Debian: DSA-1768-1: New openafs packages potential code execution
Summary
Two vulnerabilities were discovered in the client part of OpenAFS, a
distributed file system.
An attacker with control of a file server or the ability to forge RX
packets may be able to execute arbitrary code in kernel mode on an
OpenAFS client, due to a vulnerability in XDR array decoding.
(CVE-2009-1251)
An attacker with control of a file server or the ability to forge RX
packets may crash OpenAFS clients because of wrongly handled error
return codes in the kernel module. (CVE-2009-1250).
Note that in order to apply this security update, you must rebuild the
OpenAFS kernel module. Be sure to also upgrade openafs-modules-source,
build a new kernel module for your system following the instructions in
/usr/share/doc/openafs-client/README.modules.gz, and then either stop
and restart openafs-client or reboot the system to reload the kernel
module.
For the old stable distribution (etch), these problems have been fixed
in version 1.4.2-6etch2.
For the stable distribution (lenny), these problems have been fixed in
version 1.4.7.dfsg1-6+lenny1.
For the unstable distribution (sid), these problems have been fixed in
version 1.4.10+dfsg1-1.
We recommend that you upgrade your openafs packages.
Upgrade instructions
- --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Source archives:
Size/MD5 checksum: 9210858 5c1c4c39a592ec52f5a4fa68f89ab7e3
Size/MD5 checksum: 887 ff63ecb5f4cf0f3361069c6061224ce9
Size/MD5 checksum: 117764 487bfab3c9b7cfad81e06f04b1fa897a
Architecture independent packages:
Size/MD5 checksum: 2940110 a64e9f780ec6a4432aedf53c27ee3a1d
Size/MD5 checksum: 5624824 32d27878083f551fcd1803c2cf0dbd4b
alpha architecture (DEC Alpha)
Size/MD5 checksum: 1853416 56085571ef17a26770c6eb04538339eb
Size/MD5 checksum: 1303016 1edaf6edfb68b3caf043c8dfb8d593c7
Size/MD5 checksum: 506642 a7d279ea4ad3b1e2238e82dee4534af1
Size/MD5 checksum: 3628530 ff2e6271979624e7026117a05df3f03a
Size/MD5 checksum: 204634 97a9df7f542c88b5900ac5b2458d9a70
Size/MD5 checksum: 2910284 e94a51ca1a6fb3fdea8484f373e10353
Size/MD5 checksum: 739996 c50b8272e79b045b959b54870c5f1598
Size/MD5 checksum: 359504 17c1732ab05c071a95a8b311d9efabdd
amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 315158 4ca83e592759f2b2ee4bc67f479aab29
Size/MD5 checksum: 643222 07f4655546acdf3d4535e9a5db9f2255
Size/MD5 checksum: 1917858 513bc6c6de8bb1cdefaf8e5727aef220
Size/MD5 checksum: 1134526 9daea210979bd01814a3aebcf71b2fa1
Size/MD5 checksum: 182478 232cafee4236d622b2fcf4d253fc5269
Size/MD5 checksum: 2208172 82afb10142c3e7cec7273547acd7037e
Size/MD5 checksum: 454664 2ec4fb4ce52fc9b585c6d244a663a69a
Size/MD5 checksum: 3284292 dd5aece3f1272ec87d14a79feaf6fd6b
hppa architecture (HP PA RISC)
Size/MD5 checksum: 3292666 10f50a1cdd46b4b6b8e2754a6f7455da
Size/MD5 checksum: 184440 215b5cc8e1663022ac6ca0b729ec7714
Size/MD5 checksum: 1184938 4ef86e59b8f30eca29151f881048c093
Size/MD5 checksum: 479574 830d632e59cbdd163b54ca130c3c929e
Size/MD5 checksum: 2399172 a6975a235b6101ac2e8e9c7151bdd672
Size/MD5 checksum: 1796720 2262bb907db07dbad93eab136bd2c420
Size/MD5 checksum: 319966 1c559c72f28bdf60d1445d521a866d95
Size/MD5 checksum: 648212 ad7827316ce3f58a66bbdb9eddc5a361
i386 architecture (Intel ia32)
Size/MD5 checksum: 412682 eb1cdb1c1888f74505be5229db24a9a9
Size/MD5 checksum: 2858414 bff2134fd51d1bc2dbb84f8dd3875247
Size/MD5 checksum: 1872636 ad1d2b32b5828539eb13e76a872490d3
Size/MD5 checksum: 1859744 28fc1ddcbad7d10c533600cae9474565
Size/MD5 checksum: 159880 2843e21a778bee6e82253c9e2584a714
Size/MD5 checksum: 1004346 0abde2a25732eb8f8705a5e6092bc5eb
Size/MD5 checksum: 541688 924eed963a0028eb7f59d74687645726
Size/MD5 checksum: 271538 9d964d71488cc7a43d0ac60357cf3ca7
ia64 architecture (Intel ia64)
Size/MD5 checksum: 442138 c59acbfd84eddc570a3bc0ffdac6c36d
Size/MD5 checksum: 3062964 ba2b421f642441338f48980e9fac5b48
Size/MD5 checksum: 4528696 09e89fd21ab74a7d17efce21737a9673
Size/MD5 checksum: 249324 431bb9b524f41dde471a6f3a12b480a1
Size/MD5 checksum: 1721870 2251949c1834187d410017cdf8b5e4c5
Size/MD5 checksum: 1795936 7ac426006dbf8a2a0ccfb6c1e896c17d
Size/MD5 checksum: 919766 605e7c2d037dc74c1e7252737fe20eb0
Size/MD5 checksum: 654990 a2ea9f190d14befb34117f8a98ceb949
powerpc architecture (PowerPC)
Size/MD5 checksum: 597180 cb415e57fe84b25c8db8a8fbb6bd26a4
Size/MD5 checksum: 297804 ec6b038def821291978a073137a71e85
Size/MD5 checksum: 1101400 a62f238cba7d79060118a68c33b71b6f
Size/MD5 checksum: 463456 8fda454359e9b13e9220826f38532b0c
Size/MD5 checksum: 1836792 2ac2f6a7c137db6dc9fb14ddb624df3c
Size/MD5 checksum: 3083868 6e3aafce463633db6400329752f684ca
Size/MD5 checksum: 174070 8ef14dd7274edf84b67d8aefacee8d16
Size/MD5 checksum: 2187502 d710e927c7b2795cab6dc46f28cdf5a0
s390 architecture (IBM S/390)
Size/MD5 checksum: 1013480 da4edcabaf8f2e89aecf5b22979712cc
Size/MD5 checksum: 283114 32d40bf330966abf38d13db0d736cf4a
Size/MD5 checksum: 563314 1c1e67a21763f2b2d286a872b6b9cac5
Size/MD5 checksum: 415850 82017adc09419a5afa2eca18d5b644ef
Size/MD5 checksum: 1688962 678ec7b8a2d13eeb9ca45df5189d638a
Size/MD5 checksum: 165330 101cfdf5e2e0364b0d2a3fe9b78a29c2
Size/MD5 checksum: 2904712 1e6275e4121f115c582c4896deb5d124
Size/MD5 checksum: 2000244 c58563f0618a2bc4305c3437aa2b62ab
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5 checksum: 1644716 5be28fd6f9172687666e217922c9ce42
Size/MD5 checksum: 160470 f470fc3e3e9329788ed5532042233334
Size/MD5 checksum: 2060384 ba17808fa29f9596d04d98512b79c949
Size/MD5 checksum: 411902 bddb13fb5ab4282e11f54643d0f51bf6
Size/MD5 checksum: 993682 6ad849979bc67faab08488765439d56a
Size/MD5 checksum: 274334 fefbe53c95fbcd8a4aefd958ce079b22
Size/MD5 checksum: 531578 2652c6f7a245e9c2448c1c7087b1a714
Size/MD5 checksum: 2851012 7ac608d08f13e8d64853cf10ecec0cad
Debian GNU/Linux 5.0 alias lenny
Source archives:
Size/MD5 checksum: 128094 490d21c6e68bb417ec48dd134dacbef1
Size/MD5 checksum: 8301127 f9addcc5acf79a6fea486ed9b15464c2
Size/MD5 checksum: 1475 d57b10dbaa63b7a2e9dfaf8bf90a4fbb
Architecture independent packages:
Size/MD5 checksum: 4575620 1f6204119b8b455cc3bf1552d7cae000
Size/MD5 checksum: 2658724 2a792863d0f46edd3820995a8b2d6f6b
alpha architecture (DEC Alpha)
Size/MD5 checksum: 522908 b929ad4623c5c7cab562d417ee6ecf08
Size/MD5 checksum: 768694 16c1a72306130d0159b1e3171c910ba0
Size/MD5 checksum: 360178 6db2ee96349019fe017d2a91d84dfde4
Size/MD5 checksum: 1365416 26ff8024c8b2cc27f67713d776fa8e10
Size/MD5 checksum: 2930116 ce7b3522609b390b078969d47f2b0642
Size/MD5 checksum: 336284 71ac3f4043034194784fed29cfd16056
Size/MD5 checksum: 3721230 84e2386ef002b4076944bf348b79d410
Size/MD5 checksum: 2714604 0f24c1fac559bdb07f91401e97695f71
amd64 architecture (AMD x86_64 (AMD64))
Size/MD5 checksum: 2907214 718e85835e31fc7f76f3bb224c3579bc
Size/MD5 checksum: 480764 e5cb8a603f9ed1dac045ca478132127d
Size/MD5 checksum: 1221924 21c81cab61b1f1684704d3439d606236
Size/MD5 checksum: 303978 0a097d3eeeae7f2f9a7b034fd0c46488
Size/MD5 checksum: 2250652 c0b659c1047dfb7422259a89a960024f
Size/MD5 checksum: 686712 931daa81385a01b3993593c8f1b0a221
Size/MD5 checksum: 324236 16d0ffe23a3b26fcd1cf19868568767c
Size/MD5 checksum: 3456882 87d41528310632afc12e25710a75c0ad
arm architecture (ARM)
Size/MD5 checksum: 601934 1c9ebe57ac890af09117541bc680a424
Size/MD5 checksum: 294438 b9c77ec6ec48d120d6e268c469553576
Size/MD5 checksum: 275306 068a10a28366247641ad3c42bdb6fc56
Size/MD5 checksum: 2013762 9ad6596218c8620868b46b71846940c1
Size/MD5 checksum: 2402806 557fe264ced2375c40f905e95833ac8e
Size/MD5 checksum: 1056870 b1079c8b2427fc316dc79ee1bda8858b
Size/MD5 checksum: 3139702 6822349ec442a296527d529cf509c1ff
Size/MD5 checksum: 397620 ce25906e32d774f63068a4300cc82878
armel architecture (ARM EABI)
Size/MD5 checksum: 293648 4333135c37132dad45d6d10bd644b032
Size/MD5 checksum: 598340 87ac94269b06cfbd91e8df8f8d91e365
Size/MD5 checksum: 275534 ef7190b4bce3e3615b70ad6ecb4f41e4
Size/MD5 checksum: 400012 f419cf51a2e4caa1693a0f3aaf29c443
Size/MD5 checksum: 2008146 70982cae91a60c226c0234cfbbd79566
Size/MD5 checksum: 3142234 6d9a77dd054cb66e053fa98ff5e6cce9
Size/MD5 checksum: 1060898 464720713e85a39aded745d953266d68
