021 at 05:11:31PM +, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Fri, 2021-02-05 at 08:38 -0800, Benjamin Kaduk wrote: > > All upstream openafs releases from the 1.8.x series, prior to 1.8.7, > > contain a "time bomb" bug tha

Bug#980115: connection failure when rx initialized after 08:25:36 GMT 14 Jan 2021

On Wed, Feb 03, 2021 at 01:05:38PM -0800, Benjamin Kaduk wrote: > > > > Do you still have this on your radar? While as discussed this is not a > > DSA candidate a fix can be released out of order from a point release > > via the stable-updates mechanism, and t

Bug#982002: buster-pu: package openafs/1.8.2-1

gelog 2021-01-26 20:13:14.0 -0800 @@ -1,3 +1,10 @@ +openafs (1.8.2-1+deb10u1) buster; urgency=high + + * Pull in upstream patches to fix outgoing connections after unix +epoch time 0x6000 (Closes: #980115, #980116) + + -- Benjamin Kaduk Tue, 26 Jan 2021 20:13:14 -0800 +

Bug#980115: connection failure when rx initialized after 08:25:36 GMT 14 Jan 2021

Hi Salvatore, On Wed, Feb 03, 2021 at 09:39:25PM +0100, Salvatore Bonaccorso wrote: > HI Benjamin, > > On Mon, Jan 18, 2021 at 07:19:14PM -0800, Benjamin Kaduk wrote: > > On Mon, Jan 18, 2021 at 06:04:39PM +, Jeremy Stanley wrote: > > > Thanks for pulling this i

Bug#980115: connection failure when rx initialized after 08:25:36 GMT 14 Jan 2021

On Mon, Jan 18, 2021 at 06:04:39PM +, Jeremy Stanley wrote: > Thanks for pulling this into unstable and testing! Is there any work > in progress to fix it in stable as well? I took a quick peek in > Salsa and didn't see any merge requests or an obvious branch for > Buster's 1.8.2 (just the

Bug#980115: connection failure when rx initialized after 08:25:36 GMT 14 Jan 2021

Package: openafs-client Version: 1.8.2-1 Severity: grave Control: clone -1 -2 Control: reassign -2 openafs-fileserver The Rx RPC stack requires a connection identifier for each new connection a system initiates. In 2014 support to generate the initial identifier randomly was added to the core Rx

Bug#972969: openafs-modules-dkms: Does not build on bullseye with kernel 5.9.1

Hi Robert, On Mon, Oct 26, 2020 at 07:08:41PM +0100, Robert Senger wrote: > Package: openafs-modules-dkms > Version: 1.8.6-3 > Severity: serious > Tags: ftbfs > Justification: fails to build from source (but built successfully in the past) > > DKMS fails to build module on bullseye with kernel

Bug#970258: Same on sid

tags 970258 fixed-upstream thanks On Wed, Sep 16, 2020 at 09:27:30AM +0200, Malte Eggers wrote: > I'm (unsurprisingly) experiencing the same problem on sid. This appears to be > the relevant section of the make.log Indeed, this is not surprising -- the patches for kernel 5.8 compatibility

Bug#969376: openafs-client: Openafs cache erros on the logs

On Tue, Sep 01, 2020 at 03:43:37PM +0100, Jose M Calhariz wrote: > Package: openafs-client > Version: 1.8.6-1~dsi10+1 > Severity: normal > > I am using a private backport of openafs from testing. On this server I > am getting multiples strange errors about openafs cache. This server > is

Bug#968104: openafs-client: Upgrade of openfs-client break until reboot

Hi Jose, Sorry that I missed this when it first came in. A couple notes inline, if you still remember much about the original report... On Sat, Aug 08, 2020 at 06:32:07PM +0100, Jose M Calhariz wrote: > Package: openafs-client > Version: 1.8.6-1~dsi10+1 > Severity: normal > > Hi, > > I have

Bug#926321: openafs: FTBFS on arm64

tags 926321 moreinfo thanks On Sat, Apr 06, 2019 at 10:10:57AM -0500, Benjamin Kaduk wrote: > Hi Paul, > > On Wed, Apr 03, 2019 at 01:06:08PM +0100, Paul Martin wrote: > > Source: openafs > > Version: 1.6.20-2+deb9u2 > > Severity: normal > > Tags: patch, ftbfs,

