Accepted openafs 1.6.9-2+deb8u3 (source amd64 all) into proposed-updates->stable-new, proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 30 Jul 2015 11:53:25 +0200
Source: openafs
Binary: openafs-client openafs-fuse openafs-kpasswd openafs-fileserver openafs-dbserver openafs-doc openafs-krb5 libkopenafs1 libafsauthent1 libafsrpc1 libopenafs-dev openafs-modules-source openafs-modules-dkms libpam-openafs-kaserver openafs-dbg
Architecture: source amd64 all
Version: 1.6.9-2+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer: Benjamin Kaduk <kaduk@mit.edu>
Changed-By: Sebastien Delafond <seb@debian.org>
Description:
libafsauthent1 - AFS distributed file system runtime library (authentication)
libafsrpc1 - AFS distributed file system runtime library (RPC layer)
libkopenafs1 - AFS distributed file system runtime library (PAGs)
libopenafs-dev - AFS distributed filesystem development libraries
libpam-openafs-kaserver - AFS distributed filesystem kaserver PAM module
openafs-client - AFS distributed filesystem client support
openafs-dbg - AFS distributed filesystem debugging information
openafs-dbserver - AFS distributed filesystem database server
openafs-doc - AFS distributed filesystem documentation
openafs-fileserver - AFS distributed filesystem file server
openafs-fuse - AFS distributed file system experimental FUSE client
openafs-kpasswd - AFS distributed filesystem old password changing
openafs-krb5 - AFS distributed filesystem Kerberos 5 integration
openafs-modules-dkms - AFS distributed filesystem kernel module DKMS source
openafs-modules-source - AFS distributed filesystem kernel module source
Changes:
openafs (1.6.9-2+deb8u3) jessie-security; urgency=high
.
* Apply upstream security patches from the 1.6.13 release (thanks to
Benjamin Kaduk <kaduk@mit.edu> for providing the patches):
- OPENAFS-SA-2015-001 (CVE-2015-3282): vos leaks stack data onto the wire when creating
vldb entries
- OPENAFS-SA-2015-002 (CVE-2015-3283): bos commands can be spoofed, including some
which alter server state
- OPENAFS-SA-2015-003 (CVE-2015-3284): pioctls leak kernel memory contents
- OPENAFS-SA-2015-004 (CVE-2015-3285): kernel pioctl support for OSD command parsing
can trigger a panic
- OPENAFS-SA-2015-006 (CVE-2015-3287): Buffer overflow in OpenAFS vlserver
* The patch for OPENAFS-SA-2015-005 is not applied, since that
vulnerability is limited to the Solaris kernel module
Checksums-Sha1:
e7d9334dbf5156536352e2204833f44ecbb6d83d 3628 openafs_1.6.9-2+deb8u3.dsc
8c9395f89ce04bbb047480c385b5635828d7bbd6 6631136 openafs_1.6.9.orig.tar.xz
b82da18626d53f922316bccbd6570811fd27a568 140620 openafs_1.6.9-2+deb8u3.debian.tar.xz
29799cac083bb9e35a5391bf82e020f051e72101 1958174 openafs-client_1.6.9-2+deb8u3_amd64.deb
