A new openafs-release fixes this.
This is fixed for: Gutsy (1.4.6)
To solve this in feisty and dapper requires either:
1) A backport of 1.4.6 to both feisty and dapper, which is a "big jump" from 1.4.2 in dapper to 1.4.6 - perhaps Russ would like to comment on the feasability of this.
2) A patch and repackage of 1.4.2 and 1.4.4 used in feisty and dapper.
Binary package hint: openafs-client
A user with network access can attack a fileserver via a race condition and cause it to crash.
A security advisory can be found upstream at http:// openafs. org/security/ OPENAFS- SA-2007- 003.txt
A new openafs-release fixes this.
This is fixed for: Gutsy (1.4.6)
To solve this in feisty and dapper requires either:
1) A backport of 1.4.6 to both feisty and dapper, which is a "big jump" from 1.4.2 in dapper to 1.4.6 - perhaps Russ would like to comment on the feasability of this.
2) A patch and repackage of 1.4.2 and 1.4.4 used in feisty and dapper.