Bug#966881: openafs: FTBFS: ld: vlib.a(volume.o):./src/vol/volume.c:128: multiple definition of `vol_io_params'; ihandle.o:./src/vol/ihandle.c:81: first defined here

tags 966881 fixed-upstream thanks On Mon, Aug 03, 2020 at 10:04:57AM +0200, Lucas Nussbaum wrote: > Source: openafs > Version: 1.8.6-1 > Severity: serious > Justification: FTBFS on amd64 > Tags: bullseye sid ftbfs > Usertags: ftbfs-20200802 ftbfs-bullseye > > Hi, > > During a rebuild of all

Bug#964027: incompatible with kernel 5.7.0: ERROR: modpost: "__pagevec_lru_add" [...] undefined!

tags 964027 pending fixed-upstream thanks On Tue, Jun 30, 2020 at 12:48:41PM -0400, Ryan Kavanagh wrote: > Package: openafs-modules-dkms > Version: 1.8.6~pre1-3 > Severity: grave > Justification: package is not compatible with the current kernel > > The package cannot successfully be installed

Bug#959064: ignition-transport FTBFS in testing.

On Thu, Apr 30, 2020 at 03:40:30AM +0100, peter green wrote: > On 29/04/2020 17:47, Jochen Sprickerhof wrote: > > > > What I found up to now: > > > > - pkg-config=0.29.2-1: > > > >   $ pkg-config --cflags-only-I libzmq > >   -isystem /usr/include/mit-krb5 -I/usr/include/pgm-5.2 > > > > - Whereas

Bug#956358: openafs-modules-dkms: piuparts failure on package installation

severity 956358 important tags 956358 + moreinfo thanks On Fri, Apr 10, 2020 at 11:30:10AM +0300, Adrian Bunk wrote: > > https://piuparts.debian.org/sid/source/o/openafs.html > > ... > Loading new openafs-1.8.6pre1 DKMS files... > It is likely that 4.19.0-8-amd64 belongs to a chroot's host

Bug#952799: openafs: [INTL:it] Italian translation of debconf messages

On Sat, Feb 29, 2020 at 02:17:49PM +0100, Beatrice Torracca wrote: > Package: openafs > Severity: wishlist > Tags: patch l10n > > Hi. > > Please find attached the Italian translation of openafs debconf messages > > > Please include it in your next upload. Thanks, Beatrice, I will do so. -Ben

Bug#948307: openafs-modules-dkms: Compile of the module fails for kernel 5.3.15

On Sun, Feb 09, 2020 at 09:53:26AM +, Witold Baryluk wrote: > Package: openafs > Followup-For: Bug #948307 > > Dear Maintainer, > > The 1.8.5-1 fails to compile with kernel 5.3.0-2-amd64: > > Setting up openafs-modules-dkms (1.8.5-1) ... > Loading new openafs-1.8.5 DKMS files... > It is

Bug#946520: FTBFS on ppc64el

On Tue, Dec 10, 2019 at 03:03:02PM +0100, Frédéric Bonnard wrote: > Package: src:openafs > Version: 1.8.5-1 > > -- > > Dear maintainer, > thanks for enabling ppc64el. It seems some more changes are needed for > openafs to build properly : >

Bug#945506: openafs-modules-dkms: module FTBFS for Linux 5.3.0-2-amd64

On Tue, Dec 10, 2019 at 01:19:11PM +0100, Andreas Beckmann wrote: > Please check my reply on #946497 which is about the same problem in > zfs-dkms. Perhaps both of you find a solution that will work for the two > packages. Thanks for the pointer. I think that having dkms set CC/etc.

Bug#945506: openafs-modules-dkms: module FTBFS for Linux 5.3.0-2-amd64

Hi Andreas, On Tue, Nov 26, 2019 at 02:38:21AM +0100, Andreas Beckmann wrote: > Package: openafs-modules-dkms > Version: 1.8.5-1 > Severity: serious > Tags: ftbfs > Justification: fails to build from source > User: debian...@lists.debian.org > Usertags: piuparts > > Hi, > >

Bug#941658: Build openafs on other ppc64el

On Thu, Oct 03, 2019 at 03:03:55PM +0200, Frédéric Bonnard wrote: > Package: src:openafs > Version: 1.8.4~pre1-1 > > -- > > Dear maintainer, > is there any reason that openafs isn't built on ppc64el(maybe linux-any) ? > I tested on ppc64el and with minor modifications (arch verifications in >

