Security Information / 2013 / Security Information -- DSA-2638-1 openafs

Debian Security Advisory

DSA-2638-1 openafs -- buffer overflow

Date Reported:

04 Mar 2013

Affected Packages:

openafs

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2013-1794, CVE-2013-1795.

More information:

Multiple buffer overflows were discovered in OpenAFS, the implementation of the distributed filesystem AFS, which might result in denial of service or the execution of arbitrary code. Further information is available at http://www.openafs.org/security.

For the stable distribution (squeeze), this problem has been fixed in version 1.4.12.1+dfsg-4+squeeze1.

For the unstable distribution (sid), this problem has been fixed in version 1.6.1-3.

We recommend that you upgrade your openafs packages.