[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted openafs 1.3.81-3sarge2 (source i386 all)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 19 Mar 2007 15:56:43 -0400
Source: openafs
Binary: openafs-client libopenafs-dev openafs-dbserver openafs-modules-source openafs-fileserver openafs-kpasswd libpam-openafs-kaserver
Architecture: source i386 all
Version: 1.3.81-3sarge2
Distribution: stable-security
Urgency: high
Maintainer: noahm@debian.org
Changed-By: Noah Meyerhans <noahm@debian.org>
Description: 
 libopenafs-dev - The AFS distributed filesystem- development libraries
 libpam-openafs-kaserver - The AFS distributed filesystem- kaserver PAM module
 openafs-client - The AFS distributed filesystem- client support
 openafs-dbserver - The AFS distributed filesystem- database server
 openafs-fileserver - The AFS distributed filesystem- file server
 openafs-kpasswd - The AFS distributed filesystem- old password changing
 openafs-modules-source - The AFS distributed filesystem- Module Sources
Changes: 
 openafs (1.3.81-3sarge2) stable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Apply upstream patch to disable setuid status on all cells by default.
     Prior versions of AFS defaulted to honoring setuid bits in the local
     cell, but since unauthenticated file access in AFS is unencrypted, an
     attacker could forge packets from an AFS file server to synthesize a
     setuid binary in AFS.  (CVE-2007-1507, OPENAFS-SA-2007-001)
Files: 
 45351031494d87ff12f1bf08d14533f9 851 net optional openafs_1.3.81-3sarge2.dsc
 5804a2d738b2ec24f4055489c6287dca 262444 net optional openafs_1.3.81-3sarge2.diff.gz
 e71b35c9862df561b51b67a3c90fafc9 4491356 net extra openafs-modules-source_1.3.81-3sarge2_all.deb
 05dba8404a3d8257e06b612cf07efc74 1549640 net optional openafs-client_1.3.81-3sarge2_i386.deb
 11e4dfaf88f70f36cf9d25d9c18998aa 205962 net extra openafs-kpasswd_1.3.81-3sarge2_i386.deb
 86567fbce7562f935b17a7e760bb9fbc 783268 net optional openafs-fileserver_1.3.81-3sarge2_i386.deb
 752c5b703fa2f013ddd21817d82749f4 467028 net optional openafs-dbserver_1.3.81-3sarge2_i386.deb
 d57b49ef1af6ca9c0b1b35066ecb20dd 1260276 libdevel extra libopenafs-dev_1.3.81-3sarge2_i386.deb
 5008556d2e73108e1c3db41643df22b3 217288 net extra libpam-openafs-kaserver_1.3.81-3sarge2_i386.deb
 d754e92f7a0cd9824991c850e001884c 13455346 net extra openafs_1.3.81.orig.tar.gz


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGAAc+YrVLjBFATsMRAgdQAJ9sAd7omedUbFf6zHm1VGNfpxeAbwCfZykF
09WCkWrKNHviW9FMmvEC7NU=
=7njU
-----END PGP SIGNATURE-----


Accepted:
libopenafs-dev_1.3.81-3sarge2_i386.deb
  to pool/main/o/openafs/libopenafs-dev_1.3.81-3sarge2_i386.deb
libpam-openafs-kaserver_1.3.81-3sarge2_i386.deb
  to pool/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge2_i386.deb
openafs-client_1.3.81-3sarge2_i386.deb
  to pool/main/o/openafs/openafs-client_1.3.81-3sarge2_i386.deb
openafs-dbserver_1.3.81-3sarge2_i386.deb
  to pool/main/o/openafs/openafs-dbserver_1.3.81-3sarge2_i386.deb
openafs-fileserver_1.3.81-3sarge2_i386.deb
  to pool/main/o/openafs/openafs-fileserver_1.3.81-3sarge2_i386.deb
openafs-kpasswd_1.3.81-3sarge2_i386.deb
  to pool/main/o/openafs/openafs-kpasswd_1.3.81-3sarge2_i386.deb
openafs-modules-source_1.3.81-3sarge2_all.deb
  to pool/main/o/openafs/openafs-modules-source_1.3.81-3sarge2_all.deb
openafs_1.3.81-3sarge2.diff.gz
  to pool/main/o/openafs/openafs_1.3.81-3sarge2.diff.gz
openafs_1.3.81-3sarge2.dsc
  to pool/main/o/openafs/openafs_1.3.81-3sarge2.dsc
Reply to: