Update NEWS for 1.8.5

Release notes for the OpenAFS 1.8.5 security release.

Change-Id: Idd44efa17c41a9fa4d2d3beddb294a1c24bdec9e
Reviewed-on: https://gerrit.openafs.org/13919
Reviewed-by: Benjamin Kaduk <kaduk@mit.edu>
Tested-by: Benjamin Kaduk <kaduk@mit.edu>

diff --git a/NEWS b/NEWS
index fac00e4ee3e73954581093854f7961ed85cda8ad..07467104ca8945826b88a1ae4f956546c3f4ea07 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,32 @@
                        User-Visible OpenAFS Changes
 
+OpenAFS 1.8.5
+
+All platforms
+
+    * Fix OPENAFS-SA-2019-001: information leakage in failed RPC output
+      Generated RPC handler routines ran output variables through XDR encoding
+      even when the call had failed and would shortly be aborted (and for
+      which uninitialized output variables is common); any complete packets
+      assembled in the process would be sent to the peer, leaking the contents
+      of the uninitialized memory in question.
+
+    * Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars
+      Generated RPC handler routines did not initialize output variables of
+      scalar (fixed-length) type, since they did not require dedicated logic to
+      free.  Such variables allocated on the stack could remain uninitialized
+      in some cases (including those affected by OPENAFS-SA-2019-001), and the
+      contents of uninitialized memory would be returned to the peer.
+
+All server platforms
+
+    * Fix OPENAFS-SA-2019-003: fix crash in database servers
+      The ubik debugging RPCs prioritize being fast and non-disruptive to
+      database operations over strict correctness, and do not adhere to the
+      usual locking protocol for data access.  A data race could cause a NULL
+      dereference if the second memory load was not optimized out by the
+      compiler.
+
 OpenAFS 1.8.4
 
   All platforms