From openafs-info@openafs.org Fri Feb 2 14:07:35 2018 From: openafs-info@openafs.org (Stephan Wiesand) Date: Fri, 2 Feb 2018 15:07:35 +0100 Subject: [OpenAFS-announce] OpenAFS Release 1.6.22.2 available Message-ID: <2055BCCB-ECA9-4C0E-8815-A85C492EE855@desy.de> The OpenAFS Release Team is pleased to announce the availability of OpenAFS version 1.6.22.2 for UNIX/Linux. Source files can be accessed via the web at: http://www.openafs.org/dl/openafs/1.6.22.2/ or via AFS at: /afs/grand.central.org/software/openafs/1.6.22.2/ \\afs\grand.central.org\software\openafs\1.6.22.2\ This release brings support for the latest Linux mainline kernel, 4.15, and macOS 10.13 "High Sierra" and APFS as the client cache filesystem. It also fixes the latest instance of a perennial issue where a directory entry would be erroneously removed, leading to applications failing with a report that getcwd() failed; this issue became very common on clients with RHEL 7.4 kernels. For the full list of user visible changes in this release, please see http://dl.openafs.org/dl/1.6.22.2/RELNOTES-1.6.22.2 Systems not requiring these changes can continue to use an earlier 1.6.22 release. Bug reports should be filed to openafs-bugs@openafs.org. Stephan Wiesand, 1.6 Branch Release Manager, on behalf of the OpenAFS Release Team From openafs-info@openafs.org Mon Feb 19 19:01:06 2018 From: openafs-info@openafs.org (Benjamin Kaduk) Date: Mon, 19 Feb 2018 13:01:06 -0600 Subject: [OpenAFS-announce] OpenAFS 1.8.0 release candidate 5 available Message-ID: <20180219190105.GK54688@kduck.kaduk.org> --3uo+9/B/ebqu+fSQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline The OpenAFS Guardians are happy to announce the availability of the fifth prerelease candidate of OpenAFS 1.8.0. Source files can be accessed via the web at: https://www.openafs.org/release/openafs-1.8.0pre5.html or via AFS at: UNIX: /afs/grand.central.org/software/openafs/candidate/1.8.0pre5/ UNC: \\/afs\grand.central.org\software\openafs\candidate\1.8.0pre5\ The changes since beta 4 include some cleanup of ubik behavior to avoid transactions that we know will fail, improving the RedHat packaging, fixing a rare deadlock on old Linux kernel versions, partially fixing a deadlock on Solaris, improving compatibility with glibc 2.26, some debugging aids for Solaris clients, improvements to FreeBSD support, and excluding RXGEN_OPCODE aborts from the threshold towards throttling misbehaving clients of the fileserver. This is a release candidate for the final version of 1.8.0. Please assist the guardians by deploying and testing this release and providing positive or negative feedback. Bug reports should be filed to openafs-bugs@openafs.org ; reports of successes should be sent to openafs-info@openafs.org. Benjamin Kaduk for the OpenAFS Guardians --3uo+9/B/ebqu+fSQ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQG3BAABCgAdFiEE2WGV4E2ARf9BYP0XKNmm82TrdRIFAlqLHuwACgkQKNmm82Tr dRI87wwg6AunEZfK98/RuU5gy26e01P7dcUVBW4riNr4iZglj6hk0PzlHuoRbYxo EvL8e09MshZj4doCVc8A5kG27TB7tSDLO4I0VqbfKL3scz9khU8JgcfWL80jd3k2 21ByZUc/zhzX2U2D1L8KW6GZHTR/YPB5KnTyspJdoJTgoWunI4fxuhdc6rtUQaEK jfjcZtenAkbT2QBvNV+FWXO94QVbv0Ou3oZFaH/sfnb67jB98D68EMgTAZXeBgLu 024UkrhT9KK8CAx3DY5GMHB57xAbaagGzncu7VM4nhYeAI9LB+fhkbLNxNgakv2c pZzhHpBUtJ10pKrMdNawthgRpHqZm9JpN4ac9i9czK/gbiYeBQx3twi7eGjm6cH4 YjJWOtZL2Te9QLfYSHMJl+m5r8qNqu/AUn70o7tJYx2G39YZm+O3WGGIUDFVZEHC zQAl7/pLmdpPfkxBQuie/lIewdpnhbkq4eToRvqKAblUBPQPjQQKd9pTgOnO0qWc LqPnwI7XUyj6WQ== =2cCN -----END PGP SIGNATURE----- --3uo+9/B/ebqu+fSQ-- From openafs-info@openafs.org Fri Apr 13 15:07:14 2018 From: openafs-info@openafs.org (Benjamin Kaduk) Date: Fri, 13 Apr 2018 09:07:14 -0500 Subject: [OpenAFS-announce] OpenAFS Release 1.8.0 available Message-ID: <20180413140713.GA40716@kduck.kaduk.org> --lrZ03NoBR/3+SXJZ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline The OpenAFS Guardians are happy to announce the availability of the first release in a new stable series of releases, OpenAFS 1.8.0. Source files can be accessed via the web at: https://www.openafs.org/release/openafs-1.8.0.html or via AFS at: UNIX: /afs/grand.central.org/software/openafs/1.8.0/ UNC: \\afs\grand.central.org\software\openafs\1.8.0\ The new stable relase branch includes sweeping changes throughout the tree; please consult the release notes for full details. Very brief highlights include: a new KeyFileExt for long-term keys that supersedes rxkad.keytab, a new (logrotate-compatible) log rotation scheme, pthreaded ubik servers enabled by default along with other pthread conversions, many additional code quality fixes spotted by static analysis tools, the use of Heimdal's roken and crypto support libraries, and API and file support for many configuration knobs. This release also switches the client to use encryption by default, to match many distribution packages and the Windows client, and removes support for Linux versions prior to 2.6. The changes since the last release candidate are just some documentation updates, a build fix for FreeBSD clients, a fix for ENOTDIR issues seen on RedHat 7.5 Linux, improvements to the RPM packaging, and fixing a NUL-termination bug. I would like to take this chance to thank the many people who worked tirelessly to make this release happen: the developers contributing code and code review, everyone who has tested and ran the pre-release versions (including in production!), and the moral support from everyone to help get the release finished. There are too many people to name them all, but know indeed that your efforts are greatly appreciated! Please assist the guardians by deploying and testing this release and providing positive or negative feedback. Bug reports should be filed to openafs-bugs@openafs.org ; reports of successes should be sent to openafs-info@openafs.org. Benjamin Kaduk for the OpenAFS Guardians --lrZ03NoBR/3+SXJZ Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQG3BAABCgAdFiEE2WGV4E2ARf9BYP0XKNmm82TrdRIFAlrQuYwACgkQKNmm82Tr dRKuYQwfefikG9xls9vJtCxmrwuwtIf1jqBHJcuhlwgMKH0bsWO9keYLG1M02JMP WUcD9moDlEO0TKz6s5GmJdu3dSvo0zzcabcXESg4ur9H7qXtelQ0h+1L0Rlg/Zb0 FqgMsaVmmEjvr4/S/3lrdt1iy4KQaPj64lv5oJ2d0kVGB78raX1ruO9oKraDYSTN qoLD+ZYuYr+kANzUHUc1j+UyPryHO6MgGlIUXEXJy0Tnj7jPh6D+GnsBQ+BxhNEP AW2cg/K2W+YidgJXHNM/KyX6nrIRQlx3RAzV5MeSxT6RzGR29YpS5PeZideG0BqL b1YG8NQjlxNknwt0Xh+aVWgaL4SIkl3viEvub9YFXEDOcJ5XcLSuggrEwzLx0uMv ygmsW/i1k3enJ3jTSh7zwfh9RuUwi4QhQavP05gltSR3UWRFfLwloA+yrTd2ZZTm rpp1ldjM0aDRf35UfUTGS4kIhtk9Rd8fS3uzmQ5+mlHTTnqIg39ipx+zy2aENPjy kIIk/FOWHcwfqw== =25FX -----END PGP SIGNATURE----- --lrZ03NoBR/3+SXJZ-- From openafs-info@openafs.org Fri Apr 20 14:13:18 2018 From: openafs-info@openafs.org (Stephan Wiesand) Date: Fri, 20 Apr 2018 15:13:18 +0200 Subject: [OpenAFS-announce] OpenAFS Release 1.6.22.3 available Message-ID: The OpenAFS Release Team is pleased to announce the availability of = OpenAFS version 1.6.22.3 for UNIX/Linux. Source files can be accessed via the = web at: http://www.openafs.org/dl/openafs/1.6.22.3/ or via AFS at: /afs/grand.central.org/software/openafs/1.6.22.3/ \\afs\grand.central.org\software\openafs\1.6.22.3\ This release brings support for Red Hat Enterprise Linux 