Sure thing, I'll add a patch as soon as I've had time to make it.
You should note that one of the patches, the one addressing: http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-6587.html
Has a couple of issues. Basically, it removes functionality as an interim fix for the actual patch which is added in 1.6.13.
So, while this patch will remove that security hole, it will also in some cases break functionality. This issue already exists in 12.04 of course.
To quote the openafs git repo where they reverted back from this fix:
commit fc43236872c798fe426590714d19773c74d4bbbe Author: Jeffrey Altman <email address hidden> Date: Mon Aug 3 15:03:00 2015 -0400
Revert "vlserver: Disable regex volume name processing in ListAttributesN2"
This change reverts commit 22481ab3705522ac1988b7de038c4dbc1e5009a9 which by disabling regex queries of volume names breaks some backup software including TSM.
Sure thing, I'll add a patch as soon as I've had time to make it.
You should note that one of the patches, the one addressing: people. canonical. com/~ubuntu- security/ cve/2015/ CVE-2015- 6587.html
http://
Has a couple of issues.
Basically, it removes functionality as an interim fix for the actual patch which is added in 1.6.13.
So, while this patch will remove that security hole, it will also in some cases break functionality.
This issue already exists in 12.04 of course.
To quote the openafs git repo where they reverted back from this fix:
commit fc43236872c798f e426590714d1977 3c74d4bbbe
Author: Jeffrey Altman <email address hidden>
Date: Mon Aug 3 15:03:00 2015 -0400
Revert "vlserver: Disable regex volume name processing in ListAttributesN2"
This change reverts commit 22481ab3705522a c1988b7de038c4d bc1e5009a9 which
by disabling regex queries of volume names breaks some backup software
including TSM.