Bug#935771: openafs-modules-source: Tries to use missing cc-wrapper with ctfutils installed

On Sun, Aug 25, 2019 at 10:04:30PM -0400, Aaron M. Ucko wrote: > Package: openafs-modules-source > Version: 1.8.4~pre1-1 > Severity: normal > > Attempting to build modules from openafs-modules-source (or, > presumably, -dkms) with ctfutils installed fails because the build > system tries to use

Bug#934758: DKMS module fails to build for linux 5.2.0-2

severity 934758 important tags 934758 + fixed-upstream pending thanks On Wed, Aug 14, 2019 at 09:53:40AM -0400, Ryan Kavanagh wrote: > Package: openafs-modules-dkms > Version: 1.8.2-1 > Severity: grave > Justification: renders package unusable > > The openafs DKMS module fails to build for Linux

Bug#934236: openafs-fileserver: postinst uses asetkey, but the package does not depend on openafs-krb5

On Thu, Aug 08, 2019 at 03:16:31PM +0200, Arne Nordmark wrote: > Package: openafs-fileserver > Version: 1.8.2-1 > Severity: normal > > The stanza > > if [ -r /etc/openafs/server/rxkad.keytab ] ; then > akeyconvert > fi > > in the postinst will fail if openafs-krb5 is not installed or is of

Bug#932000: In testing

On Tue, Jul 23, 2019 at 12:09:29PM -0700, Felix Lechner wrote: > On Tue, Jul 16, 2019 at 8:07 AM Greg Hudson wrote: > > > > Candidate patch here: > > Thank you. The update works great, although I now have problems with > idmap not working on a kerberized NFSv4 mount. > > I write with

Bug#910344: libgssapi-krb5-2: conffiles not removed

On Fri, Jul 05, 2019 at 07:25:26PM +0300, Martin-Éric Racine wrote: > It is very much expected to be resolved. Expected by whom? > Please see: > > https://manpages.debian.org/wheezy/dpkg/dpkg-maintscript-helper.1.en.html I read most of this; it gives some general guidance that conffiles should

Bug#931819: Remove weak_crypto code

On Wed, Jul 10, 2019 at 04:05:39PM -0400, Sam Hartman wrote: > Hi. > In krb5 1.17-4, DES is entirely removed. > > src/aklog/aklog.c makes it look like openafs still requires > des-cbc-crc. If so, please upgrade this bug to RC. > Kaduk thinks that's probably not the case though. > > If not,

Bug#910344: libgssapi-krb5-2: conffiles not removed

On Fri, Jul 05, 2019 at 06:35:20PM +0300, Martin-Éric Racine wrote: > > This issue is still not resolved in Buster, which is scheduled to become the > new STABLE release tomorrow. To me the bug history implies that it is not expected to be resolved, ever. Do you think otherwise? If so, what

Bug#926321: openafs: FTBFS on arm64

Hi Paul, On Wed, Apr 03, 2019 at 01:06:08PM +0100, Paul Martin wrote: > Source: openafs > Version: 1.6.20-2+deb9u2 > Severity: normal > Tags: patch, ftbfs, stretch > > It would be nice if openafs were to be available on ARM64 architecture > in Debian Stretch and Ubuntu Bionic. > > The

Bug#910344: libgssapi-krb5-2: conffiles not removed

On Fri, Oct 05, 2018 at 08:01:04AM +0800, Paul Wise wrote: > > The recent upgrade did not deal with obsolete conffiles properly. > Please use the dpkg-maintscript-helper support provided by > dh_installdeb to remove these obsolete conffiles on upgrade. > >

Bug#870641: light-locker: screen stays black after closing and opening laptop lid

I think I am experiencing the same issue as Thomas Maaß, though I am not convinced that it is the same behavior as the initial report. Namely, sometimes the display does not turn on when light-locker should be prompting for a password (I think I have seen this both when returning from hibernation

Bug#908616: OpenAFS security release

On Tue, Sep 11, 2018 at 10:02:20PM +0200, Salvatore Bonaccorso wrote: > Hey! > > On Tue, Sep 11, 2018 at 02:30:51PM -0500, Benjamin Kaduk wrote: > > Source: openafs > > Version: 1.6.9-2+deb8u7 > > Tags: security > > Severity: serious > > > > OpenA

Bug#908616: OpenAFS security release

Source: openafs Version: 1.6.9-2+deb8u7 Tags: security Severity: serious OpenAFS upstream released security releases 1.6.23 and 1.8.2 today, fixing: http://openafs.org/pages/security/OPENAFS-SA-2018-001.txt http://openafs.org/pages/security/OPENAFS-SA-2018-002.txt

Bug#897535: openafs: FTBFS: dh_auto_test: make -j1 test VERBOSE=1 returned exit code 2

(ditto) On Wed, May 30, 2018 at 11:18:11AM -0500, Benjamin Kaduk wrote: > (resetting autoremoval timer) > > On Fri, May 11, 2018 at 12:44:01PM -0500, Benjamin Kaduk wrote: > > ping? > > > > I cannot reproduce locally either on bare metal or in schroot. > >

Bug#897535: openafs: FTBFS: dh_auto_test: make -j1 test VERBOSE=1 returned exit code 2

(resetting autoremoval timer) On Fri, May 11, 2018 at 12:44:01PM -0500, Benjamin Kaduk wrote: > ping? > > I cannot reproduce locally either on bare metal or in schroot. > > -Ben > > On Fri, May 04, 2018 at 09:15:51AM -0500, Benjamin Kaduk wrote: > > Hi Lucas, &g

Bug#897535: openafs: FTBFS: dh_auto_test: make -j1 test VERBOSE=1 returned exit code 2

ping? I cannot reproduce locally either on bare metal or in schroot. -Ben On Fri, May 04, 2018 at 09:15:51AM -0500, Benjamin Kaduk wrote: > Hi Lucas, > > On Wed, May 02, 2018 at 10:52:53PM +0200, Lucas Nussbaum wrote: > > > > During a rebuild of all packages in sid

Bug#898073: Bug#897917: Stretch kernel 4.9.88-1 breaks startup of RPC, KDC services

On Tue, May 08, 2018 at 09:28:08AM -0400, Sam Hartman wrote: > Benjamin> Now, we have getrandom(), which is a great API and is > Benjamin> pretty much exactly what you want (again, at least in this > Benjamin> worldview). IIUC Ted says that you should "just use > Benjamin>

Bug#898073: Bug#897917: Stretch kernel 4.9.88-1 breaks startup of RPC, KDC services

On Mon, May 07, 2018 at 05:10:27PM +0100, Ben Hutchings wrote: > On Mon, 2018-05-07 at 11:57 -0400, Sam Hartman wrote: > > There are basically three "strengths" of random numbers available now: > > Weak: /dev/urandom > Medium: getrandom(flags=0) > Strong: /dev/random,

Bug#898073: Bug#897917: Stretch kernel 4.9.88-1 breaks startup of RPC, KDC services

On Sun, May 06, 2018 at 07:05:56PM -0700, Russ Allbery wrote: > Benjamin Kaduk <ka...@mit.edu> writes: > > On Sun, May 06, 2018 at 08:43:13PM +0100, Ben Hutchings wrote: > >> On Sun, 2018-05-06 at 14:02 -0500, Benjamin Kaduk wrote: > > >>> Arguably mor

Bug#898073: Bug#897917: Stretch kernel 4.9.88-1 breaks startup of RPC, KDC services

On Sun, May 06, 2018 at 08:43:13PM +0100, Ben Hutchings wrote: > On Sun, 2018-05-06 at 14:02 -0500, Benjamin Kaduk wrote: > > Hi Ben, > > > > On Sun, May 06, 2018 at 06:56:08PM +0100, Ben Hutchings wrote: > > > I've cloned this bug as #898073 and reassigned t

Bug#898073: Bug#897917: Stretch kernel 4.9.88-1 breaks startup of RPC, KDC services

Hi Ben, On Sun, May 06, 2018 at 06:56:08PM +0100, Ben Hutchings wrote: > I've cloned this bug as #898073 and reassigned that to krb5. > > krb5 is using the new(ish) getrandom() system call to read random bits, > with the code comment "This ensures strong randomness while only > blocking during

Bug#897535: openafs: FTBFS: dh_auto_test: make -j1 test VERBOSE=1 returned exit code 2

Hi Lucas, On Wed, May 02, 2018 at 10:52:53PM +0200, Lucas Nussbaum wrote: > > During a rebuild of all packages in sid, your package failed to build on > amd64. > > Relevant part (hopefully): > > rx/perf.ok > > volser/vos-man..ok > > volser/vos..FAILED 5 > >

