svn commit: r319798 - in head: net/openafs net/openafs/files security/vuxml
Chris Rees
crees at FreeBSD.org
Mon Jun 3 18:29:52 UTC 2013
Author: crees
Date: Mon Jun 3 18:29:50 2013
New Revision: 319798
URL: http://svnweb.freebsd.org/changeset/ports/319798
Log:
Update to 1.6.2
* Fix buffer overflows in fileserver and ptserver.
* Fix rare file corruption during background sync (Gerrit 8796).
* Fix corrupting clients' metadata cache during certain errors (Gerrit 6957).
* Fix cache corruption when reading from a file another client is simultaneously writing to (Gerrit 7994).
* Fix fileservers to properly report >2 TiB partitions.
and some other less serious changes.
PR: ports/179259
Submitted by: Adam Nowacki <nowak at tepeserwery.pl>
Submitted by: bjk (maintainer)
Security: CVE-2013-1794
Deleted:
head/net/openafs/files/patch-acinclude.m4
head/net/openafs/files/patch-configure
head/net/openafs/files/patch-configure.ac
head/net/openafs/files/patch-src__afs__FBSD__osi_misc.c
head/net/openafs/files/patch-src__afs__FBSD__osi_vfsops.c
head/net/openafs/files/patch-src__afs__FBSD__osi_vnodeops.c
head/net/openafs/files/patch-src__aklog__aklog.c
head/net/openafs/files/patch-src__config__afs_sysnames.h
head/net/openafs/files/patch-src__config__param.amd64_fbsd_100.h
head/net/openafs/files/patch-src__config__param.amd64_fbsd_83.h
head/net/openafs/files/patch-src__config__param.amd64_fbsd_84.h
head/net/openafs/files/patch-src__config__param.amd64_fbsd_91.h
head/net/openafs/files/patch-src__config__param.i386_fbsd_100.h
head/net/openafs/files/patch-src__config__param.i386_fbsd_83.h
head/net/openafs/files/patch-src__config__param.i386_fbsd_84.h
head/net/openafs/files/patch-src__config__param.i386_fbsd_91.h
head/net/openafs/files/patch-src__kauth__Makefile.in
head/net/openafs/files/patch-src__libafs__Makefile.common.in
Modified:
head/net/openafs/Makefile
head/net/openafs/distinfo
head/security/vuxml/vuln.xml
Modified: head/net/openafs/Makefile
==============================================================================
--- head/net/openafs/Makefile Mon Jun 3 18:02:24 2013 (r319797)
+++ head/net/openafs/Makefile Mon Jun 3 18:29:50 2013 (r319798)
@@ -2,7 +2,6 @@
PORTNAME= openafs
DISTVERSION= ${AFS_DISTVERSION}.${DBVERSION:S/-//g}
-PORTREVISION= 1
CATEGORIES= net kld
MASTER_SITES= http://dl.central.org/dl/openafs/${AFS_DISTVERSION}/:openafs \
http://dl.openafs.org/dl/openafs/${AFS_DISTVERSION}/:openafs \
@@ -22,8 +21,8 @@ LICENSE_NAME= IBM Public License Version
LICENSE_FILE= ${WRKSRC}/doc/LICENSE
LICENSE_PERMS= auto-accept
-AFS_DISTVERSION= 1.6.1
-DBVERSION= 2011-08-14
+AFS_DISTVERSION= 1.6.2
+DBVERSION= 2013-01-28
OPTIONS_DEFINE= FUSE
@@ -45,6 +44,10 @@ PLIST_SUB+= AFSMNTDIR=${AFSMNTDIR:C,^/,,
.include <bsd.port.pre.mk>
+.if ${OSVERSION} > 1000000
+BROKEN= Does not build
+.endif
+
KERNCONF?= GENERIC
KERNCONFDIR?= ${SRC_BASE}/sys/${ARCH}/conf
KMODDIR= /boot/modules
Modified: head/net/openafs/distinfo
==============================================================================
--- head/net/openafs/distinfo Mon Jun 3 18:02:24 2013 (r319797)
+++ head/net/openafs/distinfo Mon Jun 3 18:29:50 2013 (r319798)
@@ -1,6 +1,6 @@
-SHA256 (openafs-1.6.1-src.tar.bz2) = d05ef7f8e89b6939726d93bb46d4353e20a459890b9c3ca3065d50de408bf5b0
-SIZE (openafs-1.6.1-src.tar.bz2) = 14356434
-SHA256 (openafs-1.6.1-doc.tar.bz2) = c41006ca12368b028f2108c972bd3de1881b5f78941bc831ff238a0344a3bec6
-SIZE (openafs-1.6.1-doc.tar.bz2) = 3481865
-SHA256 (CellServDB.2011-08-14) = fa547873edda44682440d66b79d2002f7019fac520eb3a6d6d2c7e9e83ad8d89
-SIZE (CellServDB.2011-08-14) = 36836
+SHA256 (openafs-1.6.2-src.tar.bz2) = 0db0877cd42131a744472ad0abfa26a4402a5bad94adb4d1eada75c8b6895bc9
+SIZE (openafs-1.6.2-src.tar.bz2) = 14378378
+SHA256 (openafs-1.6.2-doc.tar.bz2) = 3b1fecde4cea104d62fde9d4ac78bc4f28c64bc2c4f527bfefd27789facaae1e
+SIZE (openafs-1.6.2-doc.tar.bz2) = 3483994
+SHA256 (CellServDB.2013-01-28) = faa755c6e13d8a71182a4036d1cee01bce49fb2a93feb6499683f22049391a17
+SIZE (CellServDB.2013-01-28) = 36787
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jun 3 18:02:24 2013 (r319797)
+++ head/security/vuxml/vuln.xml Mon Jun 3 18:29:50 2013 (r319798)
@@ -51,6 +51,36 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="0bf376b7-cc6b-11e2-a424-14dae938ec40">
+ <topic>net/openafs -- buffer overflow</topic>
+ <affects>
+ <package>
+ <name>openafs</name>
+ <range><lt>1.6.2.*</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Nickolai Zeldovich reports:</p>
+ <blockquote cite="http://www.openafs.org/pages/security/OPENAFS-SA-2013-001.txt">
+ <p>An attacker with the ability to manipulate AFS directory ACLs may
+ crash the fileserver hosting that volume.
+ In addition, once a corrupt ACL is placed on a fileserver, its
+ existence may crash client utilities manipulating ACLs
+ on that server.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>http://www.openafs.org/pages/security/OPENAFS-SA-2013-001.txt</url>
+ <cvename>CVE-2013-1794</cvename>
+ </references>
+ <dates>
+ <discovery>2013-02-27</discovery>
+ <entry>2013-06-03</entry>
+ </dates>
+ </vuln>
+
<vuln vid="9dfb63b8-8f36-11e2-b34d-000c2957946c">
<topic>www/mod_security -- NULL pointer dereference DoS</topic>
<affects>
More information about the svn-ports-head
mailing list