Comment 2 for bug 356861

I have built a 1.4.9 update for Jaunty:
  http://web.mit.edu/andersk/Public/openafs/openafs_1.4.9.dfsg1-0+ubuntu1.dsc
  http://web.mit.edu/andersk/Public/openafs/openafs_1.4.9.dfsg1-0+ubuntu1.diff.gz
  http://web.mit.edu/andersk/Public/openafs/openafs_1.4.9.dfsg1.orig.tar.gz
Although it has a new upstream version, this is a minimal update to fix only these two security issues. Debdiff from Jaunty’s 1.4.8.dfsg1-3:
  http://web.mit.edu/andersk/Public/openafs/openafs_1.4.8.dfsg1-3_1.4.9.dfsg1-0+ubuntu1.debdiff
The package has been built and tested in my PPA:
  https://launchpad.net/~anders-kaseorg/+archive/ppa

Alternatively, we could wait for 1.4.10 to hit sid (it’s currently sitting on incoming.debian.org) and sync that into Jaunty. I would prefer 1.4.10, since it has a number of other bugfixes (release announcement: <http://lists.openafs.org/pipermail/openafs-announce/2009/000285.html>), but I will leave that decision up to the sponsors team.