[Bug 356861] Re: OpenAFS Security Advisories 2009-001 and 2009-002
Anders Kaseorg
andersk at mit.edu
Sat Apr 11 04:00:46 BST 2009
To fix this for Intrepid, please sync openafs 1.4.7.dfsg1-6+lenny1 from
Debian stable into Intrepid. Full changelog since Intrepid’s
1.4.7.dfsg1-6:
openafs (1.4.7.dfsg1-6+lenny1) stable-security; urgency=high
* Apply upstream security patches from 1.4.9:
- OPENAFS-SA-2009-001: Avoid a potential kernel memory overrun if more
items than requested are returned from an InlineBulk or BulkStatus
message. (CVE-2009-1251)
- OPENAFS-SA-2009-002: Avoid converting negative errors into invalid
kernel memory pointers. (CVE-2009-1250)
-- Russ Allbery <rra at debian.org> Mon, 06 Apr 2009 15:53:20 -0700
--
OpenAFS Security Advisories 2009-001 and 2009-002
https://bugs.launchpad.net/bugs/356861
You received this bug notification because you are a member of Ubuntu
Sponsors for universe, which is a direct subscriber.
More information about the Ubuntu-universe-sponsors
mailing list