-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (quilt) Source: openafs Binary: openafs-client, openafs-fuse, openafs-kpasswd, openafs-fileserver, openafs-dbserver, openafs-doc, openafs-krb5, libkopenafs1, libafsauthent1, libafsrpc1, libopenafs-dev, openafs-modules-source, openafs-modules-dkms, libpam-openafs-kaserver, openafs-dbg Architecture: alpha amd64 arm armel armhf i386 ia64 powerpc powerpcspe ppc64 s390 s390x sparc lpia all Version: 1.6.1-3+deb7u3 Maintainer: Russ Allbery <[email protected]> Uploaders: Sam Hartman <[email protected]> Homepage: http://www.openafs.org/ Standards-Version: 3.9.3 Vcs-Browser: http://git.debian.org/?p=pkg-k5-afs/openafs.git Vcs-Git: git://git.debian.org/git/pkg-k5-afs/openafs.git Build-Depends: debhelper (>= 9), autoconf, automake, bison, comerr-dev, cpio, dblatex, dkms (>= 2.1.1.1), docbook-xsl, doxygen, flex, libfuse-dev, libkrb5-dev, libncurses5-dev, libpam0g-dev, libxml2-utils, perl, pkg-config, xsltproc Package-List: libafsauthent1 deb libs optional libafsrpc1 deb libs optional libkopenafs1 deb libs optional libopenafs-dev deb libdevel extra libpam-openafs-kaserver deb admin extra openafs-client deb net optional openafs-dbg deb debug extra openafs-dbserver deb net optional openafs-doc deb doc optional openafs-fileserver deb net optional openafs-fuse deb net extra openafs-kpasswd deb net extra openafs-krb5 deb net optional openafs-modules-dkms deb kernel extra openafs-modules-source deb kernel extra Checksums-Sha1: 10ff9f5826fb6fc65a7407fcc7972e887dfea76f 9139005 openafs_1.6.1.orig.tar.gz 11160bf0696a7106451fa6c29679133e865121b3 187467 openafs_1.6.1-3+deb7u3.debian.tar.gz Checksums-Sha256: 6152cddb407f7192bdd98215486c8af014c488d84d9a9a10b6b444b957c95b80 9139005 openafs_1.6.1.orig.tar.gz 9aa78da45f13309b120baa04e8730b38bdaa941f597f7dfc21dbc961954e927e 187467 openafs_1.6.1-3+deb7u3.debian.tar.gz Files: cdcbad3987be21f4705ff27b38ad683d 9139005 openafs_1.6.1.orig.tar.gz 44ce0ba6c4b78b26183501458bf79919 187467 openafs_1.6.1-3+deb7u3.debian.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCgAGBQJVugMxAAoJEBC+iYPz1Z1kL6gIAMhkbv6eMauJd69B7bfO0bgb 9SooORNfw4p5Wd6lAwaLgRWUhl1BwfVfv6ZkaQGsxy4De+M05GoZ2kJtV0sdxwEU 3vX49Mmh5+W7cjA25Q6AwRPqeKTbnZheEKKCCWbunwJU3Iv61Ec1KDMFXNoOwVXV TkAVtKB7FbD99nYw4/4hpV1HyAwTKOkioueIcvJTGVuOF1Dzg3LXJ2D4OilWhsFz 9Eogg+9bDX65ok1qf9Fp+tqftMtWv93gQvKVi6V4svvzQuDDi/OmsnvoJuUh59l1 B+N+m9nPUcJhxux1KnvrhkITaJYu2kFFmeIzgTLJTb9aep/ImekitLBm59xwNB4= =KkLb -----END PGP SIGNATURE----- Changes: openafs (1.6.1-3+deb7u3) wheezy-security; urgency=high * Apply upstream security patches from the 1.6.13 release (thanks to Benjamin Kaduk <[email protected]> for providing the patches): - OPENAFS-SA-2015-001 (CVE-2015-3282): vos leaks stack data onto the wire when creating vldb entries - OPENAFS-SA-2015-002 (CVE-2015-3283): bos commands can be spoofed, including some which alter server state - OPENAFS-SA-2015-003 (CVE-2015-3284): pioctls leak kernel memory contents - OPENAFS-SA-2015-004 (CVE-2015-3285): kernel pioctl support for OSD command parsing can trigger a panic - OPENAFS-SA-2015-006 (CVE-2015-3287): Buffer overflow in OpenAFS vlserver * The patch for OPENAFS-SA-2015-005 is not applied, since that vulnerability is limited to the Solaris kernel module -- Sebastien Delafond <[email protected]> Thu, 30 Jul 2015 11:46:33 +0200