From openafs-info@openafs.org  Thu Aug  8 22:20:53 2024
From: openafs-info@openafs.org (Benjamin Kaduk)
Date: Thu, 8 Aug 2024 14:20:53 -0700
Subject: [OpenAFS-announce] OpenAFS 1.8.12 is available
Message-ID: <ZrU2tbNyASHnIEjo@kduck.mit.edu>

The OpenAFS maintainers are happy to announce the availability of
OpenAFS 1.8.12.
Source files can be accessed via the web at:

       https://www.openafs.org/release/openafs-1.8.12.html

or via AFS at:

       UNIX: /afs/grand.central.org/software/openafs/1.8.12/
       UNC: \\afs\grand.central.org\software\openafs\1.8.12\

This release brings the latest supported Linux kernel version to 6.9,
fixes an issue that can affect loading the kernel module on the
AArch64 architecture, and brings some reliability improvements.

For the full list of user visible changes foreseen for 1.8.12, please see

  http://dl.openafs.org/dl/1.8.12/RELNOTES-1.8.12

Bug reports should be filed to openafs-bugs@openafs.org.

Benjamin Kaduk
on behalf of the OpenAFS Release Team


From openafs-info@openafs.org  Thu May 30 22:59:34 2024
From: openafs-info@openafs.org (Benjamin Kaduk)
Date: Thu, 30 May 2024 14:59:34 -0700
Subject: [OpenAFS-announce] OpenAFS Project Update: New Maintainers Join the Team
Message-ID: <Zlj2xiflRIbVKRHK@kduck.mit.edu>

I have been happy to serve as OpenAFS Guardian for almost ten years now, but
in recent years it has become clear that as the sole Guardian, my
availability has become a bottleneck that is slowing down the progress of
the project.  While I plan to continue my work on the project at the current
level, I'm excited to welcome Andrew Deason and Michael Meffie to join me as
maintainers of the OpenAFS project; the three of us will share
responsibility for reviewing and approving changes submitted by all
contributors through the Gerrit Code Review system.

Andrew and Michael have been long-time contributors to OpenAFS, and I
welcome their expertise as we jointly maintain the health and development of
the project.  To help Andrew and Michael step into in their new roles and
maintain the high quality of code changes we've seen in recent years, I've
written up guidance on how to do code review for the project (which is going
through our usual code review process as changes to the CODING file), and we've
jointly agreed on the process that we will follow for approving and merging
changes to the tree.

What is Changing:

* We're documenting and managing the process for OpenAFS Maintainers on the
  public OpenAFS wiki: https://wiki.openafs.org/devel/MaintainersApproval/

* The new maintainers have been granted access in Gerrit to approve changes
  with a +2 review, and merge approved changes to the master and stable branches.

What is Staying the Same:

* Our workflow remains unchanged: all changes must be merged onto the 'master'
  branch before being considered for backporting to the current stable branch.

* The Release Team will continue to meet weekly on IRC to discuss changes
  required for the stable releases.

What to Expect:

* A forthcoming "Contributor Guide" will provide improved guidance on how to
  contribute and review code on Gerrit.

* Many old gerrit changes will see new activity as we try to focus our
  initial efforts to review and accept existing fixes that have yet to be
  merged.

* With the increase in maintainer time, we anticipate that the rate of code
  acceptance into the OpenAFS codebase will eventually stabilize at a more
  rapid cadence, allowing for bug fixes and improvements to be merged more
  quickly.
                                                                                                              

Please join me in welcoming Andrew and Michael to their new roles!  I look
forward to seeing the positive impact they will have on the project.

Best regards,
Ben Kaduk


From openafs-info@openafs.org  Tue Nov 12 20:28:49 2024
From: openafs-info@openafs.org (Benjamin Kaduk)
Date: Tue, 12 Nov 2024 12:28:49 -0800
Subject: [OpenAFS-announce] OpenAFS Security Releases 1.8.13, 1.6.25 available
Message-ID: <ZzO6gbYClSv4C6mz@kduck.mit.edu>

--+h+P0yYjzIWOWv75
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

The OpenAFS maintainers are happy to announce the availability of
Security Releases OpenAFS 1.8.13 and OpenAFS 1.6.25.
Source files can be accessed via the web at:

       https://www.openafs.org/release/openafs-1.8.13.html
       https://www.openafs.org/release/openafs-1.6.25.html

or via AFS at:

       UNIX: /afs/grand.central.org/software/openafs/1.8.13/
       UNC: \\afs\grand.central.org\software\openafs\1.8.13\
       UNIX: /afs/grand.central.org/software/openafs/1.6.25/
       UNC: \\afs\grand.central.org\software\openafs\1.6.25\

These releases include fixes for three security advisories:
   http://openafs.org/pages/security/OPENAFS-SA-2024-001.txt
   http://openafs.org/pages/security/OPENAFS-SA-2024-002.txt
   http://openafs.org/pages/security/OPENAFS-SA-2024-003.txt

OPENAFS-SA-2024-001 affects cache managers where PAGs are in use; an attacker
with access to a multi-user system could retrieve and use credentials from a
preexisting PAG they are not authorized to access.

OPENAFS-SA-2024-002 affects fileservers, with denial of service and potential
information disclosure from uninitialized memory access being possible due to
improper string handling in processing the RXAFS_StoreACL RPC.  Analogous
impact to clients is possible due to improper string handling in processing
the results of the RXAFS_FetchACL RPC.

OPENAFS-SA-2024-003 is a buffer overflow affecting certain RPC clients
(notably, cache manager and command-line client utilities).  Errors and
denial of service (crashes) are the most common failure modes, though for this
class of memory-safety issue there is some potential that heap manipulation
could allow remote code execution.

Bug reports should be filed to openafs-bugs@openafs.org.

Benjamin Kaduk
for the OpenAFS maintainers


--+h+P0yYjzIWOWv75
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQG3BAABCgAdFiEE2WGV4E2ARf9BYP0XKNmm82TrdRIFAmczunwACgkQKNmm82Tr
dRL5iQwdFzeEE0C1CPJ8oXsJRPATKbBX8//RxZVBHfklLcG0IvKWcqq7+FHaWqLx
OXSbX/LpR//vI8l5Y5TyfwA+FsWipbpLNtj7BX+XrleRo0xleJt/iOvWFNxWdgpg
vSyLs3pTTR05b9yr7RAuxsJFsyeGuMseTOhIVH5zBOCgVgJWdrPNUv25byUVODmj
dKipGKAVym6lnkuyjqPsWqcYPxFDXoZTZYlf7d52nXHjG5CU0aKUKVeXd+QgR4iw
CbD7m79jE+WkJLifQv2tWHnfpYE7tRNk4sdzgLLwE22r7VlG5g7IpnZIPfiuf+bJ
FApDRTi3L9TstpWXV6oo4SugEFF5wOJGwVYZ9sIal73LffbF3Lf5X5nAGOiR+fgi
Z8OFcQnLD7u8BOjh1mfxVVV/OIgkJfq6l6c3mdTd9y1Mvk1aAt7NKphpn7EyJqyt
9ntCynYwfA4yyLRj6zoYuXcZaLOPLrqXL0KR2XyagK0QH9z/imCNuLB18/Sik0cR
Oi7x50Nk7Y7xoQ==
=5AQs
-----END PGP SIGNATURE-----

--+h+P0yYjzIWOWv75--

From openafs-info@openafs.org  Wed Nov 13 21:46:34 2024
From: openafs-info@openafs.org (Michael Meffie)
Date: Wed, 13 Nov 2024 16:46:34 -0500
Subject: [OpenAFS-announce] Security update for OpenAFS macOS packages from
 download.sinenomine.net
Message-ID: <20241113164634.970a3ed1235d4b0680f2d393@sinenomine.net>

--Signature=_Wed__13_Nov_2024_16_46_34_-0500_MCdF2exdgC2ZSP.e
Content-Type: text/plain; charset=US-ASCII
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Topic: Security update for pre-built OpenAFS macOS packages from download.s=
inenomine.net

Affected: OpenAFS client versions 1.8.8.1 - 1.8.11 running macOS 11 - 14
          with packaging provided by Sine Nomine Associates

SUMMARY
=3D=3D=3D=3D=3D=3D=3D

During internal code review, a privilege escalation vulnerability was
recently discovered in the macOS packaging for the OpenAFS client
provided by Sine Nomine Associates. This vulnerability allows a local
unprivileged user to read or write any file on local disk with root
privileges by sending a specially-crafted XPC request to the OpenAFS
prefpane privileged helper daemon.

There is no security advisory published by OpenAFS itself; the relevant
macOS packaging is not yet included in the releases published by
openafs.org.

IMPACT
=3D=3D=3D=3D=3D=3D

A local unprivileged user can read or write to any local file with root
privileges, effectively allowing an attacker to run arbitrary code.
Files in AFS are not affected, because typically the local root user
does not have write access to any files in AFS. Files protected by
macOS's System Integrity Protection (SIP) cannot be modified even by
root, and so cannot be modified via this vulnerability.

AFFECTED SOFTWARE
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

All releases of macOS OpenAFS .dmg packages distributed via
https://download.sinenomine.net/ starting from 1.8.8.1, up to and
including 1.8.11, for macOS 11 to 14.

FIX
=3D=3D=3D

The issue mentioned in this alert is fixed in the packages provided for Ope=
nAFS
1.8.13, available at:

https://download.sinenomine.net/openafs/bins/1.8.13/macos-12/
https://download.sinenomine.net/openafs/bins/1.8.13/macos-13/
https://download.sinenomine.net/openafs/bins/1.8.13/macos-14/

Source code for the fixed packaging is available from Sine Nomine upon
request.

Sine Nomine recommends that all affected sites upgrade all macOS clients
to OpenAFS 1.8.13 with the macOS packaging provided above. To make sure
all vulnerable code is removed, it is recommended that you first
uninstall any existing OpenAFS client using the uninstaller script in
1.8.13, not the uninstaller script in the installed OpenAFS client. For
example, if OpenAFS 1.8.11 is installed, use the uninstaller script from
1.8.13; it is designed to work even though it is for a different
version. Then install OpenAFS 1.8.13, and reboot the system.

