[ubuntu/wily-proposed] openafs 1.6.13-1 (Accepted)
Logan Rosen
loganrosen at gmail.com
Sun Aug 2 06:46:41 UTC 2015
openafs (1.6.13-1) unstable; urgency=high
* New upstream security release.
- OPENAFS-SA-2015-001 CVE-2015-3282: vos leaks stack data onto the wire
in the clear when creating vldb entries
- OPENAFS-SA-2015-002 CVE-2015-3283: bos commands can be spoofed,
including some which alter server state
- OPENAFS-SA-2015-003 CVE-2015-3284: pioctls leak kernel memory contents
- OPENAFS-SA-2015-004 CVE-2015-3285: kernel pioctl support for OSD
command passing can trigger a panic
- OPENAFS-SA02015-005 CVE 2015-3286 is Solaris-specific and did not
affect Debian
- OPENAFS-SA-2015-006: buffer overflow in vlserver
* Also includes changes from the upstream 1.6.12 release:
- Avoid database corruption if a database server is shut down and
brought up again quickly with an altered database
- Fix a potential buffer overflow in aklog
- Support for Linux kernels up to 4.1
- Avoid spurious EIO errors when writing large chunks of data to
mmapped files
Date: 2015-07-31 04:21:30.975592+00:00
Signed-By: Logan Rosen <loganrosen at gmail.com>
https://launchpad.net/ubuntu/+source/openafs/1.6.13-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Wily-changes
mailing list