From nobody Thu Aug 21 15:13:03 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4c76Jv1s7gz65HTJ for ; Thu, 21 Aug 2025 15:13:19 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-pg1-x52e.google.com (mail-pg1-x52e.google.com [IPv6:2607:f8b0:4864:20::52e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4c76Jt50PKz3FVm for ; Thu, 21 Aug 2025 15:13:18 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-pg1-x52e.google.com with SMTP id 41be03b00d2f7-b4717330f9eso796218a12.1 for ; Thu, 21 Aug 2025 08:13:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20230601.gappssmtp.com; s=20230601; t=1755789196; x=1756393996; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=I/IotT5Q6iVb9MJO+UXoDtdieSthb/TSH9isppz2Hmo=; b=onXoDhmwh8NGOkIkgRTlkIHKSTF4VJWeuP4Zze9c5g8AaFjlf+bir8uONbJPM/QO0K V91RhBYAc/8uoOMSxXUjFlHmbCHRwjfrmjy2KIWT+ZPSDh8lxQ8nSAyjefjhjrF3vN9g JgZ5s3I3G/PfmvfHY8f/KeFH6Z+32B+ybJJnh12LoWKyH6NQ/d7ZC04yy7tTwjNaLLDE 3ixEbGhCrn+s4Lom+8aRsndtOYZYjQGp8MO0RJgat3/67h6Bknka3eiv6Z/PyGo3ik2o Ko7ZgdvJwlVua/8MEV6JmDyHjlLzVniyg2aVwuIX//ASYPv0REV732BWW8fgvCI5Z3f4 YvXQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1755789196; x=1756393996; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=I/IotT5Q6iVb9MJO+UXoDtdieSthb/TSH9isppz2Hmo=; b=Dyq81OT2tYcNwXZGVM1nyUKIfTI7dlGcFwvygsAmcL6aID5TyiomLci8zi/zzDRS3A REhAde+K8aM0RecehLL4SmMuTrhFMVaDZZX+inQUI0vI8u733YukazdllclLj3LNUJiQ KIyKhx8PhkWjRkhxUeH8Z1SGvyIfdTeN3+DP83LWz0T4U/+odLQyfGDMO7neoZBTIg6a +C/ZBcC872MZCND3d0Rc3qP2ZH1dybkFPsWEm0FlGe/VGHr0Hk4K4i/tX5yyP9lNG5/a FYNHqgZrR5gtWqANI5nd2keVPhzEgQlVqAO9d7bti8e5s9SV6gzNbVt1AR9HyTG7Z0Of /rfw== X-Forwarded-Encrypted: i=1; AJvYcCUQGqAah/rE20GORC+F1vNeD4lBCaxHm9Rm4AWQi6Wk0Qfl9A45Y3c+Rxy6tqrOFOszpD5wIr5p4+0SrK+ExV4=@freebsd.org X-Gm-Message-State: AOJu0YwCSCf8AVjzx0jne+muGWfslyZoSQi1KIyMrsA6cyTTSg0ARd8g WXQrfR8VqEvSi3Pvi2I2vusHr963RScwIF8W1WPBs36XoX0UD8fW+tgKbs4yXTfepuBtenQl4qU pYWWUnVU5q/Sq46m3TYVbwbiDUPjWCBqEwpeiLmQujw== X-Gm-Gg: ASbGncuAgRnoDzxYh3xCCKyx1O5zDys4k1Db5raFW1EVBswYKA/QT3FWm6FdioLRY+Z BqE4qQHsZy5lW7Zo0yo4y4G/Gq/RvoekjTg5s6ngBVsZXZDTzk0BALoeoV+4WsVxNsARXWlE4D3 rlbYSEHWglZHODwYxsTc7YEoeb+Y965ML2VER35oCJZEBu0BSrjSw2eHhLp6eRXorqcWwsGwwM2 Qg+0jM= X-Google-Smtp-Source: AGHT+IFAC6vsUsJMGqFl5mkjTd0MdqwrGnKRHy7sdYBr55Ndef5GJWL3dhNhOTrlf8UjNxKjBaarhSctDd3ZN/p13lM= X-Received: by 2002:a17:902:d48e:b0:240:22af:91c7 with SMTP id d9443c01a7336-245febf06b0mr31607835ad.14.1755789195381; Thu, 21 Aug 2025 08:13:15 -0700 (PDT) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 References: <20250821055519.65D8B684@slippy.cwsent.com> <86frdlkw30.fsf@ltc.des.dev> <20250821093615.B4293211@slippy.cwsent.com> <20250821151023.39D09205@slippy.cwsent.com> In-Reply-To: <20250821151023.39D09205@slippy.cwsent.com> From: Warner Losh Date: Thu, 21 Aug 2025 09:13:03 -0600 X-Gm-Features: Ac12FXwQLW9D9gFWvkdXfZtXAxjoZ1nAhea_T9BM0mqWhmLvNekOIDszi47elLg Message-ID: Subject: Re: HEADS UP: MIT KRB5 1.22.1 Import To: Cy Schubert Cc: Mark Johnston , =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= , freebsd-current@freebsd.org, ivy@freebsd.org Content-Type: multipart/alternative; boundary="0000000000004b0148063ce187a5" X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Queue-Id: 4c76Jt50PKz3FVm --0000000000004b0148063ce187a5 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, Aug 21, 2025 at 9:10=E2=80=AFAM Cy Schubert wrote: > In message , Mark Johnston writes: > > On Thu, Aug 21, 2025 at 02:36:15AM -0700, Cy Schubert wrote: > > > In message <86frdlkw30.fsf@ltc.des.dev>, > =3D?utf-8?Q?Dag-Erling_Sm=3DC3=3DB8rgrav > > ? > > > =3D w > > > rites: > > > > Cy Schubert writes: > > > > > KRB5 1.22.0 released with a GSSAPI bug (CVE-2025-57736). The poin= t > patc > > h=3D > > > > =3D20 > > > > > was applied on Aug 19 (f96110babbe1). 1.22.1 contains the point > patch p > > lu=3D > > > > s=3D20 > > > > > an additional GSSAPI patch. I intend to commit it to HEAD after a > few d > > ay=3D > > > > s=3D20 > > > > > of testing on Aug 25. > > > > > > > > Please post your patch for review (using git arc, as described in t= he > > > > committers guide) so others can test it too. > > > > > > git arc does not work with vendor merges. There is a way to trick it > though > > . > > > > What problem do you run into exactly? Could you provide a recipe for m= e > > to reproduce it locally? > > It's a vendor import. It's the same problem we have with git rebase and > git > diff of a vendor import. (This is why vendor imports use a special > procedure [see committers guide].) > I think you just need to tell arc to use the first parent.... I've created a generic patch and have created a revision with it. But it > will not be used for the commit because it affects history. > Warner --0000000000004b0148063ce187a5 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Thu, Aug 21,= 2025 at 9:10=E2=80=AFAM Cy Schubert <Cy.Schubert@cschubert.com> wrote:
In message <aKcqsXIyYobdRIlY@nuc>= , Mark Johnston writes:
> On Thu, Aug 21, 2025 at 02:36:15AM -0700, Cy Schubert wrote:
> > In message <86frdlkw30.fsf@ltc.des.dev>, =3D?utf-8?Q?Dag-Erling_Sm= =3DC3=3DB8rgrav
> ?
> > =3D w
> > rites:
> > > Cy Schubert <Cy.Schubert@cschubert.com> writes:
> > > > KRB5 1.22.0 released with a GSSAPI bug (CVE-2025-57736)= . The point patc
> h=3D
> > > =3D20
> > > > was applied on Aug 19 (f96110babbe1). 1.22.1 contains t= he point patch p
> lu=3D
> > > s=3D20
> > > > an additional GSSAPI patch. I intend to commit it to HE= AD after a few d
> ay=3D
> > > s=3D20
> > > > of testing on Aug 25.
> > >
> > > Please post your patch for review (using git arc, as describ= ed in the
> > > committers guide) so others can test it too.
> >
> > git arc does not work with vendor merges. There is a way to trick= it though
> .
>
> What problem do you run into exactly?=C2=A0 Could you provide a recipe= for me
> to reproduce it locally?

It's a vendor import. It's the same problem we have with git rebase= and git
diff of a vendor import. (This is why vendor imports use a special
procedure [see committers guide].)

I th= ink you just need to tell arc to use the first parent....

I've created a gen= eric patch and have created a revision with it. But it
will not be used for the commit because it affects history.

Warner=C2=A0
--0000000000004b0148063ce187a5--