openafs (1.4.12.1+dfsg-4) UNRELEASED; urgency=low
* Apply upstream deltas:
- - [707a959c] update ticket5 from heimdal
- - [beaf1606] LINUX: Use correct type of error in flock code
+ - [707a959c] update ticket5 from heimdal. Avoids a double-free (from
+ upstream) which basically allows an arbitrary attack against any
+ krb5-aware Rx service by exploiting when the double-free occurs in
+ asn1 payloads which came from the wire.
+ - [beaf1606] LINUX: Use correct type of error in flock code. This
+ avoids dereferencing a pointer that is not a pointer due to failing
+ to properly ERR_PTR a return value.
* Add a dependency on libc6-dev to openafs-modules-dkms. dkms doesn't
depend on it because most kernel modules don't need it, but openafs
builds userspace helper programs. Thanks, Peter Palfrader.
projects / packages / o / openafs.git / commitdiff