* Apply upstream security patches from 1.4.9 (LP: #356861):
- OPENAFS-SA-2009-001: Avoid a potential kernel memory overrun if more
items than requested are returned from an InlineBulk or BulkStatus
message. (CVE-2009-1251)
- OPENAFS-SA-2009-002: Avoid converting negative errors into invalid
kernel memory pointers. (CVE-2009-1250)
This bug was fixed in the package openafs - 1.4.7.dfsg1- 6+ubuntu0. 1
--------------- dfsg1-6+ ubuntu0. 1) intrepid-security; urgency=low
openafs (1.4.7.
* Apply upstream security patches from 1.4.9 (LP: #356861): SA-2009- 001: Avoid a potential kernel memory overrun if more SA-2009- 002: Avoid converting negative errors into invalid
- OPENAFS-
items than requested are returned from an InlineBulk or BulkStatus
message. (CVE-2009-1251)
- OPENAFS-
kernel memory pointers. (CVE-2009-1250)
-- Evan Broder <email address hidden> Thu, 16 Apr 2009 14:31:15 -0400