The OpenAFS Security Team is pleased to announce the availability of OpenAFS version 1.6.22 for UNIX/Linux. Source files can be accessed via the web at:
https://www.openafs.org/dl/openafs/1.6.22/ or via AFS at: /afs/grand.central.org/software/openafs/1.6.22/ \\afs\grand.central.org\software\openafs\1.6.22\ There are no binaries yet. Those will be uploaded as they become available. OpenAFS 1.6.22 is the next in the current series of stable releases of OpenAFS for all platforms except Microsoft Windows. This release fixes the vulnerability tracked as OPENAFS-SA-2017-001. OPENAFS-SA-2017-001: Rx denial of service (assertion failure) due to insufficient validation of received transport parameters For more details please see https://dl.openafs.org/dl/1.6.22/RELNOTES-1.6.22 https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt Bug reports should be filed to [email protected]. ACKNOWLEDGEMENTS OPENAFS-SA-2017-001 was reported by the team at AuriStor, Inc. Benjamin Kaduk OpenAFS Security Officer
signature.asc
Description: PGP signature
