Flesh out changelog for changes in 1.6.13 and 1.6.12

author Benjamin Kaduk <kaduk@mit.edu>

Thu, 30 Jul 2015 21:22:22 +0000 (17:22 -0400)

committer Benjamin Kaduk <kaduk@mit.edu>

Thu, 30 Jul 2015 21:22:22 +0000 (17:22 -0400)
author Benjamin Kaduk <kaduk@mit.edu>
Thu, 30 Jul 2015 21:22:22 +0000 (17:22 -0400)
committer Benjamin Kaduk <kaduk@mit.edu>
Thu, 30 Jul 2015 21:22:22 +0000 (17:22 -0400)
diff --git a/debian/changelog b/debian/changelog

index 512ee5eb3231603955b5b5c6663d7d1bddfab75e..1f0d01a7531f3e379b5cd14ff2a690b14eb886e1 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,23 @@
  openafs (1.6.13-1) UNRELEASED; urgency=high
  
    * New upstream security release.
+    - OPENAFS-SA-2015-001 CVE-2015-3282: vos leaks stack data onto the wire
+      in the clear when creating vldb entries
+    - OPENAFS-SA-2015-002 CVE-2015-3283: bos commands can be spoofed,
+      including some which alter server state
+    - OPENAFS-SA-2015-003 CVE-2015-3284: pioctls leak kernel memory contents
+    - OPENAFS-SA-2015-004 CVE-2015-3285: kernel pioctl support for OSD
+      command passing can trigger a panic
+    - OPENAFS-SA02015-005 CVE 2015-3286 is Solaris-specific and did not
+      affect Debian
+    - OPENAFS-SA-2015-006: buffer overflow in vlserver
+  * Also includes changes from the upstream 1.6.12 release:
+    - Avoid database corruption if a database server is shut down and
+      brought up again quickly with an altered database
+    - Fix a potential buffer overflow in aklog
+    - Support for Linux kernels up to 4.1
+    - Avoid spurious EIO errors when writing large chunks of data to
+      mmapped files
  
   -- Benjamin Kaduk <kaduk@mit.edu>  Thu, 30 Jul 2015 01:01:39 -0400
author	Benjamin Kaduk <kaduk@mit.edu>
	Thu, 30 Jul 2015 21:22:22 +0000 (17:22 -0400)
committer	Benjamin Kaduk <kaduk@mit.edu>
	Thu, 30 Jul 2015 21:22:22 +0000 (17:22 -0400)