[Bug 1792234] [NEW] Sync openafs 1.8.2-1 (universe) from Debian unstable (main)
Launchpad Bug Tracker
1792234 at bugs.launchpad.net
Wed Sep 12 20:41:20 UTC 2018
You have been subscribed to a public bug by Anders Kaseorg (andersk):
Please sync openafs 1.8.2-1 (universe) from Debian unstable (main)
Explanation of the Ubuntu delta and why it can be dropped:
* Fix build with linux 4.18.
This Linux 4.18 patch was merged upstream as the only change between
1.8.1 and 1.8.1.1, and the security bugs were fixed as the only change
between 1.8.1.1 and 1.8.2, so this qualifies as an upstream
microrelease.
https://git.openafs.org/?p=openafs.git;a=shortlog;h=refs/heads/openafs-
stable-1_8_x
Changelog entries since current cosmic version 1.8.1-1ubuntu1:
openafs (1.8.2-1) unstable; urgency=high
* New upstream release 1.8.1.1:
- Support Linux 4.18.
* New upstream security release 1.8.2 (Closes: #908616):
- Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc
(CVE-2018-16947).
- Fix OPENAFS-SA-2018-002: information leakage in RPC output variables
(CVE-2018-16948).
- Fix OPENAFS-SA-2018-003: denial of service due to excess resource
consumption (CVE-2018-16949).
-- Anders Kaseorg <andersk at mit.edu> Tue, 11 Sep 2018 22:53:43 -0700
** Affects: openafs (Ubuntu)
Importance: Undecided
Status: New
--
Sync openafs 1.8.2-1 (universe) from Debian unstable (main)
https://bugs.launchpad.net/bugs/1792234
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.
More information about the Ubuntu-sponsors
mailing list