If you simply uninstall an older version of the OpenAFS client instead
of upgrading, you must also use the uninstaller script included with
version 1.8.13, not the uninstaller script in the installed OpenAFS
client.

If you have already uninstalled OpenAFS using the uninstaller script
from an older version, follow the instructions in WORKAROUNDS to make
sure the daemon has been removed from your system.

WORKAROUNDS
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

To avoid this issue without upgrading (or after uninstalling OpenAFS),
you can prevent the privileged helper daemon from running by running the
following commands:

$ sudo launchctl unload -w /Library/LaunchDaemons/privhelper-launchd.plist
$ sudo rm -f /Library/LaunchDaemons/privhelper-launchd.plist
$ sudo rm -f /Library/PrivilegedHelperTools/org.openafs.privhelper

To check that the daemon is no longer running, run:

$ ps -ef | grep "org[.]openafs[.]privhelper"

If the daemon is no longer running, this command should show no output.
If the daemon is still running, the output will look similar to this:

$ ps -ef | grep "org[.]openafs[.]privhelper"
0 118 1 0 9:35AM ?? 0:00.01 /Library/PrivilegedHelperTools/org.openafs.priv=
helper

Removing this daemon will prevent the OpenAFS prefpane plugin from
working properly, as well as the OpenAFS menu bar. To restore this
functionality, upgrade to the 1.8.13 OpenAFS client.


DETAILS
=3D=3D=3D=3D=3D=3D=3D

The OpenAFS prefpane plugin needs to perform some operations as root, such =
as
modifying OpenAFS client configuration, starting and stopping the OpenAFS
client, etc. macOS version 10.7 removed the interfaces used by the upstream
OpenAFS prefpane plugin to run privileged operations, and Sine Nomine updat=
ed
the macOS packaging to communicate with a separate privileged helper daemon
using XPC.

The privileged helper daemon provided in this new packaging did not properly
verify that XPC requests came from the OpenAFS prefpane plugin or menu bar =
and
were authorized to run commands as root, allowing any local user to provide
specially crafted requests to cause the privileged helper daemon to write to
any path as root. The fixed packaging updates the privileged helper daemon =
to
verify the code signature of incoming XPC requests, and requires each reque=
st
to provide authorization for running commands as root.


Sincerely,

Sine Nomine Associates


--=20
Michael Meffie <mmeffie@sinenomine.net>

--Signature=_Wed__13_Nov_2024_16_46_34_-0500_MCdF2exdgC2ZSP.e
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCgAdFiEEbbGcmVrDMbnvzVLiUUBNRtV75AYFAmc1HjoACgkQUUBNRtV7
5AbN9Qv+MgPoIdlwZMWYGaVTYtJEMUpVBOcVuMDkzt3HOizzNgUHo1TkNaBwToih
hW1vucQnES9JmGqUbbwTFaXghP89XkipYaAl8CXMkKpiXva6kPYYV837xPvDy8O7
7EseIh44ZbmtCW7LRqNVFdpcMhnO+b2/Od507holxGzO/J2ycgTQDe9HRHVgPvqg
fDNX3pUYLe+lty3vFn8DZIeB9TOAgYH9K0+6vJ8/H+wiZWTbIE5JkkCG7KyVKD16
KxCvJiMyTS+sYAFf0a94BP9QN3V+gTNMdr7NJrFiPcNPNEfHywYXXjp4XaJMDUIi
MM+DTt/SJg0tBqXoFsyZqe3r4/X8pbOzHpMZv7tMRhk1TNQLnoyZ2DJiRnov46mq
SWeteqLSFOt/AZreHMqjhm2e7CE7Xaa1uLDiqnTzdVOQvkk5p9sZFXIUwstc9opR
A84DfKIK+1nBBJ46n8mucR6PWUx28QW9rnVrKVwfBwVuD3Jlgdfyi+XdhTrt1Rgd
HT1oLTpL
=JdDy
-----END PGP SIGNATURE-----

--Signature=_Wed__13_Nov_2024_16_46_34_-0500_MCdF2exdgC2ZSP.e--

From openafs-info@openafs.org  Thu Dec 19 17:45:04 2024
From: openafs-info@openafs.org (Benjamin Kaduk)
Date: Thu, 19 Dec 2024 09:45:04 -0800
Subject: [OpenAFS-announce] OpenAFS 1.8.13.1 is available
Message-ID: <Z2RboJ3buL2bdMwC@kduck.mit.edu>

The OpenAFS maintainers are happy to announce the availability of
OpenAFS 1.8.13.1.
Source files can be accessed via the web at:

       https://www.openafs.org/release/openafs-1.8.13.1.html

or via AFS at:

       UNIX: /afs/grand.central.org/software/openafs/1.8.13.1/
       UNC: \\afs\grand.central.org\software\openafs\1.8.13.1\

This release includes support for newer Linux mainline kernels
(currently up to 6.12) and fixes a build error on AIX systems
that was introduced in OpenAFS 1.8.13.

Bug reports should be filed to openafs-bugs@openafs.org.

Benjamin Kaduk
for the OpenAFS maintainers