From a531dd770cb32f418008c2697852592cc7496ccf Mon Sep 17 00:00:00 2001 From: Russ Allbery Date: Mon, 6 Apr 2009 15:53:34 -0700 Subject: [PATCH] Include security advisories and CVEs and a NEWS entry --- debian/changelog | 13 +++++++------ debian/openafs-client.NEWS | 11 +++++++++++ 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/debian/changelog b/debian/changelog index 681392329..20a72ebaf 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,12 +1,13 @@ -openafs (1.4.7.dfsg1-6+lenny1) UNRELEASED; urgency=high +openafs (1.4.7.dfsg1-6+lenny1) stable-security; urgency=high * Apply upstream security patches from 1.4.9: - - Avoid a potential kernel memory overrun if more items than requested - are returned from an InlineBulk or BulkStatus message. - - Avoid converting negative errors into invalid kernel memory - pointers. + - OPENAFS-SA-2009-001: Avoid a potential kernel memory overrun if more + items than requested are returned from an InlineBulk or BulkStatus + message. (CVE-2009-1251) + - OPENAFS-SA-2009-002: Avoid converting negative errors into invalid + kernel memory pointers. (CVE-2009-1250) - -- Russ Allbery Thu, 02 Apr 2009 20:54:27 -0700 + -- Russ Allbery Mon, 06 Apr 2009 15:53:20 -0700 openafs (1.4.7.dfsg1-6) unstable; urgency=low diff --git a/debian/openafs-client.NEWS b/debian/openafs-client.NEWS index a78507f7a..d95bd602a 100644 --- a/debian/openafs-client.NEWS +++ b/debian/openafs-client.NEWS @@ -1,3 +1,14 @@ +openafs (1.4.10+dfsg1-1) unstable; urgency=high + + This release of OpenAFS contains security fixes in the kernel module. + Be sure to also upgrade openafs-modules-source, build a new kernel + module for your system following the instructions in + /usr/share/doc/openafs-client/README.modules.gz, and then either stop + and restart openafs-client or reboot the system to reload the kernel + module. + + -- Russ Allbery Mon, 06 Apr 2009 15:51:14 -0700 + openafs (1.4.2-6) unstable; urgency=medium As of this release of the OpenAFS kernel module, all cells, including -- 2.39.5