Attached are the ebuilds for net-fs/openafs-1.6.5 and net-fs/openafs-kernel-1.6.5. The patchset openafs-1.6.5-patches-1.tar.bz2 should be the same as openafs-1.6.2-patches-1.tar.bz2 (no changes to the patches). Bugs fixed: 478296 (security) 478282 (security) 472184 469992 463477 460494
Created attachment 354432 [details] net-fs/openafs-1.6.5 ebuild
Created attachment 354434 [details] net-fs/openafs-kernel-1.6.5 ebuild
Is bug #463477 really fixed? I received the same error with gentoo-sources-3.10.4 and CONFIG_USER_NS enabled with openafs-kernel-1.6.5
Ah, sorry. the bug 463477 is not fixed.
Is this bug blocking on bug #463477? If so, I would like to propose that !CONFIG_USER_NS be added to CONFIG_CHECK in the openafs-kernel ebuild as a temporary solution. The upstream bug report for that issue (http://rt.central.org/rt/Ticket/Display.html?id=131665) shows that they consider support for user namespaces to be a feature enhancement, not a regresssion. Given that 1.6.5 fixes two significant security vulnerabilities, I believe it would be beneficial to work on stabilizing 1.6.5 without waiting for user namespace support to be fixed.
The in-portage version of openafs doesn't compile against gentoo-sources-3.10.7, which was made stable recently. A version bump would indeed be nice.
Please make the bump. Security team policy is that it's okay to bump-and-stable with outstanding bugs as long as the bugs were pre-existing (and, for that matter, a quick fix for a warning has been suggested here). I'd like to get those security bugs closed.
=== openafs-kernel === + 27 Aug 2013; Tom Wijsman <TomWij@gentoo.org> +openafs-kernel-1.6.5.ebuild: + Version bump to 1.6.5. Fixes bug #478498 which fixes security bug #478296, + security bug #478282, bug #472184, bug #469992, bug #463477 and bug #460494. + Proxied commit for Andrej Filipcic. + 27 Aug 2013; Tom Wijsman <TomWij@gentoo.org> openafs-kernel-1.6.2.ebuild, + openafs-kernel-1.6.5.ebuild: + Drop autotools eclass because none of its functions are used. ^ Please run `repoman manifest ; repoman full` before attaching, thank you. === openafs === * QA Notice: file does not exist: * * dohtml: doc/html/* does not exist * QA Notice: make jobserver unavailable: * * make[3]: warning: jobserver unavailable: using -j1. Add `+' to parent make rule. * make[3]: warning: jobserver unavailable: using -j1. Add `+' to parent make rule. * make[3]: warning: jobserver unavailable: using -j1. Add `+' to parent make rule. ^ Please try to fix these for the next bump, thank you in advance. + 27 Aug 2013; Tom Wijsman <TomWij@gentoo.org> +openafs-1.6.5.ebuild: + Version bump to 1.6.5. Fixes bug #478498 which fixes security bug #478296, + security bug #478282, bug #472184, bug #469992, bug #463477 and bug #460494. + Proxied commit for Andrej Filipcic. Drop autotools eclass because none of + its functions are used.