[ubuntu/trusty-security] openafs 1.6.7-1ubuntu1.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Nov 10 15:22:03 UTC 2015
openafs (1.6.7-1ubuntu1.1) trusty-security; urgency=low
* SECURITY UPDATES (LP: #1513461):
- CVE-2015-3282: Clear nvldbentry before sending on the wire
- CVE-2015-3283: Use crypt for commands where spoofing could be a risk
- CVE-2015-3284: Clear pioctl data interchange buffer before use
- CVE-2015-3285: Use correct output buffer for FSCmd pioctl
- CVE-2015-6587: Disable regex volume name processing in ListAttributesN2
- CVE-2015-7762: Apply OPENAFS-SA-2015-007 "Tattletale" patch
- CVE-2015-7763: Apply OPENAFS-SA-2015-007 "Tattletale" patch
- OPENAFS-SA-2015-007.patch: Rx ACK packets leak plaintext of previous packets
Date: 2015-11-10 14:30:13.718480+00:00
Changed-By: Klas Mattsson <klas.mattsson at su.se>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/openafs/1.6.7-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list