Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability

To: Noah Meyerhans <noahm@debian.org>
Cc: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability
From: Thomas Bushnell BSG <tb@becket.net>
Date: Thu, 10 Jan 2008 23:25:07 -0500
Message-id: <[🔎] 1200025507.7772.11.camel@localhost>
In-reply-to: <[🔎] 20080110223026.GG3899@morgul.net>
References: <E1JD4JP-0007kr-HW@klecker.debian.org> <[🔎] 1200004158.29551.5.camel@localhost> <[🔎] 20080110223026.GG3899@morgul.net>

On Thu, 2008-01-10 at 17:30 -0500, Noah Meyerhans wrote:
> On Thu, Jan 10, 2008 at 05:29:18PM -0500, Thomas Bushnell BSG wrote:
> > This is not sufficient advice for how to upgrade.  Merely installing a
> > new version of openafs-modules-source will not build it.  Some form of
> > m-a invocation as well will be necessary.
> 
> Except that the security flaw is in the fileserver, which does not
> involve the kernel module at all and runs fine even without it
> installed.

Surely.  But then the security update shouldn't mention unaffected
packages!

Thomas

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability
  - From: Noah Meyerhans <noahm@debian.org>

References:
- Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability
  - From: Noah Meyerhans <noahm@debian.org>

Prev by Date: Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability
Next by Date: Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability
Previous by thread: Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability
Next by thread: Re: [SECURITY] [DSA 1458-1] New openafs packages fix denial of service vulnerability
Index(es):
- Date
- Thread