Add security advisories and CVEs and a NEWS entry

diff --git a/debian/changelog b/debian/changelog
index c7701a130173fa7e7ba815161ea5956bf44dbbf0..4389f9e61e3d9f1afb8f1688442891068a267805 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,12 +1,13 @@
-openafs (1.4.2-6etch2) UNRELEASED; urgency=high
+openafs (1.4.2-6etch2) oldstable-security; urgency=high
 
   * Apply upstream security patches from 1.4.9:
-    - Avoid a potential kernel memory overrun if more items than requested
-      are returned from an InlineBulk or BulkStatus message.
-    - Avoid converting negative errors into invalid kernel memory
-      pointers.
+    - OPENAFS-SA-2009-001: Avoid a potential kernel memory overrun if more
+      items than requested are returned from an InlineBulk or BulkStatus
+      message.  (CVE-2009-1251)
+    - OPENAFS-SA-2009-002: Avoid converting negative errors into invalid
+      kernel memory pointers.  (CVE-2009-1250)
 
- -- Russ Allbery <rra@debian.org>  Thu, 02 Apr 2009 20:59:28 -0700
+ -- Russ Allbery <rra@debian.org>  Mon, 06 Apr 2009 15:55:24 -0700
 
 openafs (1.4.2-6etch1) stable-security; urgency=high
 

diff --git a/debian/openafs-client.NEWS b/debian/openafs-client.NEWS
index a78507f7a6da6480b2e7fbbb442be4e3999aa32e..d95bd602af8f0b0554776cdda9d2c607a655f29a 100644 (file)
--- a/debian/openafs-client.NEWS
+++ b/debian/openafs-client.NEWS
@@ -1,3 +1,14 @@
+openafs (1.4.10+dfsg1-1) unstable; urgency=high
+
+  This release of OpenAFS contains security fixes in the kernel module.
+  Be sure to also upgrade openafs-modules-source, build a new kernel
+  module for your system following the instructions in
+  /usr/share/doc/openafs-client/README.modules.gz, and then either stop
+  and restart openafs-client or reboot the system to reload the kernel
+  module.
+
+ -- Russ Allbery <rra@debian.org>  Mon, 06 Apr 2009 15:51:14 -0700
+
 openafs (1.4.2-6) unstable; urgency=medium
 
   As of this release of the OpenAFS kernel module, all cells, including