[ubuntu/trusty-updates] openafs 1.6.7-1ubuntu1.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Tue Nov 10 16:28:18 UTC 2015
openafs (1.6.7-1ubuntu1.1) trusty-security; urgency=low
* SECURITY UPDATES (LP: #1513461):
- CVE-2015-3282: Clear nvldbentry before sending on the wire
- CVE-2015-3283: Use crypt for commands where spoofing could be a risk
- CVE-2015-3284: Clear pioctl data interchange buffer before use
- CVE-2015-3285: Use correct output buffer for FSCmd pioctl
- CVE-2015-6587: Disable regex volume name processing in ListAttributesN2
- CVE-2015-7762: Apply OPENAFS-SA-2015-007 "Tattletale" patch
- CVE-2015-7763: Apply OPENAFS-SA-2015-007 "Tattletale" patch
- OPENAFS-SA-2015-007.patch: Rx ACK packets leak plaintext of previous packets
Date: 2015-11-10 14:30:13.718480+00:00
Changed-By: Klas Mattsson <klas.mattsson at su.se>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/openafs/1.6.7-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list