git.michaelhowe.org Git - packages/o/openafs.git/commit

author	Markus Koschany <apo@debian.org>
	Fri, 21 Sep 2018 12:33:11 +0000 (14:33 +0200)
committer	Markus Koschany <apo@debian.org>
	Fri, 21 Sep 2018 16:55:43 +0000 (18:55 +0200)
commit	e13943354c19e3c20a8d84e14accb30e6a64e056
tree	c3a9f6a432f27cc274325a26bdc49fd68e1acb64	tree \| snapshot
parent	090bc832befa19f7bb8aab31b0800a916734510a	commit \| diff

Import Debian changes 1.6.9-2+deb8u8

openafs (1.6.9-2+deb8u8) jessie-security; urgency=high

  * Non-maintainer upload by the LTS team.
  * Fix CVE-2018-16947:
    The backup tape controller process accepts incoming RPCs but does not
    require (or allow for) authentication of those RPCs. Handling those RPCs
    results in operations being performed with administrator credentials,
    including dumping/restoring volume contents and manipulating the backup
    database.
  * Fix CVE-2018-16948:
    Several RPC server routines did not fully initialize their output variables
    before returning, leaking memory contents from both the stack and the heap.
    Because the OpenAFS cache manager functions as an Rx server for the AFSCB
    service, clients are also susceptible to information leakage.
  * Fix CVE-2018-16949:
    Several data types used as RPC input variables were implemented as
    unbounded array types, limited only by the inherent 32-bit length field to
    4GB. An unauthenticated attacker could send, or claim to send, large input
    values and consume server resources waiting for those inputs, denying
    service to other valid connections.

debian/changelog		diff \| blob \| history
debian/patches/CVE-2018-16947.patch	[new file with mode: 0644]	blob
debian/patches/CVE-2018-16948.patch	[new file with mode: 0644]	blob
debian/patches/CVE-2018-16949.patch	[new file with mode: 0644]	blob
debian/patches/series		diff \| blob \| history