[ubuntu/raring-security] openafs 1.6.2-1+ubuntu2.1 (Accepted)

Seth Arnold seth.arnold at canonical.com
Thu Jul 25 06:46:25 UTC 2013


openafs (1.6.2-1+ubuntu2.1) raring-security; urgency=low

  * SECURITY UPDATE: Brute force DES attack permits compromise of AFS cell.
    - 0001-Add-rxkad-server-hook-function-to-decrypt-more-types.patch
    - 0002-New-optional-rxkad-functionality-for-decypting-krb5-.patch
    - 0003-Integrate-keytab-based-decryption-into-afsconf_Build.patch
    - 0004-Derive-DES-fcrypt-session-key-from-other-key-types.patch
    - 0005-Move-akimpersonate-to-libauth.patch
    - 0006-Clean-up-akimpersonate-and-use-for-server-to-server.patch
    - 0007-auth-Do-not-always-fallback-to-noauth.patch
    - 0008-Avoid-calling-afsconf_GetLatestKey-directly.patch
    - 0009-Reload-rxkad.keytab-on-CellServDB-modification.patch
    - 0010-Add-support-for-deriving-DES-keys-to-klog.krb5.patch
    - 0011 skipped because it was a version bump
    - 0012-ubik-Fix-encryption-selection-in-ugen.patch
    - Thanks to Chaskiel Grundman, Alexander Chernyakhovsky, Ben Kaduk,
        Andrew Deason, and Michael Meffie for the above patch series.
    - swap-libs.patch: Resolve FTBFS with newer toolchains. Thanks to Anders
        Kaseorg.
    - OPENAFS-SA-2013-003
    - OPENAFS-SA-2013-004
    - CVE-2013-4134
    - CVE-2013-4135
    - LP: #1204195

Date: 2013-07-24 22:30:13.551170+00:00
Changed-By: Luke Faraone <luke at faraone.cc>
Signed-By: Seth Arnold <seth.arnold at canonical.com>
https://launchpad.net/ubuntu/raring/+source/openafs/1.6.2-1+ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Raring-changes mailing list