Re: [SRM] DoS fix for openafs in stable and oldstable

To: Russ Allbery <rra@debian.org>
Cc: debian-release@lists.debian.org, hartmans@debian.org
Subject: Re: [SRM] DoS fix for openafs in stable and oldstable
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Fri, 17 Jul 2009 06:40:02 +0100
Message-id: <[🔎] 1247809202.7320.2748.camel@kaa.jungle.aubergine.my-net-space.net>
In-reply-to: <[🔎] 87my75fn9k.fsf@windlord.stanford.edu>
References: <[🔎] 87my75fn9k.fsf@windlord.stanford.edu>

On Wed, 2009-07-15 at 18:08 -0700, Russ Allbery wrote:
> The latest release of OpenAFS has a fix for a possible DoS attack against
> the OpenAFS client module.  This is an additional fix for the problem
> fixed in CVE-2009-1250.  I think it's too minor to warrant a DSA (and I
> haven't gotten any reply from two messages to the security team about it),
> but I'd like to fix it in the stable and oldstable releases.  The fix went
> into unstable with 1.4.11~pre3+dfsg-1.
> 
> Here is the patch against lenny.  The patch against etch is identical.  Do
> I have approval to upload to stable-proposed-updates and
> oldstable-proposed-updates?

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Re: [SRM] DoS fix for openafs in stable and oldstable
  - From: Russ Allbery <rra@debian.org>

References:
- [SRM] DoS fix for openafs in stable and oldstable
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: Bug#522617: New libghc6-network-dev is in sid
Next by Date: Re: Bug#522617: New libghc6-network-dev is in sid
Previous by thread: [SRM] DoS fix for openafs in stable and oldstable
Next by thread: Re: [SRM] DoS fix for openafs in stable and oldstable
Index(es):
- Date
- Thread