| 2008-01-06 14:05:10 |
Johan Christiansen |
description |
Binary package hint: openafs-client
A user with network access can attack a fileserver via a race condition and cause it to crash.
A security advisory can be found upstream at http://openafs.org/security/OPENAFS-SA-2007-003.txt
A new openafs-release fixes this.
This is fixed for: Gutsy (1.4.6)
To solve this in feisty and dapper requires either:
1) A backport of 1.4.6 to both feisty and dapper, which is a "big jump" from 1.4.2 in dapper to 1.4.6 - perhaps Russ would like to comment on the feasability of this.
2) A patch and repackage of 1.4.2 and 1.4.4 used in feisty and dapper. |
Binary package hint: openafs-client
A user with network access can attack a fileserver via a race condition and cause it to crash.
A security advisory can be found upstream at http://openafs.org/security/OPENAFS-SA-2007-003.txt
A new openafs-release fixes this.
This is fixed for: Hardy (1.4.6)
To solve this in gutsy, feisty and dapper requires either:
1) A backport of 1.4.6 to both feisty and dapper, which is a "big jump" from 1.4.2 in dapper to 1.4.6 - perhaps Russ would like to comment on the feasability of this.
2) A patch and repackage of 1.4.2 and 1.4.4. |
|
