-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: openafs Binary: openafs-client, openafs-fuse, openafs-kpasswd, openafs-fileserver, openafs-dbserver, openafs-doc, openafs-krb5, libkopenafs1, libafsauthent1, libafsrpc1, libopenafs-dev, openafs-modules-source, openafs-modules-dkms, libpam-openafs-kaserver, openafs-dbg Architecture: alpha amd64 arm armel armhf i386 ia64 powerpc powerpcspe ppc64 s390 s390x sparc lpia all Version: 1.6.13-1 Maintainer: Benjamin Kaduk <[email protected]> Uploaders: Russ Allbery <[email protected]>, Sam Hartman <[email protected]> Homepage: http://www.openafs.org/ Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-k5-afs/openafs.git Vcs-Git: git://anonscm.debian.org/pkg-k5-afs/openafs.git Build-Depends: debhelper (>= 9), autoconf, automake, bison, comerr-dev, cpio, flex, hardening-wrapper, libfuse-dev, libkrb5-dev, libncurses5-dev, libpam0g-dev, libxml2-utils, perl, pkg-config, dh-systemd Build-Depends-Indep: dblatex, dkms (>= 2.1.1.1), docbook-xsl, doxygen, xsltproc Package-List: libafsauthent1 deb libs optional arch=alpha,amd64,arm,armel,armhf,i386,ia64,lpia,powerpc,ppc64,s390,s390x,sparc libafsrpc1 deb libs optional arch=alpha,amd64,arm,armel,armhf,i386,ia64,lpia,powerpc,ppc64,s390,s390x,sparc libkopenafs1 deb libs optional arch=alpha,amd64,arm,armel,armhf,i386,ia64,lpia,powerpc,ppc64,s390,s390x,sparc libopenafs-dev deb libdevel extra arch=alpha,amd64,arm,armel,armhf,i386,ia64,powerpc,powerpcspe,ppc64,s390,s390x,sparc libpam-openafs-kaserver deb admin extra arch=alpha,amd64,arm,armel,armhf,i386,ia64,powerpc,powerpcspe,ppc64,s390,s390x,sparc openafs-client deb net optional arch=alpha,amd64,arm,armel,armhf,i386,ia64,powerpc,powerpcspe,ppc64,s390,s390x,sparc openafs-dbg deb debug extra arch=alpha,amd64,arm,armel,armhf,i386,ia64,powerpc,powerpcspe,ppc64,s390,s390x,sparc openafs-dbserver deb net optional arch=alpha,amd64,arm,armel,armhf,i386,ia64,powerpc,powerpcspe,ppc64,s390,s390x,sparc openafs-doc deb doc optional arch=all openafs-fileserver deb net optional arch=alpha,amd64,arm,armel,armhf,i386,ia64,powerpc,powerpcspe,ppc64,s390,s390x,sparc openafs-fuse deb net extra arch=alpha,amd64,arm,armel,armhf,i386,ia64,lpia,powerpc,ppc64,s390,s390x,sparc openafs-kpasswd deb net extra arch=alpha,amd64,arm,armel,armhf,i386,ia64,powerpc,powerpcspe,ppc64,s390,s390x,sparc openafs-krb5 deb net optional arch=alpha,amd64,arm,armel,armhf,i386,ia64,powerpc,powerpcspe,ppc64,s390,s390x,sparc openafs-modules-dkms deb kernel extra arch=all openafs-modules-source deb kernel extra arch=all Checksums-Sha1: 1bf5b2ef81c2920863bd2c6d875224bf7927c9b2 6650360 openafs_1.6.13.orig.tar.xz 8672845bed14c9b53ac5b786751eed431a55a1b1 135644 openafs_1.6.13-1.debian.tar.xz Checksums-Sha256: 293e02b85f5ec4007b2317777a9eea02033a12f3eb2790cd7137c7f119927049 6650360 openafs_1.6.13.orig.tar.xz 66551e62ab38fd2fac1edd3c806d35e22e0963fc7e61c9ec3258ee75ec35959d 135644 openafs_1.6.13-1.debian.tar.xz Files: 990658db81a68a8ec1093f418c1600c9 6650360 openafs_1.6.13.orig.tar.xz d3dff20db8dad025c7091085f226d2c1 135644 openafs_1.6.13-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQGgBAEBCgAGBQJVupwUAAoJECjZpvNk63US7UUMGwdTMQY72lqkWFe/afH2IsCs D3CQmg7kbJNjwfFEHyfess+q/ndvIIVdRecNZw6EXbXC96irSuqTKguBRZKmrB+7 4U0iOg0fb2davg3bKif0L6/JQe9y6qHv8QlVitlo12+bbDbFImIlLlW9I/Nqbj8M xpPlfkMUz5mvY8u3h9KZtoWICxtu08/IZtLlVAFZIGLM7DCa2RVMqgkXzVLTeHsc ZIqnoNKZCJPeJ/XnosjdkmgcKimZ94eCpBlITErjrImzMvN/K9UT7pZ6d26Wjg58 yXAEFGkgq2Q/l2OTT77DsSfAjwr3JspJg99dGg8RgdiTouIBMytGdG6xG9LO1q7q a7xE66PPdQI/YlWDIVxXyJfeKqpht1D7O1Nh0VSKLHSvIJoc56NcPXVwwafpWhqt 3R7UqMjnhSB9WfjtilJBlfMlLbZYK7E9n8BVQKm2qr6ZGzzk2IOqk6cEjVwNZll0 hyJkKebcXM8o+p8alph6ebJH5GGoPE47CQrpoCa1LGuPfdM= =IPOE -----END PGP SIGNATURE----- Changes: openafs (1.6.13-1) unstable; urgency=high * New upstream security release. - OPENAFS-SA-2015-001 CVE-2015-3282: vos leaks stack data onto the wire in the clear when creating vldb entries - OPENAFS-SA-2015-002 CVE-2015-3283: bos commands can be spoofed, including some which alter server state - OPENAFS-SA-2015-003 CVE-2015-3284: pioctls leak kernel memory contents - OPENAFS-SA-2015-004 CVE-2015-3285: kernel pioctl support for OSD command passing can trigger a panic - OPENAFS-SA02015-005 CVE 2015-3286 is Solaris-specific and did not affect Debian - OPENAFS-SA-2015-006: buffer overflow in vlserver * Also includes changes from the upstream 1.6.12 release: - Avoid database corruption if a database server is shut down and brought up again quickly with an altered database - Fix a potential buffer overflow in aklog - Support for Linux kernels up to 4.1 - Avoid spurious EIO errors when writing large chunks of data to mmapped files -- Benjamin Kaduk <[email protected]> Thu, 30 Jul 2015 17:42:43 -0400