Debian has issued an advisory on January 11: https://lists.debian.org/debian-security-announce/2025/msg00003.html
Source RPM: (none) => openafs-1.8.11-2.mga9.src.rpmCVE: (none) => CVE-2024-10394, CVE-2024-10396, CVE-2024-10397Whiteboard: (none) => MGA9TOOStatus comment: (none) => Fixed upstream in 1.8.13 (latest version: 1.8.13.1)
Suggested advisory: ======================== The updated packages fix security vulnerabilities: A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix client. (CVE-2024-10394) An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash. (CVE-2024-10396) A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code. (CVE-2024-10397) References: https://lists.debian.org/debian-security-announce/2025/msg00003.html ======================== Updated packages in core/updates_testing: ======================== dkms-libafs-1.8.13.1-1.mga9 lib(64)openafs2-1.8.13.1-1.mga9 lib(64)openafs-devel-1.8.13.1-1.mga9 lib(64)openafs-static-devel-1.8.13.1-1.mga9 openafs-1.8.13.1-1.mga9 openafs-client-1.8.13.1-1.mga9 openafs-doc-1.8.13.1-1.mga9 openafs-server-1.8.13.1-1.mga9 from SRPM: openafs-1.8.13.1-1.mga9.src.rpm
Status: NEW => ASSIGNEDWhiteboard: MGA9TOO => (none)Status comment: Fixed upstream in 1.8.13 (latest version: 1.8.13.1) => (none)Assignee: bugsquad => qa-bugsVersion: Cauldron => 9
RH x86_64 installing lib64openafs2-1.8.13.1-1.mga9.x86_64.rpm openafs-client-1.8.13.1-1.mga9.x86_64.rpm dkms-libafs-1.8.13.1-1.mga9.noarch.rpm openafs-1.8.13.1-1.mga9.x86_64.rpm lib64openafs-static-devel-1.8.13.1-1.mga9.x86_64.rpm openafs-server-1.8.13.1-1.mga9.x86_64.rpm lib64openafs-devel-1.8.13.1-1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64 Preparing... ################################################################################################## 1/7: lib64openafs2 ################################################################################################## 2/7: dkms-libafs ################################################################################################## Creating symlink /var/lib/dkms/libafs/1.8.13.1-1.mga9/source -> /usr/src/libafs-1.8.13.1-1.mga9 DKMS: add Completed. Preparing kernel 6.6.65-desktop-2.mga9 for module build: (This is not compiling a kernel, just preparing kernel symbols) Storing current .config to be restored when complete Running Generic preparation routine make mrproper.... using /proc/config.gz make oldconfig.... make prepare.... Building module: cleaning build area....(bad exit status: 2) SMP=SP; eval `grep CONFIG_SMP /boot/config-6.6.65-desktop-2.mga9`; [ -n "$CONFIG_SMP" ] && SMP=MP; ./configure --with-linux-kernel-headers=/lib/modules/6.6.65-desktop-2.mga9/build; make -j4 MPS=$SMP; mv src/libafs/MODLOAD-*/libafs.ko .................................................................................................................................................................. cleaning build area.... cleaning kernel tree (make mrproper).... DKMS: build Completed. libafs.ko.xz: - Installation - Installing to /lib/modules/6.6.65-desktop-2.mga9/dkms/3rdparty/libafs// depmod...... DKMS: install Completed. 3/7: openafs ################################################################################################## 4/7: openafs-client ################################################################################################## 5/7: openafs-server ################################################################################################## 6/7: lib64openafs-static-devel ################################################################################################## 7/7: lib64openafs-devel ################################################################################################## 1/7: removing lib64openafs-static-devel-1:1.8.11-2.mga9.x86_64 ################################################################################################## 2/7: removing openafs-server-1:1.8.11-2.mga9.x86_64 ################################################################################################## 3/7: removing openafs-client-1:1.8.11-2.mga9.x86_64 ################################################################################################## 4/7: removing openafs-1:1.8.11-2.mga9.x86_64 ################################################################################################## 5/7: removing lib64openafs-devel-1:1.8.11-2.mga9.x86_64 ################################################################################################## 6/7: removing lib64openafs2-1:1.8.11-2.mga9.x86_64 ################################################################################################## -------- Uninstall Beginning -------- Module: libafs Version: 1.8.11-2.mga9 Kernel: 6.6.65-desktop-2.mga9 (x86_64) ------------------------------------- Status: This module version was INACTIVE for this kernel. depmod...... DKMS: uninstall Completed. ------------------------------ Deleting module version: 1.8.11-2.mga9 completely from the DKMS tree. ------------------------------ Done. 7/7: removing dkms-libafs-1:1.8.11-2.mga9.noarch ################################################################################################## writing /var/lib/rpm/installed-through-deps.list Clean update from previous version OK for me
CC: (none) => andrewsfarmWhiteboard: (none) => MGA9-64-OK
Keywords: (none) => advisory
I tried an install(not an update) and then used the commands I used for https://bugs.mageia.org/show_bug.cgi?id=29399#c5 with similar results. I'm sure my failure to start the server is due to my lack of skills where this is concerned. Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2025-0013.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED