Re: [SRM] DoS fix for openafs in stable and oldstable

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: debian-release@lists.debian.org, hartmans@debian.org
Subject: Re: [SRM] DoS fix for openafs in stable and oldstable
From: Russ Allbery <rra@debian.org>
Date: Sat, 18 Jul 2009 11:15:49 -0700
Message-id: <[🔎] 873a8tx3fu.fsf@windlord.stanford.edu>
In-reply-to: <[🔎] 1247809202.7320.2748.camel@kaa.jungle.aubergine.my-net-space.net> (Adam D. Barratt's message of "Fri\, 17 Jul 2009 06\:40\:02 +0100")
References: <[🔎] 87my75fn9k.fsf@windlord.stanford.edu> <[🔎] 1247809202.7320.2748.camel@kaa.jungle.aubergine.my-net-space.net>

"Adam D. Barratt" <adam@adam-barratt.org.uk> writes:
> On Wed, 2009-07-15 at 18:08 -0700, Russ Allbery wrote:

>> The latest release of OpenAFS has a fix for a possible DoS attack
>> against the OpenAFS client module.  This is an additional fix for the
>> problem fixed in CVE-2009-1250.  I think it's too minor to warrant a
>> DSA (and I haven't gotten any reply from two messages to the security
>> team about it), but I'd like to fix it in the stable and oldstable
>> releases.  The fix went into unstable with 1.4.11~pre3+dfsg-1.

>> Here is the patch against lenny.  The patch against etch is identical.
>> Do I have approval to upload to stable-proposed-updates and
>> oldstable-proposed-updates?

> Please go ahead.

Uploaded, thanks.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to:

References:
- [SRM] DoS fix for openafs in stable and oldstable
  - From: Russ Allbery <rra@debian.org>
- Re: [SRM] DoS fix for openafs in stable and oldstable
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Re: please binNMU monotone for botan transition
Next by Date: Upcoming Shibboleth-related package transition
Previous by thread: Re: [SRM] DoS fix for openafs in stable and oldstable
Next by thread: Re: Bug#522617: New libghc6-network-dev is in sid
Index(es):
- Date
- Thread