[SECURITY] [DLA 733-1] openafs security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : openafs
Version : 1.6.1-3+deb7u7
CVE ID : CVE-2016-9772
It was discovered that there was an information leak vulnerability in
openafs, a distributed filesystem.
Due to incomplete initialization or clearing of reused memory, OpenAFS
directory objects are likely to contain 'dead' directory entry
information.
For Debian 7 "Wheezy", this issue has been fixed in openafs version
1.6.1-3+deb7u7.
We recommend that you upgrade your openafs packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlhDSi4ACgkQHpU+J9Qx
Hlh2jQ//eQj9nObvDPOJBXopYv0v1mn1DrC4Y8jFiGPwfm6gApbAjlqTowJADELO
+NoCoHvJqvjbOFWstQ0Hfv3t3zJV4oIXM6+wFy1duqk+JDp7E2uOb09LAW+O7xfJ
eCqgJ29UJw8zEUu+/tXujvcXh5dB2o5PVzosUQVaUUiJMw7/yA9erIhgP0vg1trE
VJ1zz7PJrYkXGeat6GVM/0irUSA+2uGrVXS5GLi/GrEXhgfoPUKddmYKHXY/r5vF
w2hXudKC8jwuY81qnuUW36iu82vI0OShPv4n6MJogV9X90kjFDUMVhC1XrikSzz6
uUIoqt8ItOapF91pvI0du5d0KSP7dXp3bpPb0g0j5mxLnnZohUiJVz8hH+ydvz0s
iQQW2CQaPxirT9Nlc4/ObLK4SLWGHEPmY8aXLecUlyHuRcaKFMUjGJstqHwjXQB8
OfrulIUWLJ7ecfzCMVq/euUvexclVCsk8H7Q82fwxhUCvH3U8Q9qiMFjHoB4IaAX
GwvHVnCldUIeF2rQKLBQDiMxlEtUQ96LyNmQJN0x8ai4LnILDCt/HmS6cj0Jayvw
CovoXahOB0ThLqtxHUzJJ6iAF7SBb5y2P0EFw+NUuM79ttWDpBEDaQ4c8AtDxrwh
NDf5ewogH09xVEmARqeTaCe9F1ff3eUc0Hv36tmMR0SW4lFZ+yc=
=0Qku
-----END PGP SIGNATURE-----
Reply to: