e6e8b4a2ee
User-Visible OpenAFS Changes OpenAFS 1.6.10 All platforms * Don't hide the "version" subcommand in help output (11214) * Documentation improvements (11126 11216 11222 11223 11225 11226) * Improved diagnostics and error messages (11154 11246 11247 11249 11181 11182 11183) * Build system improvements (11158 11221 11224 11225 11227..11241 11282 11342 11350 11353 11242 11367 11392) * Avoid potentially erratic behaviour under certain error conditions by either avoiding or at least not ignoring them, in various places (11008 11010..11065 11112 11148 11196 11530) FreeBSD * Support releases 9.3 and 10.1 (11368 11369 11402 11403 11404) * Makes a disk cache more likely to work on FreeBSD, though such configurations remain not very tested (11448) All server platforms * Added volscan(8) (11252..11280 11387 11388) * Fixed a bug causing subgroups not to function correctly if their ptdb entry had more than one continuation entry (11352) * Logging improvements (10946 11153) * Allow log rotation via copy and truncate (11193) * Avoid a server crash during startup only observed on a single platform and when using a 3rd party library under certain circumstances, which is a collateral effect of the security improvements introduced in OpenAFS release 1.6.5 (11075) (RT #131852) All client platforms * Raised the free space reported for /afs to the maximum possible value of just under 2 TiB - the old value was 9 GiB on most platforms (10984) * Reduced the amount of stack space used (11162 11163 11203 11164..11167 11338 11339 11364..11366 11381) * Sped up a periodic client task which could be problematically slow on systems with a large number of PAGs and files in use (11307) * Fixed failure of the up command with large ACLs (11111) * Avoid a potential crash of aklog (11218) * Avoid potential crashes of scout and xstat_fs_test (11155) Linux clients * Support kernels up to 3.16 (11308 11309) * Fixed a regression introduced in OpenAFS release 1.6.6 that made checking for existing write locks incorrectly fail on readonly volumes (11361) * Fixed a regression introduced in OpenAFS release 1.6.8 that could cause VFS cache inconsistencies when a previously-accessed directory entry was removed and recreated with the same name but pointing to a different file on another client (11358) * Use the right path to depmod in Red Hat packaging to avoid dependency calculation incorrectly failing unless a link /sbin -> /usr/sbin is present on the system performing it (11171) (RT #131860) * Do not ignore kernel module build errors (11205) User-Visible OpenAFS Changes OpenAFS 1.6.11 All platforms * Allow aklog to succeed creating native K5 tokens even when mapping the K5 principal to a K4 one fails (11538) * Build fixes (11435 11636) All client platforms * Avoid a potential kernel panic due to connection reference overcounts (11645) (RT #131885) * Avoid potential corruption of files written using memory mapped I/O when the file is larger than the cache (11656) (RT #131976) Linux clients * Support kernels at least up to 3.19 (11549 11550 11569 11570 11595 11658..11662 11694 11752) Note: By default this excludes kernels 3.17 to 3.17.2, which will leak an inode reference when an error occurs in d_splice_alias(). The module will build and work, but leak kernel memory, leading to performance degradation and eventually system failure due to memory exhaustion. Since it's impossible to detect this condition automatically, the switch --enable-linux-d_splice_alias-extra-iput must be passed to configure when building the module for those kernels. The same would be necessary for any kernel with backports of commit 908790fa3b779d37365e6b28e3aa0f6e833020c3 or commit 95ad5c291313b66a98a44dc92b57e0b37c1dd589 but not the fix in commit 51486b900ee92856b977eacfc5bfbe6565028070 in the linux-stable repo (git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git) or the corresponding changes on other branches. * Fixed a regression introduced in OpenAFS release 1.6.10 which could make the spurious "getcwd: cannot access parent directories" problem return (11558 11568) (RT #131780) * Avoid leaking memory when scanning a corrupt directory (11707) OS X clients * Support OS X 10.10 "Yosemite" (11571 11572 11611) (RT #131946) Solaris clients * Avoid reading random data rather than correct cache content when using ZFS as the cache file system on Solaris >= 11, and fix potential similar problems on other platforms (11713 11714) FreeBSD * Build fix for releases >= 11.0 (11610) OpenBSD * Support release 5.4 (11700) User-Visible OpenAFS Changes OpenAFS 1.6.11.1 Linux clients * Support kernels up to 4.0 (11760 11761) FreeBSD clients * Fixed kernel module build on systems with an updated clang which no longer accepts the -mno-align-long-strings as a no-op (11809) User-Visible OpenAFS Changes OpenAFS 1.6.12 All server platforms * Avoid database corruption if a database server is shut down and then brought up again quickly with an altered database (11773 11774) (RT #131997) All client platforms * Fixed a potential buffer overflow in aklog (11808) * Avoid a bogus warning regarding the checkserver daemon, which could be logged during startup when the cache initialization was very fast (11680) * Added documentation of the inaccuracy of the 'partition' field in 'fs listquota' output for partitions larger than 2 TiB (11626) Linux clients * Support kernels up to 4.1 (11872 11873) * Avoid spurious EIO errors when writing large chunks of data to mmapped files (11877) OS X * Build fixes required at least on OS X 10.10 Yosemite with the latest XCode (11859 11876 11842..11845 11863 11878 11879) User-Visible OpenAFS Changes OpenAFS 1.6.13 All server platforms * Fix for CVE-2015-3282: vos leaks stack data onto the wire in the clear when creating vldb entries * Workaround for CVE-2015-3283: bos commands can be spoofed, including some which alter server state * Disabled searching the VLDB by volume name regular expression to avoid possible buffer overruns in the volume location server All client platforms * Fix for CVE-2015-3284: pioctls leak kernel memory * Fix for CVE-2015-3285: kernel pioctl support for OSD command passing can trigger a panic Solaris clients * Fix for CVE-2015-3286: Solaris grouplist modifications for PAGs can panic or overwrite memory User-Visible OpenAFS Changes OpenAFS 1.6.14 All server platforms * Prior to the OpenAFS security release 1.6.13, the Volume Location Server (vlserver) RPC VL_ListAttributesN2() supported wildcard volume name lookups via regular expression (regex) pattern matching. This support was completely disabled in 1.6.13 because it was judged to be a security risk due to buffer overruns in the implementation, as well as the possibility of denial of service attacks where certain regular expressions could cause excessive CPU usage in some regex implementations. Unfortunately, after 1.6.13 was released, it was discovered that the native OpenAFS 'backup' system uses the VL_ListAttributesN2() regex support to evaluate configured volume sets. If you use the OpenAFS 'backup' system (or another backup system which relies on it, such as Tivoli Storage Manager (TSM, aka Tivoli ADSM)), and are using volume sets which require regular expressions for the volume name, then those volume sets cannot be resolved by OpenAFS 1.6.13. The next paragraph provides details on how to identify any affected volume sets. OpenAFS backup volume sets may be described by fileserver, partition name, and volume name. The fileserver and partition specifications never require regular expression support. The volume name specification always requires regular expression support except for when specifying _all_ volumes via two special cases: the universal wildcard ".*", or "". For example, volume name "proj" or "*.backup" or "homevol.*" all require regex support - even if the specification contains no wildcard characters and/or exactly matches an existing volume name. As a result of this issue, OpenAFS 1.6.14 replaces the 1.6.13 changes to VL_ListAttributesN2. 1.6.14 prevents the buffer overruns and reenables the regex support, but restricts it to OpenAFS super-users and -localauth only. This is sufficient to restore the OpenAFS 'backup' system's ability to work correctly with any previously supported volume set. The OpenAFS 'backup' commands are already documented to require super-user authorization, so this restriction is moot for the backup system. There are no other direct consumers of the VL_ListAttributesN2() regex support in the OpenAFS tree. However, the VL_ListAttributesN2 RPC is publicly accessible and might be used by third party tools directly or indirectly via OpenAFS's libadmin. Any such tools that issue VL_ListAttributesN2 RPCs must now be executed using super-user or -localauth tokens. None of the other security fixes in OpenAFS 1.6.13 are known to have any issues, and are still included unchanged in OpenAFS 1.6.14. If there are any questions concerning the possible impact of OpenAFS 1.6.13 or 1.6.14 at your site, please contact your OpenAFS support provider or the openafs-info@openafs.org mailing list for further assistance. |
||
---|---|---|
.. | ||
files | ||
patches | ||
DESCR | ||
distinfo | ||
Makefile | ||
options.mk | ||
PLIST | ||
PLIST.pam |