c0f6704184463d0af07fe6c4e0f91fb396ea3006 285804 openafs-fuse_1.6.9-2+deb8u3_amd64.deb
e8b37c293ad4213a37e4559a5ab5048cb74068c3 200258 openafs-kpasswd_1.6.9-2+deb8u3_amd64.deb
441be3eda54b7a2c434353e18a1110f0a104637d 1306718 openafs-fileserver_1.6.9-2+deb8u3_amd64.deb
8362cbec5db35d803cf554cfdafad79b47546a8a 451348 openafs-dbserver_1.6.9-2+deb8u3_amd64.deb
848661f720f80e422c3b651677f86cd6a84a34db 3992158 openafs-doc_1.6.9-2+deb8u3_all.deb
23cec93a91e4a86caa9c1777d3915424e269a3f0 258068 openafs-krb5_1.6.9-2+deb8u3_amd64.deb
e32126b313782f79d5c36bb6cdd2ef52051ba3ac 90502 libkopenafs1_1.6.9-2+deb8u3_amd64.deb
3646aeda34a399f4dc809f079412984752e48d9b 213484 libafsauthent1_1.6.9-2+deb8u3_amd64.deb
aa1417c1dc4cb74f2f0f99ac9566dfeca47d8096 199008 libafsrpc1_1.6.9-2+deb8u3_amd64.deb
cb09b47eff20b35811b1714e8cafe4140242ffd0 1292816 libopenafs-dev_1.6.9-2+deb8u3_amd64.deb
36e42ba3ae41f95130663af02b3b766ae143ad58 1139042 openafs-modules-source_1.6.9-2+deb8u3_all.deb
a67895325a72116d343ae3580870b668b5797826 941432 openafs-modules-dkms_1.6.9-2+deb8u3_all.deb
135bbafb2e1e23fb81af206881b2b4ba1eed7302 187426 libpam-openafs-kaserver_1.6.9-2+deb8u3_amd64.deb
1e5fda478c22fc89bb0385b01c3ea7c84ae44747 21822364 openafs-dbg_1.6.9-2+deb8u3_amd64.deb
Checksums-Sha256:
a1132fc05811be706790d752ad0e1decb5105017d6bf36e6f84f981e904d1fc0 3628 openafs_1.6.9-2+deb8u3.dsc
509371a18cf6dee932cf0f58e871e6d4ddf50a05b41eaa635d990a200da39c0e 6631136 openafs_1.6.9.orig.tar.xz
85c7b7bdaddb7b85fc9ac5c0a5267f49ef6deb7034522119072e586cac3628b8 140620 openafs_1.6.9-2+deb8u3.debian.tar.xz
c13cb2bf77977c60226e6db527f09e4f1b82ab59bb95a112971a819714ae6df7 1958174 openafs-client_1.6.9-2+deb8u3_amd64.deb
d47722b555d6d485418feaca9d7446b02ead4bc1b5d96869cd39e56dfa713cb5 285804 openafs-fuse_1.6.9-2+deb8u3_amd64.deb
b11bc0bfe3d3c30c5d722660dadda154e30c5b25e3085385901828a1a250078c 200258 openafs-kpasswd_1.6.9-2+deb8u3_amd64.deb
26720b41e7c3786e1a603275d302a4abb0e303decf38f0aa5ec2174a967df341 1306718 openafs-fileserver_1.6.9-2+deb8u3_amd64.deb
b68614127b3eea25cfb86770769a0827a9bcb19fc762c203ec7cdce77c555f93 451348 openafs-dbserver_1.6.9-2+deb8u3_amd64.deb
bddc584f89153cc0f0cd6a9baede2767a8c55a5d0d997f6d274b41349c3d734a 3992158 openafs-doc_1.6.9-2+deb8u3_all.deb
62c6f94dd83aa5cf23f5c3fefd3ae489f1701ca9c2bc8630fd29c534646b3cb7 258068 openafs-krb5_1.6.9-2+deb8u3_amd64.deb
10c32e80243732ca77d9e37377dba98c6ec61e98f8f24479fd0f38245de4a941 90502 libkopenafs1_1.6.9-2+deb8u3_amd64.deb
1a4731f653d8c6052ae47675b978b5dc5955e4a6d9b25e260c5c6c3c17feae91 213484 libafsauthent1_1.6.9-2+deb8u3_amd64.deb
368144f0cfdc85786f33b37c2d335424d1b82b78c034086809a58f6ca8010bec 199008 libafsrpc1_1.6.9-2+deb8u3_amd64.deb
