Comment 0 for bug 180792

Binary package hint: openafs-client

A user with network access can attack a fileserver via a race condition and cause it to crash.

A security advisory can be found upstream at http://openafs.org/security/OPENAFS-SA-2007-003.txt

A new openafs-release fixes this.
This is fixed for: Gutsy (1.4.6)

To solve this in feisty and dapper requires either:
1) A backport of 1.4.6 to both feisty and dapper, which is a "big jump" from 1.4.2 in dapper to 1.4.6 - perhaps Russ would like to comment on the feasability of this.
2) A patch and repackage of 1.4.2 and 1.4.4 used in feisty and dapper.