This bug was fixed in the package openafs - 1.4.12+dfsg-3+ubuntu0.1
---------------
openafs (1.4.12+dfsg-3+ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: update ticket5 from heimdal. Avoids a double-free which
basically allows an arbitrary attack against any krb5-aware Rx service by
exploiting when the double-free occurs in asn1 payloads which came from
the wire. Patch thanks to Debian.
- CVE-2011-0430:
* SECURITY UPDATE: Use correct type of error in flock code. Patch thanks to
Debian.
- CVE-2011-0431
- LP: #723121
-- Christian Biamont <[email protected]> Fri, 19 Aug 2011 11:06:14 +0200
** Changed in: openafs (Ubuntu Lucid)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/723121
Title:
Security bugs "DSA-2168-1 openafs -- several vulnerabilities"
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/723121/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