7.5 kernels, = which broke reading directories in AFS space. For the full list of user visible changes in this release, please see http://www.openafs.org/dl/1.6.22.3/RELNOTES-1.6.22.3 Systems not requiring this change can continue to use an earlier 1.6.22 = release. Bug reports should be filed to openafs-bugs@openafs.org. Stephan Wiesand, Release Manager, on behalf of the OpenAFS Release Team From openafs-info@openafs.org Mon Jul 30 19:57:38 2018 From: openafs-info@openafs.org (Benjamin Kaduk) Date: Mon, 30 Jul 2018 13:57:38 -0500 Subject: [OpenAFS-announce] OpenAFS 1.8.1 available Message-ID: <20180730185738.GI79679@kduck.kaduk.org> --+pHx0qQiF2pBVqBT Content-Type: text/plain; charset=us-ascii Content-Disposition: inline The OpenAFS Guardians are happy to announce the availability of the latest stable release of OpenAFS, version 1.8.1. Source files can be accessed via the web at: https://www.openafs.org/release/openafs-1.8.1.html or via AFS at: UNIX: /afs/grand.central.org/software/openafs/1.8.1/ UNC: \\afs\grand.central.org\software\openafs\1.8.1\ This release includes a number of bug fixes, including an expansion of the symbols exported from shared libraries (on platforms where symbol export limitations are applied) and completing the set of installed header files, a fix for a reference counting error that has been observed to cause fileserver crashes, a fix for cache manager panics when cache bypass is enabled, a fix for client-side handling of volume callbacks, a fix for an easily triggered panic on BSD systems, and a fix for `vldb_check -fix` (which was corrupting data when multiple MH headers were present, since 1.8.0). It also introduces support for arm64-based Linux clients, and improves the behavior of the client when the cache partition is inaccessible (as can happen when SIGKILL is pending for the running process). Please assist the Guardians by deploying and testing this release and providing positive or negative feedback. Bug reports should be filed to openafs-bugs@openafs.org ; reports of successes should be sent to openafs-info@openafs.org. Benjamin Kaduk for the OpenAFS Guardians --+pHx0qQiF2pBVqBT Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQG3BAABCgAdFiEE2WGV4E2ARf9BYP0XKNmm82TrdRIFAltfX6IACgkQKNmm82Tr dRKQJwwg6VSx1EEmNoGe7gxVOo/RXZrUiwjjdpgTxXWHNPFAXDXIFb4MVul5mmIe EJhb4nmnl75dqT0rCPLwEFCU6tX+Y2E2TCMielFbsUE3x+LLEC9lNU5jj37hBjF0 S/9eR7qbNYSnMAaA+SOGFgerGymJOyeSC2KrP5qFDc/xidSSZ/qNWQh4/i2GGf5j a9Lq/BbNSFnRZgRYQAcnathDnyuGu+QwwhG1fyCLoc4bEvw0zs7bqURG/FldMs0C tURw1aG4zyv8Js2LR4qf+OYhj8kcK3117ddYC3lirkVJta5VSfB/SjarFozNakdt eHkM2D/5UDuVRzDqQLUn7iLiGS9VvK//URXE4qyJ8ORLPpYio4NdocEPUNvPyYUk 9PdOp/+mDD632dgFz8wlkvVXOCIUwJLyB4gFau/Dz9B0sZ461OqWB9N9W0hIrwwS 1UXD7Bc2gd2VwKWiE77lRVLvAwjTiusmPzfwVG1jRZhGEQqxj6pUf9jBTXO5uawB pWG40kXCOfkvHQ== =sWDD -----END PGP SIGNATURE----- --+pHx0qQiF2pBVqBT-- From openafs-info@openafs.org Fri Sep 7 20:05:41 2018 From: openafs-info@openafs.org (Stephan Wiesand) Date: Fri, 7 Sep 2018 21:05:41 +0200 Subject: [OpenAFS-announce] OpenAFS Releases 1.8.1.1 and 1.6.22.4 available Message-ID: The OpenAFS Release Team is pleased to announce the availability of = OpenAFS versions 1.8.1.1 and 1.6.22.4 for UNIX/Linux. Source files can be = accessed via the web at: http://www.openafs.org/dl/openafs/1.8.1.1/ http://www.openafs.org/dl/openafs/1.6.22.4/ or via AFS at: /afs/grand.central.org/software/openafs/1.8.1.1/ \\afs\grand.central.org\software\openafs\1.8.1.1\ /afs/grand.central.org/software/openafs/1.6.22.4/ \\afs\grand.central.org\software\openafs\1.6.22.4\ This release brings support