Hi,
One of the issues that comes up from time to time is what actually constitutes
a bug worthy of a security advisory. Sometimes this is really clear cut, but in
other areas, in particular in relation to our Unix kernel modules, the dividing
line is significantly less clear. Getting this
Folks,
As you know, the release of OpenAFS 1.6.0 is imminent. Currently we
expect to release OpenAFS 1.4.14.1 with support for Linux kernels
through 2.6.38.
Going forward, it appears that substantial changes would be needed to
support kernels 2.6.39 onwards. To that end, it's our expectation that
My proposal, going forwards, is to not produce security advisories or
releases for these local denial of service attacks. Local issues that
can result in privilege escalation, or denial of service attacks that
can be performed by those outside a sites infrastructure would still
result in
As you know, the release of OpenAFS 1.6.0 is imminent. Currently we
expect to release OpenAFS 1.4.14.1 with support for Linux kernels
through 2.6.38.
Going forward, it appears that substantial changes would be needed to
support kernels 2.6.39 onwards. To that end, it's our expectation that
for
Hi Simon,
On Apr 15, 2011, at 19:53 , Simon Wilkinson wrote:
One of the issues that comes up from time to time is what actually
constitutes a bug worthy of a security advisory. Sometimes this is really
clear cut, but in other areas, in particular in relation to our Unix kernel
modules,
On Fri, Apr 15, 2011 at 12:10 PM, Derrick Brashear sha...@gmail.com wrote:
To that end, it's our expectation that
for the
continued stability of the 1.4 release series, that kernels beyond
2.6.38 would not be supported
Roughly speaking, what is the expected EOL for OpenAFS 1.4?
- Ken
My proposal, going forwards, is to not produce security advisories or
releases for these local denial of service attacks. Local issues that can
result in privilege escalation, or denial of service attacks that can be
performed by those outside a sites infrastructure would still result in
Putting my security hat on, I think that local DOS impact
is in the eye's of the beholder. For single user systems,
what you do to yourself is between the three of you. For
sites that support communities of which you have to
presume at least a few compromised credentials, even
a local DOS
On 15 Apr 2011, at 20:43, David Boyes wrote:
A variation of this comment: much of the complexity of deploying a fix is
related to packaging. Investment in simplifying and automating the process of
creating and deploying a new package would probably help somewhat with the
pain level of
On Fri, 15 Apr 2011 18:53:08 +0100
Simon Wilkinson s...@inf.ed.ac.uk wrote:
Making security releases is expensive and time consuming - it removes
developer effort from all of the other things that we want to get
done, and delays the arrival of releases that actually contain new
code.
On 04/15/2011 04:40 PM, Andrew Deason wrote:
On Fri, 15 Apr 2011 18:53:08 +0100
Simon Wilkinsons...@inf.ed.ac.uk wrote:
Making security releases is expensive and time consuming - it removes
developer effort from all of the other things that we want to get
done, and delays the arrival of
David Boyes dbo...@sinenomine.net writes:
A variation of this comment: much of the complexity of deploying a fix
is related to packaging. Investment in simplifying and automating the
process of creating and deploying a new package would probably help
somewhat with the pain level of creating a
Simon Wilkinson s...@inf.ed.ac.uk writes:
We need to be careful that we don't burn out the volunteers who provide
this service by creating releases too frequently. This is going to be
especially important in the next few months when we'll be maintaining
both a new stable series (1.6.x) and a
Is there any problem connecting 1.6 clients with 1.4.14 servers?
Russ Allbery wrote:
Simon Wilkinson s...@inf.ed.ac.uk writes:
We need to be careful that we don't burn out the volunteers who provide
this service by creating releases too frequently. This is going to be
especially important
Patricia O'Reilly orei...@qualcomm.com writes:
Is there any problem connecting 1.6 clients with 1.4.14 servers?
Nope. Works fine. Overall, 1.6 clients seem to be working as well or
better than 1.4 clients, although someone has reported reproducible hangs
and crashes to me with 1.6 (and I've
Is there any problem connecting 1.6 clients with 1.4.14 servers?
Nope. Works fine. Overall, 1.6 clients seem to be working as well or
better than 1.4 clients, although someone has reported reproducible hangs
and crashes to me with 1.6 (and I've been trying to get him to file a bug
report).
On 2011-04-15 at 16:46, Russ Allbery ( r...@stanford.edu ) said:
Patricia O'Reilly orei...@qualcomm.com writes:
Is there any problem connecting 1.6 clients with 1.4.14 servers?
Nope. Works fine. Overall, 1.6 clients seem to be working as well or
better than 1.4 clients, although someone
17 matches
Mail list logo