From: Jeffrey Altman <jaltman@your-file-system.com>
Date: Wed, 28 Oct 2015 12:49:20 +0000 (-0400)
Subject: NEWS: Update for 1.6.15
X-Git-Tag: upstream/1.6.15^2~1
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=d12f72f1afcdee1076287a7fc41f8abcaae4ddc4;p=packages%2Fo%2Fopenafs.git

NEWS: Update for 1.6.15

Security vulnerability release.  Document OPENAFS-SA-2015-007.

Change-Id: Id36480024fbdac7d3478bec7f3026b2c05bc37f0
---

diff --git a/NEWS b/NEWS
index 79c2fe18b..3babf2ed5 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,20 @@
                        User-Visible OpenAFS Changes
 
+OpenAFS 1.6.15 (Security Release)
+
+  All client and server platforms
+
+    * Fix for OPENAFS-SA-2015-007 "Tattletale"
+
+      When constructing an Rx acknowledgment (ACK) packet, Andrew-derived
+      Rx implementations do not initialize three octets of data that are
+      padding in the C language structure and were inadvertently included
+      in the wire protocol (CVE-2015-7762).  Additionally, OpenAFS Rx in
+      versions 1.5.75 through 1.5.78, 1.6.0 through 1.6.14, and 1.7.0
+      through 1.7.32 include a variable-length padding at the end of the
+      ACK packet, in an attempt to detect the path MTU, but only four octets
+      of the additional padding are initialized (CVE-2015-7763).
+
 OpenAFS 1.6.14.1
 
   Linux clients