Explore top 10 tips to secure your open-source projects now. Read More
×
Date: Thu, 17 Mar 2016 14:56:14 -0500 Reply-To: Pat RieheckySender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Critical: OpenAFS on SL5.x, SL6.x, SL7.x i386/x86_64 MIME-Version: 1.0 Message-ID: <56EB0BDE.4090501@fnal.gov> Synopsis: Critical: OpenAFS security update Advisory ID: OPENAFS-SA-2016-001/2 Issue Date: 2016-03-17 CVE Numbers: CVE-2016-2860 -- This release fixes the vulnerabilities tracked as OPENAFS-SA-2016-001 and OPENAFS-SA-2016-002. OPENAFS-SA-2016-001 (CVE-2016-2860): Users from foreign Kerberos realms can create groups as if they were administrators OPENAFS-SA-2016-002: Information leakage over the network due to uninitialized memory For more details please see http://www.openafs.org/pages/security/OPENAFS-SA-2016-001.txt http://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt -- SL5 x86_64 kernel-module-openafs-2.6.18-406.el5-1.4.15-89.sl5.x86_64.rpm kernel-module-openafs-2.6.18-406.el5xen-1.4.15-89.sl5.x86_64.rpm openafs-1.4.15-89.sl5.x86_64.rpm openafs-authlibs-1.4.15-89.sl5.x86_64.rpm openafs-authlibs-devel-1.4.15-89.sl5.x86_64.rpm openafs-client-1.4.15-89.sl5.x86_64.rpm openafs-compat-1.4.15-89.sl5.x86_64.rpm openafs-debug-1.4.15-89.sl5.x86_64.rpm openafs-devel-1.4.15-89.sl5.x86_64.rpm openafs-kernel-source-1.4.15-89.sl5.x86_64.rpm openafs-kpasswd-1.4.15-89.sl5.x86_64.rpm openafs-krb5-1.4.15-89.sl5.x86_64.rpm openafs-server-1.4.15-89.sl5.x86_64.rpm i386 kernel-module-openafs-2.6.18-406.el5-1.4.15-89.sl5.i686.rpm kernel-module-openafs-2.6.18-406.el5PAE-1.4.15-89.sl5.i686.rpm kernel-module-openafs-2.6.18-406.el5xen-1.4.15-89.sl5.i686.rpm openafs-1.4.15-89.sl5.i386.rpm openafs-authlibs-1.4.15-89.sl5.i386.rpm openafs-authlibs-devel-1.4.15-89.sl5.i386.rpm openafs-client-1.4.15-89.sl5.i386.rpm openafs-compat-1.4.15-89.sl5.i386.rpm openafs-debug-1.4.15-89.sl5.i386.rpm openafs-devel-1.4.15-89.sl5.i386.rpm openafs-kernel-source-1.4.15-89.sl5.i386.rpm openafs-kpasswd-1.4.15-89.sl5.i386.rpm openafs-krb5-1.4.15-89.sl5.i386.rpm openafs-server-1.4.15-89.sl5.i386.rpm SL6 x86_64 kmod-openafs-573-1.6.17-234.sl6.573.12.1.x86_64.rpm openafs-1.6.17-234.sl6.x86_64.rpm openafs-authlibs-1.6.17-234.sl6.x86_64.rpm openafs-authlibs-devel-1.6.17-234.sl6.x86_64.rpm openafs-client-1.6.17-234.sl6.x86_64.rpm openafs-compat-1.6.17-234.sl6.x86_64.rpm openafs-devel-1.6.17-234.sl6.x86_64.rpm openafs-kernel-source-1.6.17-234.sl6.x86_64.rpm openafs-kpasswd-1.6.17-234.sl6.x86_64.rpm openafs-krb5-1.6.17-234.sl6.x86_64.rpm openafs-module-tools-1.6.17-234.sl6.x86_64.rpm openafs-plumbing-tools-1.6.17-234.sl6.x86_64.rpm openafs-server-1.6.17-234.sl6.x86_64.rpm i386 kmod-openafs-573-1.6.17-234.sl6.573.12.1.i686.rpm openafs-1.6.17-234.sl6.i686.rpm openafs-authlibs-1.6.17-234.sl6.i686.rpm openafs-authlibs-devel-1.6.17-234.sl6.i686.rpm openafs-client-1.6.17-234.sl6.i686.rpm openafs-compat-1.6.17-234.sl6.i686.rpm openafs-devel-1.6.17-234.sl6.i686.rpm openafs-kernel-source-1.6.17-234.sl6.i686.rpm openafs-kpasswd-1.6.17-234.sl6.i686.rpm openafs-krb5-1.6.17-234.sl6.i686.rpm openafs-module-tools-1.6.17-234.sl6.i686.rpm openafs-plumbing-tools-1.6.17-234.sl6.i686.rpm openafs-server-1.6.17-234.sl6.i686.rpm SL7 x86_64 kmod-openafs-1.6-sl-327-1.6.17-234.sl7.327.10.1.x86_64.rpm openafs-1.6-sl-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-authlibs-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-authlibs-devel-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-client-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-compat-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-devel-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-kernel-source-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-kpasswd-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-krb5-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-module-tools-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-plumbing-tools-1.6.17-234.sl7.x86_64.rpm openafs-1.6-sl-server-1.6.17-234.sl7.x86_64.rpm