Scientific Linux: OPENAFS-SA-2016-001 Critical: Kerberos Issue

Date: Thu, 17 Mar 2016 14:56:14 -0500
Reply-To: Pat Riehecky 
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Critical: OpenAFS on SL5.x, SL6.x,
 SL7.x i386/x86_64
MIME-Version: 1.0
Message-ID: <56EB0BDE.4090501@fnal.gov>

Synopsis: Critical: OpenAFS security update
Advisory ID: OPENAFS-SA-2016-001/2
Issue Date: 2016-03-17
CVE Numbers: CVE-2016-2860

--

This release fixes the vulnerabilities tracked as OPENAFS-SA-2016-001
and OPENAFS-SA-2016-002.

OPENAFS-SA-2016-001 (CVE-2016-2860): Users from foreign Kerberos realms
can create groups as if they were administrators
OPENAFS-SA-2016-002: Information leakage over the network due to
uninitialized memory

For more details please see

 http://www.openafs.org/pages/security/OPENAFS-SA-2016-001.txt
 http://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt
--

SL5
 x86_64
 kernel-module-openafs-2.6.18-406.el5-1.4.15-89.sl5.x86_64.rpm
 kernel-module-openafs-2.6.18-406.el5xen-1.4.15-89.sl5.x86_64.rpm
 openafs-1.4.15-89.sl5.x86_64.rpm
 openafs-authlibs-1.4.15-89.sl5.x86_64.rpm
 openafs-authlibs-devel-1.4.15-89.sl5.x86_64.rpm
 openafs-client-1.4.15-89.sl5.x86_64.rpm
 openafs-compat-1.4.15-89.sl5.x86_64.rpm
 openafs-debug-1.4.15-89.sl5.x86_64.rpm
 openafs-devel-1.4.15-89.sl5.x86_64.rpm
 openafs-kernel-source-1.4.15-89.sl5.x86_64.rpm
 openafs-kpasswd-1.4.15-89.sl5.x86_64.rpm
 openafs-krb5-1.4.15-89.sl5.x86_64.rpm
 openafs-server-1.4.15-89.sl5.x86_64.rpm
 i386
 kernel-module-openafs-2.6.18-406.el5-1.4.15-89.sl5.i686.rpm
 kernel-module-openafs-2.6.18-406.el5PAE-1.4.15-89.sl5.i686.rpm
 kernel-module-openafs-2.6.18-406.el5xen-1.4.15-89.sl5.i686.rpm
 openafs-1.4.15-89.sl5.i386.rpm
 openafs-authlibs-1.4.15-89.sl5.i386.rpm
 openafs-authlibs-devel-1.4.15-89.sl5.i386.rpm
 openafs-client-1.4.15-89.sl5.i386.rpm
 openafs-compat-1.4.15-89.sl5.i386.rpm
 openafs-debug-1.4.15-89.sl5.i386.rpm
 openafs-devel-1.4.15-89.sl5.i386.rpm
 openafs-kernel-source-1.4.15-89.sl5.i386.rpm
 openafs-kpasswd-1.4.15-89.sl5.i386.rpm
 openafs-krb5-1.4.15-89.sl5.i386.rpm
 openafs-server-1.4.15-89.sl5.i386.rpm
SL6
 x86_64
 kmod-openafs-573-1.6.17-234.sl6.573.12.1.x86_64.rpm
 openafs-1.6.17-234.sl6.x86_64.rpm
 openafs-authlibs-1.6.17-234.sl6.x86_64.rpm
 openafs-authlibs-devel-1.6.17-234.sl6.x86_64.rpm
 openafs-client-1.6.17-234.sl6.x86_64.rpm
 openafs-compat-1.6.17-234.sl6.x86_64.rpm
 openafs-devel-1.6.17-234.sl6.x86_64.rpm
 openafs-kernel-source-1.6.17-234.sl6.x86_64.rpm
 openafs-kpasswd-1.6.17-234.sl6.x86_64.rpm
 openafs-krb5-1.6.17-234.sl6.x86_64.rpm
 openafs-module-tools-1.6.17-234.sl6.x86_64.rpm
 openafs-plumbing-tools-1.6.17-234.sl6.x86_64.rpm
 openafs-server-1.6.17-234.sl6.x86_64.rpm
 i386
 kmod-openafs-573-1.6.17-234.sl6.573.12.1.i686.rpm
 openafs-1.6.17-234.sl6.i686.rpm
 openafs-authlibs-1.6.17-234.sl6.i686.rpm
 openafs-authlibs-devel-1.6.17-234.sl6.i686.rpm
 openafs-client-1.6.17-234.sl6.i686.rpm
 openafs-compat-1.6.17-234.sl6.i686.rpm
 openafs-devel-1.6.17-234.sl6.i686.rpm
 openafs-kernel-source-1.6.17-234.sl6.i686.rpm
 openafs-kpasswd-1.6.17-234.sl6.i686.rpm
 openafs-krb5-1.6.17-234.sl6.i686.rpm
 openafs-module-tools-1.6.17-234.sl6.i686.rpm
 openafs-plumbing-tools-1.6.17-234.sl6.i686.rpm
 openafs-server-1.6.17-234.sl6.i686.rpm
SL7
 x86_64
 kmod-openafs-1.6-sl-327-1.6.17-234.sl7.327.10.1.x86_64.rpm
 openafs-1.6-sl-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-authlibs-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-authlibs-devel-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-client-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-compat-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-devel-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-kernel-source-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-kpasswd-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-krb5-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-module-tools-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-plumbing-tools-1.6.17-234.sl7.x86_64.rpm
 openafs-1.6-sl-server-1.6.17-234.sl7.x86_64.rpm