Bug#982002: buster-pu: package openafs/1.8.2-1
Control: tags -1 + confirmed
On Fri, 2021-02-05 at 08:38 -0800, Benjamin Kaduk wrote:
> All upstream openafs releases from the 1.8.x series, prior to 1.8.7,
> contain a "time bomb" bug that activates when the unix epoch time
> passes 0x60000000 (Thu 14 Jan 2021 08:25:36 AM UTC).
Given the statement "prior to 1.8.7", it would have been helpful to be
explicit about the fact that the Debian package of 1.8.6-5 (in unstable
and testing) contains the fixes.
[...]
> Both AFS clients and AFS servers are affected.
> Unpatched clients started after the cutover time are unable to
> perform any filesystem access (the error "connection timed out" is
> reported).
> Unpatched file servers started after the cutover time are unable to
> connect to protection servers and verify user group membership to
> enforce ACLs, and are unable to connect to other file (volume)
> servers to move volumes.
> Unpatched database servers started after the cutover time are unable
> to connect to each other, resulting in a breakdown of the ubik
> distributed consensus protocol in deployments that use more than one
> database server (three databaser servers is common).
The timing here is rather unfortunate. The next point release for
buster is tomorrow, and it's far too late to get any additional changes
in to that.
Please feel free to upload, and we can look at processing the package
after the point release is out of the way. I assume you'd appreciate a
stable-updates release for the updated package, rather than waiting for
the following point release?
Having said that, there are presumably already a bunch of broken
servers, given there was a kernel security update for buster recently
and we're already a few weeks past the relevant timestamp. :-(
Regards,
Adam
Reply to: