Bug#887857: jessie-pu: package openafs/1.6.9-2+deb8u6
Control: tags -1 + pending
On Wed, 2018-02-14 at 20:48 +0100, Julien Cristau wrote:
> Control: tag -1 confirmed
>
> On Sat, Jan 20, 2018 at 13:42:53 -0600, Benjamin Kaduk wrote:
>
> > The recent kernel update in jessie-security with meltdown/spectre
> > remediation
> > measures introduced some minor ABI changes that cause the version
> > of the openafs
> > kernel module in jessie to be unable to compile. More recent
> > upstream versions
> > of openafs do compile against this kernel, so I need to backport
> > the appropriate
> > build fixes in order to make openafs-modules-source and openafs-
> > modules-dkms
> > usable in jessie again. (The version in jessie-backports is also
> > broken,
> > not that that is directly relevant here.)
> >
> > I attach a debdiff with the needed patches, and I have tested the
> > resulting
> > package in a jessie VM with the latest kernel from jessie-security.
> >
>
> Looks fine to me, go ahead and upload.
Uploaded and flagged for acceptance.
On a side note, the diff as uploaded reverts a couple of bug closures
from the previous security upload:
openafs (1.6.9-2+deb8u6) jessie-security; urgency=high
- * CVE-2017-17432: remote triggered Rx assertion failure (Closes: #883602)
+ * CVE-2017-17432: remote triggered Rx assertion failure
* CVE-2016-4536: information leakage from OpenAFS clients
* CVE-2016-9772: information leakage from directory objects
- (Closes: #846922)
Regards,
Adam
Reply to: