Debian: DSA-2729-1 Important: Update for OpenAFS Encryption Issues
debian
July 28, 2013
OpenAFS, the implementation of the distributed filesystem AFS, has been updated to no longer use DES for the encryption of tickets
Topics Covered
Summary
OpenAFS, the implementation of the distributed filesystem AFS, has been
updated to no longer use DES for the encryption of tickets. Additional
migration steps are needed to fully set the update into effect. For more
information please see the upstream advisory:
http://www.openafs.org/security/OPENAFS-SA-2013-003.txt
In addition the 'encrypt' option to the 'vos' tool was fixed.
For the oldstable distribution (squeeze), these problems have been fixed in
version 1.4.12.1+dfsg-4+squeeze2.
For the stable distribution (wheezy), these problems have been fixed in
version 1.6.1-3+deb7u1.
For the unstable distribution (sid), these problems have been fixed in
version 1.6.5-1.
We recommend that you upgrade your openafs packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Package: openafs
CVE ID: CVE-2013-4134 CVE-2013-4135
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!