openafs (1.6.13-1) unstable; urgency=high

  * New upstream security release.
    - OPENAFS-SA-2015-001 CVE-2015-3282: vos leaks stack data onto the wire
      in the clear when creating vldb entries
    - OPENAFS-SA-2015-002 CVE-2015-3283: bos commands can be spoofed,
      including some which alter server state
    - OPENAFS-SA-2015-003 CVE-2015-3284: pioctls leak kernel memory contents
    - OPENAFS-SA-2015-004 CVE-2015-3285: kernel pioctl support for OSD
      command passing can trigger a panic
    - OPENAFS-SA02015-005 CVE 2015-3286 is Solaris-specific and did not
      affect Debian
    - OPENAFS-SA-2015-006: buffer overflow in vlserver
  * Also includes changes from the upstream 1.6.12 release:
    - Avoid database corruption if a database server is shut down and
      brought up again quickly with an altered database
    - Fix a potential buffer overflow in aklog
    - Support for Linux kernels up to 4.1
    - Avoid spurious EIO errors when writing large chunks of data to
      mmapped files

Date: 2015-07-31 04:21:30.975592+00:00
Signed-By: Logan Rosen <[email protected]>
https://launchpad.net/ubuntu/+source/openafs/1.6.13-1
Sorry, changesfile not available.
-- 
Wily-changes mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/wily-changes

Reply via email to