for the latest Linux mainline kernel, 4.18. For the full list of user visible changes in this release, please see http://www.openafs.org/dl/1.6.22.4/RELNOTES-1.8.1.1 http://www.openafs.org/dl/1.6.22.4/RELNOTES-1.6.22.4 Systems not requiring this change can continue to use the 1.8.1 release or an earlier 1.6.22 one. Bug reports should be filed to openafs-bugs@openafs.org. Stephan Wiesand, Release Manager, on behalf of the OpenAFS Release Team From openafs-info@openafs.org Tue Sep 11 20:04:59 2018 From: openafs-info@openafs.org (Benjamin Kaduk) Date: Tue, 11 Sep 2018 14:04:59 -0500 Subject: [OpenAFS-announce] OpenAFS Security Releases 1.8.2, 1.6.23 available Message-ID: <20180911190459.GB48265@kduck.kaduk.org> --n8g4imXOkfNTN/H1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline The OpenAFS Guardians are happy to announce the availability of Security Releases OpenAFS 1.8.2 and 1.6.23. Source files can be accessed via the web at: https://www.openafs.org/release/openafs-1.8.2.html https://www.openafs.org/release/openafs-1.6.23.html or via AFS at: UNIX: /afs/grand.central.org/software/openafs/1.8.2/ UNC: \\afs\grand.central.org\software\openafs\1.8.2\ UNIX: /afs/grand.central.org/software/openafs/1.6.23/ UNC: \\afs\grand.central.org\software\openafs\1.6.23\ These releases include fixes for three security advisories, OPENAFS-SA-2018-001, OPENAFS-SA-2018-002, and OPENAFS-SA-2018-003. OPENAFS-SA-2018-001 only affects deployments that run the 'butc' utility as part of the in-tree backup system, but is of high severity for those sites which are affected -- an anonymous attacker could replace entire volumes with attacker-controlled contents. OPENAFS-SA-2018-002 is for information leakage over the network via uninitialized RPC output variables. A number of RPCs are affected, some of which require the caller to be authenticated, but in some cases hundreds of bytes of data can be leaked per call. Of note is that cache managers are also subject to (kernel) memory leakage via AFSCB_ RPCs. OPENAFS-SA-2018-003 is a denial of service whereby anonymous attackers can cause server processes to consume large quantities of memory for a sustained period of time. Please see the release notes and security advisories for additional details. The changes to fix OPENAFS-SA-2018-001 require behavior change in both butc(8) and backup(8) to use authenticated connections; old and new versions of these utilities will not interoperate absent specific configuration of the new tool to use the old (insecure) behavior. These changes also are expected to cause backup(8)'s interactive mode to be limited to only butc connections requiring (or not requiring) authentication within a given interactive session, based on the initial arguments selected. Bug reports should be filed to openafs-bugs@openafs.org. Benjamin Kaduk for the OpenAFS Guardians --n8g4imXOkfNTN/H1 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQG3BAABCgAdFiEE2WGV4E2ARf9BYP0XKNmm82TrdRIFAluYEdUACgkQKNmm82Tr dRIWbAweKo4vV8PlQL+GU7F3KeRgb7OOl0DiZXVtOTaE6YaRQ+3nnWB4Wzsql+D4 6Gej//6yOHgDveZrjheT1OBcLU6AQFZhf2iRkmqsW0eHeA1Mqj0ErrxO8QxFTQ0A A18zo18p85PmQr1zWaNAemuTCxk0Gv+RfD/r3xcmQ1vjKPfDcEOVb3q60vK/gFb6 MpzuQZ5XTEASJLsms/EEPoZRvgty82dkILbJEdeF144MGHzhhPivDjR00bQCXsuL 6euurQzqMMtPp4pRzmVFwvGhnUg/6G5Fe8J9et7fCkoMQZBt8d4taOpi4EUm8xr1 FMqureFJs/7dFWNKPeHwzbGWTO/+5XNMFR5yEcfaclt2tTqHBFFLdY1GeYsYH5iF jxuCjvNDc7H+F4dzRGdLHlcZkNUOJcrrAglgqKXFadTORiqKN8OvQ2J+CA503W9c 55WZ5/14iMfdmppdS09215ENtIqlmpkHsU+ea5iUuy2+FOcGAWdwcM6+BRV1bX40 EM9mOVATItoJQA== =8jXh -----END PGP SIGNATURE----- --n8g4imXOkfNTN/H1--