SA 2007-003: Denial of service in OpenAFS fileserver
Bug #180792 reported by
Johan Christiansen
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openafs (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: openafs-client
A user with network access can attack a fileserver via a race condition and cause it to crash.
A security advisory can be found upstream at http://
A new openafs-release fixes this.
This is fixed for: Hardy (1.4.6)
To solve this in gutsy, feisty and dapper requires either:
1) A backport of 1.4.6 to both feisty and dapper, which is a "big jump" from 1.4.2 in dapper to 1.4.6 - perhaps Russ would like to comment on the feasability of this.
2) A patch and repackage of 1.4.2 and 1.4.4.
Related branches
CVE References
description: | updated |
To post a comment you must log in.
Added CVE reference and changing to confirmed.