Bug#887857: jessie-pu: package openafs/1.6.9-2+deb8u6

["Adam D. Barratt" <adam@adam-barratt.org.uk>]

Control: tags -1 + pending

On Wed, 2018-02-14 at 20:48 +0100, Julien Cristau wrote:
> Control: tag -1 confirmed
> 
> On Sat, Jan 20, 2018 at 13:42:53 -0600, Benjamin Kaduk wrote:
> 
> > The recent kernel update in jessie-security with meltdown/spectre
> > remediation
> > measures introduced some minor ABI changes that cause the version
> > of the openafs
> > kernel module in jessie to be unable to compile.  More recent
> > upstream versions
> > of openafs do compile against this kernel, so I need to backport
> > the appropriate
> > build fixes in order to make openafs-modules-source and openafs-
> > modules-dkms
> > usable in jessie again.  (The version in jessie-backports is also
> > broken,
> > not that that is directly relevant here.)
> > 
> > I attach a debdiff with the needed patches, and I have tested the
> > resulting
> > package in a jessie VM with the latest kernel from jessie-security.
> > 
> 
> Looks fine to me, go ahead and upload.

Uploaded and flagged for acceptance.

On a side note, the diff as uploaded reverts a couple of bug closures
from the previous security upload:

 openafs (1.6.9-2+deb8u6) jessie-security; urgency=high
 
-  * CVE-2017-17432: remote triggered Rx assertion failure (Closes: #883602)
+  * CVE-2017-17432: remote triggered Rx assertion failure
   * CVE-2016-4536: information leakage from OpenAFS clients
   * CVE-2016-9772: information leakage from directory objects
-    (Closes: #846922)

Regards,

Adam