Bugtraq mailing list archives
[SECURITY] [DSA 3387-1] openafs security update
From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 01 Nov 2015 22:36:42 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3387-1 security () debian org https://www.debian.org/security/ Florian Weimer November 01, 2015 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openafs CVE ID : CVE-2015-7762 CVE-2015-7763 John Stumpo discovered that OpenAFS, a distributed file system, does not fully initialize certain network packets before transmitting them. This can lead to a disclosure of the plaintext of previously processed packets. For the oldstable distribution (wheezy), these problems have been fixed in version 1.6.1-3+deb7u5. For the stable distribution (jessie), these problems have been fixed in version 1.6.9-2+deb8u4. For the testing distribution (stretch) and the unstable distribution (sid), these problems have been fixed in version 1.6.15-1. We recommend that you upgrade your openafs packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce () lists debian org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJWNommAAoJEL97/wQC1SS+srQH/RvDXYvuCj/ud7W8r+TRAO/m kPW/p4JTbglFIEaMjJzp4vyiCZhnI3GtHWpcUxuhT9Hi7KT6qZ9jaMxXC6LqwJap O/DGPX3hYSjxHessxbHbBvH042LHkhtrf1ynhVDyQFuD72bALsluX1EbdvyedoM8 rhR4di3Jxbb/jWcutUfEBeHTgEoF8HP5NKbR4IPt7YFES6XODzUyJ5yw8MqCI30P LiCFf9JcMD+7z8J78T1xxrvjNxulge/PNZmeSDuKJU4/EpmJU9++9mk9TFpqlKF+ 2F3NpxaXYA6dOU92k1/SVglRN7rjsd5/IxnIXVdhq/DMOTkoniIxtaVShIxgVVU= =DtUn -----END PGP SIGNATURE-----
Current thread:
- [SECURITY] [DSA 3387-1] openafs security update Florian Weimer (Nov 02)