Size/MD5 checksum: 2410162 a557077e9b10e14c4f0fedc0c6f1054b
i386 architecture (Intel ia32)
Size/MD5 checksum: 1888906 def7c7cfb820017d6539c02aec8f6810
Size/MD5 checksum: 255956 69cd4be1d18e5f1e25289aaccc233b9c
Size/MD5 checksum: 1053588 759017d3377900cfa60869b1b0a59414
Size/MD5 checksum: 2752182 274abd42f9a1b7456579589954953fe4
Size/MD5 checksum: 2953454 2dd83965247208e3002dedb924dc2027
Size/MD5 checksum: 273646 2393084c4776d153fa4388818273d562
Size/MD5 checksum: 562250 2a8af2ed3a0a13d8fb53bb32314ad1ed
Size/MD5 checksum: 427564 1307de2b784c69f2a09d9a9bb26a6a1f
ia64 architecture (Intel ia64)
Size/MD5 checksum: 970518 621a5120e81133496e0848574faec2cf
Size/MD5 checksum: 449120 8d812e3c11fffa6e7675df817d81a5d8
Size/MD5 checksum: 673110 a4e480a156d3af6adff759dd811cd4a4
Size/MD5 checksum: 1811830 b1d306b6e2641ec92051744143a06e80
Size/MD5 checksum: 2708474 13ee7fe715bfeb1ca1d3ae604e8695d9
Size/MD5 checksum: 3087710 d339c731692f8f4ac52692931aa04f30
Size/MD5 checksum: 4672464 4097c4336c56b701d1934746c12ce2f1
Size/MD5 checksum: 423100 7f5850228bc6a65e946c57df17613859
powerpc architecture (PowerPC)
Size/MD5 checksum: 468438 20412b0d411196cc757babfd034ac308
Size/MD5 checksum: 1183086 d627f6198081e4de75b7d405ecdfebeb
Size/MD5 checksum: 2207894 4b1aa478a95c9f34fbeb0afa98e77142
Size/MD5 checksum: 292746 c882840a669038a9a2d9b4d9e523cc79
Size/MD5 checksum: 2685464 2c01217e779f5be5d3656e8f564479b6
Size/MD5 checksum: 3265106 1ce257b50be112b0d24cadebbeac244f
Size/MD5 checksum: 640356 083ecd8db4fda63c0b349125855f206b
Size/MD5 checksum: 306712 457de43db1d1f9647fd0191a1208c8a6
s390 architecture (IBM S/390)
Size/MD5 checksum: 3041550 3f3f6db499d78fefd100aeb85483f9b1
Size/MD5 checksum: 433148 d2c56defa91ce6b4c8c6090d050f7eb5
Size/MD5 checksum: 592864 11d8451fd0bb8a0a5e58db5a48b0e89d
Size/MD5 checksum: 2551342 6ab42c15f10c42a82bff0e6fbac3f294
Size/MD5 checksum: 288726 4c636d8b76ad34d28cae8f6df32a60df
Size/MD5 checksum: 1082220 2c235d1fcb12c18ebac5b89e34ec9445
Size/MD5 checksum: 2029632 cb5e8e312beaa5e6573f8d0b2264af11
Size/MD5 checksum: 270938 85138d52557caaeeef29b901ea97f02f
sparc architecture (Sun SPARC/UltraSPARC)
Size/MD5 checksum: 2973214 22bc0bc12acf0072e476b6868b8962f2
Size/MD5 checksum: 424844 4b9135e7f345eb5780b5160055cabd59
Size/MD5 checksum: 2073182 87e11dcf57ca9381c0f79a979754a5b3
Size/MD5 checksum: 2385864 254c2375dc2eae8487623d9f6b61d50b
Size/MD5 checksum: 258042 d6b17d1efb712561a2f57257fa4ee523
Size/MD5 checksum: 276954 6cfef0121379339e7960dcc42bd96347
Size/MD5 checksum: 561164 3b75561f33707b277f196a7e4a728087
Size/MD5 checksum: 1057466 09d7b88fa732432ebea38cec69f113bf
These files will probably be moved into the stable distribution on
its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
