Bulletin d'alerte Debian
DSA-1768-1 openafs -- Plusieurs vulnérabilités
- Date du rapport :
- 10 avril 2009
- Paquets concernés :
- openafs
- Vulnérabilité :
- Oui
- Références dans la base de données de sécurité :
- Dans le dictionnaire CVE du Mitre : CVE-2009-1250, CVE-2009-1251.
- Plus de précisions :
-
Deux vulnérabilités ont été découvertes dans le client d'OpenAFS, un système de fichiers distribué.
- CVE-2009-1251
Un attaquant ayant le contrôle d'un serveur de fichiers ou la capacité de forger des paquets RX pourrait exécuter du code arbitraire dans le mode noyau sur un client OpenAFS à cause d'une vulnérabilité dans le décodage des tableaux XDR.
- CVE-2009-1250
Un attaquant ayant le contrôle d'un serveur de fichiers ou la capacité de forger des paquets RX pourrait planter les clients OpenAFS à cause de codes de retour d'erreurs mal gérés dans le module du noyau.
Veuiller noter que pour appliquer cette mise à jour de sécurité, vous devez reconstruire le module du noyau OpenAFS. Soyez sûr également de mettre à niveau openafs-modules-source, de construire un nouveau module du noyau pour votre système en suivant les instructions dans /usr/share/doc/openafs-client/README.modules.gz et d'arrêter puis relancer openafs-client, ou bien redémarrer le système pour recharger le module du noyau.
Pour l'ancienne distribution stable (Etch), ces problèmes ont été corrigés dans la version 1.4.2-6etch2.
Pour la distribution stable (Lenny), ces problèmes ont été corrigés dans la version 1.4.7.dfsg1-6+lenny1.
Pour la distribution unstable (Sid), ces problèmes ont été corrigés dans la version 1.4.10+dfsg1-1.
Nous vous recommandons de mettre à jour vos paquets openafs.
- CVE-2009-1251
- Corrigé dans :
-
Debian GNU/Linux 4.0 (etch)
- Source :
- http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.2.orig.tar.gz
- http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.2-6etch2.dsc
- http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.2-6etch2.diff.gz
- http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.2-6etch2.dsc
- Composant indépendant de l'architecture :
- http://security.debian.org/pool/updates/main/o/openafs/openafs-doc_1.4.2-6etch2_all.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-modules-source_1.4.2-6etch2_all.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-modules-source_1.4.2-6etch2_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch2_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch2_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch2_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch2_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_amd64.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_hppa.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_hppa.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_hppa.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch2_hppa.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_hppa.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch2_hppa.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_hppa.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_hppa.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch2_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch2_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch2_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch2_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_ia64.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch2_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch2_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch2_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch2_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch2_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch2_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch2_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch2_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch2_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch2_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch2_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch2_sparc.deb
Debian GNU/Linux 5.0 (lenny)
- Source :
- http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.7.dfsg1-6+lenny1.diff.gz
- http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.7.dfsg1.orig.tar.gz
- http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.7.dfsg1-6+lenny1.dsc
- http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.7.dfsg1.orig.tar.gz
- Composant indépendant de l'architecture :
- http://security.debian.org/pool/updates/main/o/openafs/openafs-modules-source_1.4.7.dfsg1-6+lenny1_all.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-doc_1.4.7.dfsg1-6+lenny1_all.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-doc_1.4.7.dfsg1-6+lenny1_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_alpha.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_amd64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_arm.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_arm.deb
- ARM EABI:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_armel.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_armel.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_i386.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_ia64.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_ia64.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_powerpc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_s390.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.7.dfsg1-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.7.dfsg1-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.7.dfsg1-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.7.dfsg1-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.7.dfsg1-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.7.dfsg1-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.7.dfsg1-6+lenny1_sparc.deb
- http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.7.dfsg1-6+lenny1_sparc.deb
Les sommes MD5 des fichiers indiqués sont disponibles sur la page originale de l'alerte de sécurité.