Bug#887857: jessie-pu: package openafs/1.6.9-2+deb8u6

On Sun, Feb 18, 2018 at 08:18:48PM +, Adam D. Barratt wrote: > Control: tags -1 + pending > > Uploaded and flagged for acceptance. Thanks! > On a side note, the diff as uploaded reverts a couple of bug closures > from the previous security upload: > >  openafs (1.6.9-2+deb8u6)

Bug#886799: openafs-modules-dkms: install fails with compile error "implicit declaration of function 'inode_change_ok'"

On Thu, Jan 25, 2018 at 09:21:48AM -0800, deb...@lewenberg.com wrote: > > The patch you provide works fine with jessie and the 1.6.9 source > packages. However, I cannot get it to work with wheezy. > > I compile the openafs source package against wheezy and the compilation > completes without

Bug#886799: fixing openafs kernel module for security updated kernel

The SRU request for jessie is in #887857. I don't think there is a way to get a fix into jessie-backports, so I think we will need to remove openafs-modules-source and openafs-modules-dkms from jessie-backports and pull the version from buster into jessie-backports-sloppy (which will be a trip

Bug#887857: jessie-pu: package openafs/1.6.9-2+deb8u6

-proposed-updates; urgency=high + + * Apply upstream patches needed to fix kernel module build against +linux 3.16.51-3+deb8u1 kernels after security update-induced ABI changes. +(Closes: #886719) + + -- Benjamin Kaduk <ka...@mit.edu> Sat, 20 Jan 2018 11:48:09 -0600 + openafs (1

Bug#887663: [openafs] [INTL:de] Updated German translation for debconf

Hi Erik On Fri, Jan 19, 2018 at 08:46:11PM +0100, Pfannenstein Erik wrote: > Hi Ben, > > thanks for pointing this out, but I can't find any changes between the > revision I attached to my report and 1.8.0-pre4 (apart from the ones I made). Oh, sorry for making you do the extra work, but thanks

Bug#887663: [openafs] [INTL:de] Updated German translation for debconf

On Thu, Jan 18, 2018 at 10:24:40PM +0100, Pfannenstein Erik wrote: > Package: openafs > Version: 1.6.21-3 Thanks for the update. We did recently take a big update, to 1.8.0~pre4-1, if you have a chance to look at the changes it introduced. -Ben signature.asc Description: PGP signature

Bug#886768: Processed: Looks pretty RC to me

On Sun, Jan 14, 2018 at 06:45:08PM +, Debian Bug Tracking System wrote: > Processing commands for cont...@bugs.debian.org: > > > severity 886768 serious Could you say a bit more about why you feel that all binary packages from src:openafs should be subject to autoremoval when only the

Bug#887018: fails to compile against linux 3.16+63+deb8u1

reassign 887018 src:openafs severity 887018 important merge 886719 887018 retitle 886719 meltdown/spectre kernel (old)stable-security kernel breaks openafs module thanks On Fri, Jan 12, 2018 at 09:29:52AM -0600, Chad Seys wrote: > Package: openafs-modules-dkms > Version: 1.6.18.2-1~bpo8+1 >

Bug#886799: fixing openafs kernel module for security updated kernel

Hi folks, Thanks for all the interest and proposed patches. I just want to note that the openafs fix will need to go through as a SRU (Stable Release Update), which requires preapproval from the stable release managers, and will not actually appear in stable/oldstable until the next point

Bug#886799: openafs-modules-dkms: install fails with compile error "implicit declaration of function 'inode_change_ok'"

On Tue, Jan 09, 2018 at 02:40:23PM -0800, Adam Lewenberg wrote: > Package: openafs-modules-dkms > Version: 1.6.9-2+deb8u4~bpo70+1 > Severity: important > > After upgrading wheezy kernel to 3.2.0-5-amd64 openafs-modules-dkms could not > rebuild > OpenAFS kernel module. > > Here is the error

Bug#886696: openafs: FTBFS on alpha: rx/event #8 and rx/perf #3 failed

Hi Aaron, On Mon, Jan 08, 2018 at 08:14:11PM -0500, Aaron M. Ucko wrote: > Source: openafs > Version: 1.8.0~pre4-1 > Severity: important > Tags: upstream > Justification: fails to build from source (but built successfully in the past) > User: debian-al...@lists.debian.org > Usertags: alpha > >

