[SECURITY] [DLA 733-1] openafs security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 733-1] openafs security update
From: Chris Lamb <lamby@debian.org>
Date: Sat, 03 Dec 2016 23:41:58 +0100
Message-id: <[🔎] 1480804918.2689884.807440001.72EF1265@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : openafs
Version        : 1.6.1-3+deb7u7
CVE ID         : CVE-2016-9772

It was discovered that there was an information leak vulnerability in
openafs, a distributed filesystem.

Due to incomplete initialization or clearing of reused memory, OpenAFS
directory objects are likely to contain 'dead' directory entry
information.

For Debian 7 "Wheezy", this issue has been fixed in openafs version
1.6.1-3+deb7u7.

We recommend that you upgrade your openafs packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlhDSi4ACgkQHpU+J9Qx
Hlh2jQ//eQj9nObvDPOJBXopYv0v1mn1DrC4Y8jFiGPwfm6gApbAjlqTowJADELO
+NoCoHvJqvjbOFWstQ0Hfv3t3zJV4oIXM6+wFy1duqk+JDp7E2uOb09LAW+O7xfJ
eCqgJ29UJw8zEUu+/tXujvcXh5dB2o5PVzosUQVaUUiJMw7/yA9erIhgP0vg1trE
VJ1zz7PJrYkXGeat6GVM/0irUSA+2uGrVXS5GLi/GrEXhgfoPUKddmYKHXY/r5vF
w2hXudKC8jwuY81qnuUW36iu82vI0OShPv4n6MJogV9X90kjFDUMVhC1XrikSzz6
uUIoqt8ItOapF91pvI0du5d0KSP7dXp3bpPb0g0j5mxLnnZohUiJVz8hH+ydvz0s
iQQW2CQaPxirT9Nlc4/ObLK4SLWGHEPmY8aXLecUlyHuRcaKFMUjGJstqHwjXQB8
OfrulIUWLJ7ecfzCMVq/euUvexclVCsk8H7Q82fwxhUCvH3U8Q9qiMFjHoB4IaAX
GwvHVnCldUIeF2rQKLBQDiMxlEtUQ96LyNmQJN0x8ai4LnILDCt/HmS6cj0Jayvw
CovoXahOB0ThLqtxHUzJJ6iAF7SBb5y2P0EFw+NUuM79ttWDpBEDaQ4c8AtDxrwh
NDf5ewogH09xVEmARqeTaCe9F1ff3eUc0Hv36tmMR0SW4lFZ+yc=
=0Qku
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 732-1] monit security update
Next by Date: [SECURITY] [DLA 732-2] monit regression update
Previous by thread: [SECURITY] [DLA 732-1] monit security update
Next by thread: [SECURITY] [DLA 732-2] monit regression update
Index(es):
- Date
- Thread