290468a0543a8f3b53bd2a594450361736e44106b88b23ae968b92e5d435082e 1292816 libopenafs-dev_1.6.9-2+deb8u3_amd64.deb
06156ada14d3fbb3fe7a3d134722b89ab327b401feb1b1f156cbc2ff753f0974 1139042 openafs-modules-source_1.6.9-2+deb8u3_all.deb
cf47abdfc0e4a3e7667a4e426a670db0954370564bdee10081be0549478d0051 941432 openafs-modules-dkms_1.6.9-2+deb8u3_all.deb
0a1e971e615477e96c7e5d1a1b3adbc81df6e2e6eda5fb14ee47ad1821d65fa3 187426 libpam-openafs-kaserver_1.6.9-2+deb8u3_amd64.deb
8bafc2f3c97daa670d186e0a0693a810610db7096f030a073c21397a574c5e48 21822364 openafs-dbg_1.6.9-2+deb8u3_amd64.deb
Files:
f8b33a5fad1da4ae3effc6217327597b 3628 net optional openafs_1.6.9-2+deb8u3.dsc
f55466b65486ef52fd22c1c0884acea3 6631136 net optional openafs_1.6.9.orig.tar.xz
78ae9553d1e1ea411104b6bbbd722e3b 140620 net optional openafs_1.6.9-2+deb8u3.debian.tar.xz
cfe58428760ca9667a41b13786b07405 1958174 net optional openafs-client_1.6.9-2+deb8u3_amd64.deb
4cedd5306be9654e4971ae189893fa69 285804 net extra openafs-fuse_1.6.9-2+deb8u3_amd64.deb
014c4e55298634e57ca10cd9b8019c45 200258 net extra openafs-kpasswd_1.6.9-2+deb8u3_amd64.deb
2b6532971ac941a8f06fba4500637080 1306718 net optional openafs-fileserver_1.6.9-2+deb8u3_amd64.deb
4a494d30b998022902db85bdeeb6874a 451348 net optional openafs-dbserver_1.6.9-2+deb8u3_amd64.deb
566af216ab9d86eeed54ebfb4f2e387d 3992158 doc optional openafs-doc_1.6.9-2+deb8u3_all.deb
43c843b0db254ffdf104e27c19ed4e52 258068 net optional openafs-krb5_1.6.9-2+deb8u3_amd64.deb
63841eebb5a27d58212ba3d3d53cffed 90502 libs optional libkopenafs1_1.6.9-2+deb8u3_amd64.deb
2ebc20c24d409b9cf49c6b121713c667 213484 libs optional libafsauthent1_1.6.9-2+deb8u3_amd64.deb
3462e2d0b3f1406db6f9766701fbec11 199008 libs optional libafsrpc1_1.6.9-2+deb8u3_amd64.deb
46d03f8e2a2d6e0931288eff41c6021c 1292816 libdevel extra libopenafs-dev_1.6.9-2+deb8u3_amd64.deb
6fe38811ee44fecc4c1602232700d8d7 1139042 kernel extra openafs-modules-source_1.6.9-2+deb8u3_all.deb
96137f55051f237de24a0faae8b737f1 941432 kernel extra openafs-modules-dkms_1.6.9-2+deb8u3_all.deb
35a228268b9d31ff4979e6b9d42f32bc 187426 admin extra libpam-openafs-kaserver_1.6.9-2+deb8u3_amd64.deb
439cbd8c3e5be70917bd1f52a471c44e 21822364 debug extra openafs-dbg_1.6.9-2+deb8u3_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCgAGBQJVuhfzAAoJEBC+iYPz1Z1kGU4H/ir7yUda4O6GLORPRiNaq523
sFv0V+LN1fHaD+cllRiP/6exRHzKpZgIBzl6ZuaQ0F4V0889IlnHSs5PWkpg7gFo
ycIFKSuIeSy+2f/2sjnuicXAKayySHOhkdoc/3P38+4cqpvNDM4d/hDuVgprdkn1
kff9bcZChPza5EOk1p+nKA1Y6h5hn9obPKHd4oiFr5H6xUr2SQFOVGu8CFcPUPEX
TJzF5HcFnGGBROnsXgYz22B5RNJ2mooHBdcMinxT25FH+0dOKUxzqz+yC11i8cFV
r+MUSL3NC/cqedPTfDaIEPCco8ybHY6glrv5v98mwJMW+FhMrf3T+LqIrRJXlNo=
=F04V
-----END PGP SIGNATURE-----
Reply to: