Package "openafs-client"
Name: |
openafs-client
|
Description: |
AFS distributed filesystem client support
|
Latest version: |
1.6.7-1ubuntu1.1 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
universe |
Head package: |
openafs |
Homepage: |
http://www.openafs.org/ |
Links
Download "openafs-client"
Other versions of "openafs-client" in Trusty
Changelog
openafs (1.6.7-1ubuntu1.1) trusty-security; urgency=low
* SECURITY UPDATES (LP: #1513461):
- CVE-2015-3282: Clear nvldbentry before sending on the wire
- CVE-2015-3283: Use crypt for commands where spoofing could be a risk
- CVE-2015-3284: Clear pioctl data interchange buffer before use
- CVE-2015-3285: Use correct output buffer for FSCmd pioctl
- CVE-2015-6587: Disable regex volume name processing in ListAttributesN2
- CVE-2015-7762: Apply OPENAFS-SA-2015-007 "Tattletale" patch
- CVE-2015-7763: Apply OPENAFS-SA-2015-007 "Tattletale" patch
- OPENAFS-SA-2015-007.patch: Rx ACK packets leak plaintext of previous packets
-- Klas Mattsson Tue, 10 Nov 2015 08:03:52 +0100
|
1513461 |
OPENAFS-SA-2015-007 \ |
CVE-2015-3282 |
vos in OpenAFS before 1.6.13, when updating VLDB entries, allows remote attackers to obtain stack data by sniffing the network. |
CVE-2015-3283 |
OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors. |
CVE-2015-3284 |
pioctls in OpenAFS 1.6.x before 1.6.13 allows local users to read kernel memory via crafted commands. |
CVE-2015-3285 |
The pioctl for the OSD FS command in OpenAFS before 1.6.13 uses the wrong pointer when writing the results of the RPC, which allows local users to ca |
CVE-2015-6587 |
The vlserver in OpenAFS before 1.6.13 allows remote authenticated users to cause a denial of service (out-of-bounds read and crash) via a crafted reg |
CVE-2015-7762 |
rx/rx.c in OpenAFS before 1.6.15 and 1.7.x before 1.7.33 does not properly initialize the padding of a data structure when constructing an Rx acknowl |
CVE-2015-7763 |
rx/rx.c in OpenAFS 1.5.75 through 1.5.78, 1.6.x before 1.6.15, and 1.7.x before 1.7.33 does not properly initialize padding at the end of an Rx ackno |
|
About
-
Send Feedback to @ubuntu_updates