Debian Security Advisory
DLA-733-1 openafs -- LTS security update
- Date Reported:
- 03 Dec 2016
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-9772.
- More information:
It was discovered that there was an information leak vulnerability in openafs, a distributed filesystem.
Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain
deaddirectory entry information.
For Debian 7
Wheezy, this issue has been fixed in openafs version 1.6.1-3+deb7u7.
We recommend that you upgrade your openafs packages.