[log in to unmask] wrote: > Hi Troy, All, > > On Fri, 21 Dec 2007, Troy Dawson wrote: > >> Send comments/issues/test reports to [log in to unmask] > > The day before this announcement, OpenAFS 1.4.6. was released. It's a bug > fix only release, addressing issues present in 1.4.5 and earlier releases. > > Except for one patch relevant for Solaris only, all changes address bugs > in callback handling in the fileserver. That's the issue Thomas reported, > and they deemed it serious enough to issue a security advisory > > http://www.openafs.org/security/OPENAFS-SA-2007-003.txt > > and push out 1.4.6. It's a DOS issue only, but crashing a fileserver > can of course cause data loss as well. In addition, some sites have > experienced fileserver crashes simply due to using certain versions of the > windows client under special circumstances. > > I wonder whether we could still get 1.4.6 into 5.1? I put up > > http://www-zeuthen.desy.de/~wiesand/SL5/openafs.SLx-1.4.6-58.src.rpm > > which is very little different from the 1.4.5-56 build in RC1: Of the four > patches in 1.4.6 that really matter, three were already in that build. > Other than that, I just removed one or two very minor client fixes I had > in -56, making 1.4.6-58 a completely unpatched build of an OpenAFS > release. > > I know this is a bit late, and I'm sorry that I couldn't come up with this > earlier. But a few sites do use our server packages (even though few are > on SL5 yet, but this should also go into 4.6 eventually). > > I could briefly test 1.4.6-58 on a few clients, and a fileserver just > receiving its burn-in. No problems found. > > Cheers, > Stephan > Hi Stephan, Thanks for getting this ready. I'll get it into the RC 2 for SL 5.1. That should get it tested on a nice wide variety of machines. Troy -- __________________________________________________ Troy Dawson [log in to unmask] (630)840-6468 Fermilab ComputingDivision/LCSI/CSI DSS Group __________________________________________________