From: Benjamin Kaduk <kaduk@mit.edu>
Date: Thu, 30 Jul 2015 21:22:22 +0000 (-0400)
Subject: Flesh out changelog for changes in 1.6.13 and 1.6.12
X-Git-Tag: debian/1.6.13-1~1
X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=fb392dc8dac64ed15ec5ecf656684271a47f8672;p=packages%2Fo%2Fopenafs.git

Flesh out changelog for changes in 1.6.13 and 1.6.12
---

diff --git a/debian/changelog b/debian/changelog
index 512ee5eb3..1f0d01a75 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,23 @@
 openafs (1.6.13-1) UNRELEASED; urgency=high
 
   * New upstream security release.
+    - OPENAFS-SA-2015-001 CVE-2015-3282: vos leaks stack data onto the wire
+      in the clear when creating vldb entries
+    - OPENAFS-SA-2015-002 CVE-2015-3283: bos commands can be spoofed,
+      including some which alter server state
+    - OPENAFS-SA-2015-003 CVE-2015-3284: pioctls leak kernel memory contents
+    - OPENAFS-SA-2015-004 CVE-2015-3285: kernel pioctl support for OSD
+      command passing can trigger a panic
+    - OPENAFS-SA02015-005 CVE 2015-3286 is Solaris-specific and did not
+      affect Debian
+    - OPENAFS-SA-2015-006: buffer overflow in vlserver
+  * Also includes changes from the upstream 1.6.12 release:
+    - Avoid database corruption if a database server is shut down and
+      brought up again quickly with an altered database
+    - Fix a potential buffer overflow in aklog
+    - Support for Linux kernels up to 4.1
+    - Avoid spurious EIO errors when writing large chunks of data to
+      mmapped files
 
  -- Benjamin Kaduk <kaduk@mit.edu>  Thu, 30 Jul 2015 01:01:39 -0400