From: Benjamin Kaduk Date: Tue, 22 Oct 2019 07:08:36 +0000 (-0700) Subject: Update NEWS for 1.8.5 X-Git-Tag: upstream/1.8.5^2~1 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=2007a59e87f5c5d3a4df66e253f58b2af15774fb;p=packages%2Fo%2Fopenafs.git Update NEWS for 1.8.5 Release notes for the OpenAFS 1.8.5 security release. Change-Id: Idd44efa17c41a9fa4d2d3beddb294a1c24bdec9e Reviewed-on: https://gerrit.openafs.org/13919 Reviewed-by: Benjamin Kaduk Tested-by: Benjamin Kaduk --- diff --git a/NEWS b/NEWS index fac00e4ee..07467104c 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,32 @@ User-Visible OpenAFS Changes +OpenAFS 1.8.5 + +All platforms + + * Fix OPENAFS-SA-2019-001: information leakage in failed RPC output + Generated RPC handler routines ran output variables through XDR encoding + even when the call had failed and would shortly be aborted (and for + which uninitialized output variables is common); any complete packets + assembled in the process would be sent to the peer, leaking the contents + of the uninitialized memory in question. + + * Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars + Generated RPC handler routines did not initialize output variables of + scalar (fixed-length) type, since they did not require dedicated logic to + free. Such variables allocated on the stack could remain uninitialized + in some cases (including those affected by OPENAFS-SA-2019-001), and the + contents of uninitialized memory would be returned to the peer. + +All server platforms + + * Fix OPENAFS-SA-2019-003: fix crash in database servers + The ubik debugging RPCs prioritize being fast and non-disruptive to + database operations over strict correctness, and do not adhere to the + usual locking protocol for data access. A data race could cause a NULL + dereference if the second memory load was not optimized out by the + compiler. + OpenAFS 1.8.4 All platforms