* Apply upstream security patches from 1.4.9:
- OPENAFS-SA-2009-001: Avoid a potential kernel memory overrun if more
items than requested are returned from an InlineBulk or BulkStatus
message. (CVE-2009-1251)
- OPENAFS-SA-2009-002: Avoid converting negative errors into invalid
kernel memory pointers. (CVE-2009-1250)
To fix this for Intrepid, please sync openafs 1.4.7.dfsg1- 6+lenny1 from Debian stable into Intrepid. Full changelog since Intrepid’s 1.4.7.dfsg1-6:
openafs (1.4.7. dfsg1-6+ lenny1) stable-security; urgency=high
* Apply upstream security patches from 1.4.9: SA-2009- 001: Avoid a potential kernel memory overrun if more SA-2009- 002: Avoid converting negative errors into invalid
- OPENAFS-
items than requested are returned from an InlineBulk or BulkStatus
message. (CVE-2009-1251)
- OPENAFS-
kernel memory pointers. (CVE-2009-1250)
-- Russ Allbery <email address hidden> Mon, 06 Apr 2009 15:53:20 -0700