Ubuntu
openafs package

Openafs hard codes version number in debian/rules

Bug #364426 reported by Scott Kitterman
4
Affects Status Importance Assigned to Milestone
openafs (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

While hard coding works when someone remembers to update it, it is error prone and should be avoided. This is particularly true in Ubuntu where packages are team maintained and so different people may make updates to the package.

Related branches

lp:ubuntu/karmic/openafs

CVE References

Revision history for this message
Anders Kaseorg (andersk) wrote :

Here’s a tested patch for Debian. I assume this isn’t worth pushing out another Ubuntu release.

If you need to use get-orig-source before updating the changelog, you can override DEBVERS on the command line:
debian/rules get-orig-source DEBVERS=1.4.11+dfsg1

Revision history for this message
Scott Kitterman (kitterman) wrote : Re: [Bug 364426] Re: Openafs hard codes version number in debian/rules

Thanks. Definitely not worth another push for Jaunty, but worth fixing so
we don't get burned again.

Scott Kitterman (kitterman)
Changed in openafs (Ubuntu):
status: New → Triaged
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openafs - 1.4.10+dfsg1-1+ubuntu1

---------------
openafs (1.4.10+dfsg1-1+ubuntu1) karmic; urgency=low

  * Merge from Debian unstable (LP: #370458), remaining changes:
    - Reenable DKMS support, which was commented out of 1.4.8.dfsg1-1.
  * Make openafs-modules-dkms depend on dkms. (LP: #368471)
  * Parse $(VERSION) and $(DEBVERS) from debian/changelog.
    (LP: #364426)

openafs (1.4.10+dfsg1-1) unstable; urgency=high

  * New upstream release.
    - OPENAFS-SA-2009-001: Avoid a potential kernel memory overrun if more
      items than requested are returned from an InlineBulk or BulkStatus
      message. (CVE-2009-1251)
    - OPENAFS-SA-2009-002: Avoid converting negative errors into invalid
      kernel memory pointers. (CVE-2009-1250)
    - Preliminary support for 2.6.30 kernels.
    - Dynamic vcache allocation support to deal with inotify vcache
      pinning.
    - Do appropriate locking for CellServDB in /proc.
    - Use +dfsg instead of .dfsg for saner version sorting.
  * Debian's 2.6.29 packages no longer include symlinks from the
    architecture-specific header tree to the common header tree and
    instead overlay both header trees using kbuild. Change the Autoconf
    probes to always use kbuild and generate stub headers in the paths
    that OpenAFS expects that include the linux headers. Patch from Aaron
    M. Ucko. (Closes: #521745)
  * Build PIC versions of libafsauthent and libafsrpc and install them in
    libopenafs-dev for use when AFS code should be embedded into shared
    libraries. Patch from Garrett Wollman.
  * Update CellServDB to 2008-11-07 version. (Closes: #522451)
  * Update debian/watch for +dfsg naming instead of .dfsg.
  * Update standards version to 3.8.1 (no changes required).
  * Translation updates:
    - Japanese, thanks Hideki Yamane. (Closes: #521518)

 -- Anders Kaseorg <email address hidden> Wed, 29 Apr 2009 02:31:47 -0400

Changed in openafs (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.