Bug#884550: [Pkg-xfce-devel] Bug#884550: regression(?) in greeter-hide-users=true behavior

On Sun, Dec 17, 2017 at 04:28:36PM +0100, Yves-Alexis Perez wrote: > On Sat, 2017-12-16 at 09:40 -0600, Benjamin Kaduk wrote: > > After my latest upgrade/reboot, the behavior of lightdm has changed. > > Previously, on fresh boot and lock screen I would be > > presented wit

Bug#884550: regression(?) in greeter-hide-users=true behavior

Package: lightdm-gtk-greeter Version: 2.0.3-1 After my latest upgrade/reboot, the behavior of lightdm has changed. Previously, on fresh boot and lock screen I would be presented with a username/password entry dialog with empty username, empty password, and focus on username. The new behavior has

Bug#884420: openafs: kernel NULL pointer dereference under Linux 4.14

On Thu, Dec 14, 2017 at 08:38:49PM -0500, Aaron M. Ucko wrote: > Source: openafs > Version: 1.6.22-2 > Severity: important > Tags: upstream > > Thanks for looking into #884276. The module now builds successfully, > but encounters an Oops on load, as detailed below. The issue appears > to be

Bug#884276: openafs-modules-dkms: module FTBFS

tags 884276 pending upstream fixed-upstream thanks Hi Andreas, Upstream has a fix queued, but it got bumped by last week's security release (1.6.22) and the release containing it is not out yet. But it's easy enough to pull the patches in locally until that happens. Thanks, Ben

Bug#883916: openafs: [INTL:ru] Updated Russian translation of debconf template

tags 883916 pending thanks Hi Lev, On Sat, Dec 09, 2017 at 03:25:12PM +0500, Lev Lamberov wrote: > > Dear Maintainer, > > please find attached the updated Russian debconf translation for openafs. Thanks! I've put it into our version control so it should appear in the next upload. -Ben

Bug#883602: OPENAFS-SA-2017-001: Rx assertion failure from insufficient input validation

Source: openafs Version: 1.6.1-3+deb7u7 Tags: security upstream fixed-upstream pending Severity: important Upstream OpenAFS released security advisory OPENAFS-SA-2017-001 today; insufficient validation of data contained in Rx ack packets leads to the use of an invalid MTU value, ultimately

Bug#881597: krb5-multidev: Please make the package multi-arch installable

On Sun, Nov 19, 2017 at 07:07:45PM -0500, Sam Hartman wrote: > > Why do you want to replace krb5-config with pkg-config? > That seems like a good option if we can sell upstream on the idea, but > something requiring more thought otherwise. I believe we can consider upstream sold. pkg-config is

Bug#881597: krb5-multidev: Please make the package multi-arch installable

On Mon, Nov 13, 2017 at 10:51:10AM -0800, Russ Allbery wrote: > > I'm not sure how best to fix this other than no longer using krb5-config > and shipping a pkgconfig script or something. One could move the > krb5-config script into an architecture-specific directory, but that just > moves the

Bug#871698: upstream patch

On Sun, Oct 29, 2017 at 01:02:56PM +0100, Salvatore Bonaccorso wrote: > Hi > > On Fri, Oct 27, 2017 at 08:25:04PM -0500, Benjamin Kaduk wrote: > > I think upstream actually did the backport earlier today, already. > > I retitled the bug (Red Hat has assigned a CVE f

Bug#871698: upstream patch

I think upstream actually did the backport earlier today, already. -Ben

Bug#871698: upstream patch

tags 871698 upstream pending thanks Upstream has committed a patch to use dynamic allocation to master at https://github.com/krb5/krb5/pull/707 . The backport is not entirely trivial, but we should be able to get a version in (whether our own or upstream's) fairly soon. -Ben

Bug#859297: upstream pull request for openssl1.1 in node

Just noting that David Benjamin has put together a pull request for upstream at https://github.com/nodejs/node/pull/16130 . -Ben

Bug#873563: CVE-2017-11462 -- automatic sec context deletion could lead to double-free

I am inclined to just put it in unstable and not backport, but created the bug to see if the security team felt otherwise. If you look at the pull request history for the upstream commit, it seems that it was languishing there for a while before getting merged, as well. -Ben

Bug#873563: CVE-2017-11462 -- automatic sec context deletion could lead to double-free

Package: libgssapi-krb5-2 Version: 1.15-1 Tags: security Upstream has committed a change that causes libgssapi-krb5 to not automatically free a security context when an error is encountered on the second or subsequent call to gss_init_sec_context() or gss_accept_sec_context(), as this is

Bug#868121: libgssapi-krb5-2: obsolete conffile left behind

On Mon, Jul 17, 2017 at 04:35:24PM +1000, Paul Wise wrote: > > Sounds like a file that should not have been placed in /etc and > should be removed from /etc during upgrades. Some further discussion about the role of this file is in #861218

Bug#868121: libgssapi-krb5-2: obsolete conffile left behind

On Sun, Jul 16, 2017 at 12:53:18PM +1000, Paul Wise wrote: > On Wed, 12 Jul 2017 04:53:35 -0400 Sam Hartman wrote: > > > I'm not actually sure I particularly want it removed from the system. > > Policy indicates that old conffiles should be removed on upgrade: It's not really clear that this

Bug#865962: openafs-fileserver: Periodic restarts configured in BosConfig causes bosserver to be shut down

On Mon, Jun 26, 2017 at 12:08:29PM -0500, Benjamin Kaduk wrote: > > This does seem likely to be an issue with the systemd integration, yes. > (Not using the weekly restarts, I didn't observe it in testing.) > > Thanks for the report; I'll take a look. It seems that any ReBozo

Bug#865962: openafs-fileserver: Periodic restarts configured in BosConfig causes bosserver to be shut down

On Mon, Jun 26, 2017 at 09:26:01AM +0200, Arne Nordmark wrote: > Package: openafs-fileserver > Version: 1.6.20-2 > Severity: normal > > Dear Maintainer, > > This Sunday morning, the bosserver process on all stretch machines was found > to have stopped. > [snip] > > The reason why a

Bug#863260: kstart: k5start does not recognize network changes

On Wed, May 24, 2017 at 11:44:12AM -0700, Russ Allbery wrote: > > Kai Wohlfahrt writes: > > > Package: kstart > > Version: 4.2-1 > > Severity: important > > Tags: upstream > > > Dear Maintainer, > > > The k5start program repeats attempts to contact the KDC server if it

Bug#861651: krb5-kdc: Samba moving to MIT, needs version 1.15.1

On Tue, May 02, 2017 at 10:12:35AM +0100, Rowland Penny wrote: > > Samba is moving to MIT kerberos instead of Heimdal. Unless the version of MIT > is raised to 1.15.1, it will become impossible to create an AD DC on Debian > when Samba 5.0.0 is released and that may be sooner than you think. >

Bug#861218: libgssapi-krb5-2: soname-independent files in shared library package (policy 8.2)

It seems like an /etc/gss/mech.d/README-- (or similar) would alleviate the technical problems with having a single file named README, and would be glob-able for consuming software that is adapted to know about a broader convention. It would, of course, be slightly confusing to users even if there

Bug#861218: libgssapi-krb5-2: soname-independent files in shared library package (policy 8.2)

Hi Helmut, On Wed, Apr 26, 2017 at 06:52:58AM +0200, Helmut Grohne wrote: > Package: libgssapi-krb5-2 > Version: 1.15-1 > Severity: serious > Justification: violates policy section 8.2 > > libgssapi-krb5-2 is a shared library package and contains > /etc/gss/mech.d/README. The latter filename

Bug#859243: please include tmpfiles.d snippet for OTP rundir

On Sat, Apr 01, 2017 at 02:30:22AM +0300, Timo Aaltonen wrote: > Package: krb5-otp > Severity: wishlist > > Hi, > > Freeipa server includes a socket-activated daemon for OTP, and it > listens to {/var}/run/krb5kdc/DEFAULT.socket. But /run/krb5kdc is not > available, so AIUI it should be created

Bug#855366: possible patch for #855366, needs expert review

On Fri, Feb 17, 2017 at 11:21:49AM +0100, Sergio Gelato wrote: > I'm testing the attached patch. So far it seems to work, although it should > really be reviewed by someone more familiar with kernel development history. > > (I looked at the implementation of file_dentry() in 4.6 and simplified >

Bug#760099: apt-listchanges: Incorrectly assumes that binary packages from the same source share NEWS files

This bug report has been quiet for some time; does that imply that the status quo is that I should assume that de facto I can only use the toplevel NEWS.Debian and not binary-package-specific NEWS files? I ask because openafs is putting out a new major release (currently in experimental) and the

  1   2   3   4   >