• [SECURITY] [DSA 5842-1] openafs security update

    From Salvatore Bonaccorso@21:1/5 to All on Sat Jan 11 12:40:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5842-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2025 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : openafs
    CVE ID : CVE-2024-10394 CVE-2024-10396 CVE-2024-10397
    Debian Bug : 1087406 1087407

    Several vulnerabilities were discovered in OpenAFS, an implementation of
    the AFS distributed filesystem, which may result in theft of credentials
    in Unix client PAGs (CVE-2024-10394), fileserver crashes and information
    leak on StoreACL/FetchACL (CVE-2024-10396) or buffer overflows in XDR
    responses resulting in denial of service and potentially code execution (CVE-2024-10397).

    For the stable distribution (bookworm), these problems have been fixed
    in version 1.8.9-1+deb12u1.

    We recommend that you upgrade your openafs packages.

    For the detailed security status of openafs please refer to its security tracker page at:
    https://security-tracker.debian.org/tracker/openafs

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmeCVn9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RlGg//YOizHS/4uE2qeksEA9GdQroD51UhYckMFaNrtP4y3G/UjNKFE3l9b+wY oF3/hA6Z+7PDN6nQe9jRGiKdl1/22x5+l42RjRRU7p+8anIZl2rAHIUczVFLXFC0 N7+C+IUictTrPAlTFTi5Xdps68ZkLfXfx4eTJ6i1IwBUsdXpArghYhpePZfzpdH9 p4GheeCbETmuKQGhjpoqYSS1YxW2RA70vWPzO13F0WBhbxYr5FYmY+P1H6pi0rpH qRfvmpjRgWbIWJa1S5aAfyibSrsWSXEqqcJ44cI2iZXrL2ZMFJrAJoG+k6PQgIjx Qpz7oZRWCgYZ3+WpQHqMroQA5mEh5hlTsyfG/cfTIYIt54BfBgPMce2C7CVK/b7g 68f69mIj2dhPd8xIir8RX8FYnfDDmQmzCQs7ofFzGpPrFgQyatR4OtlxgLtoTHrM 6AHGu86QZuekMS7gU/PNYv4YtYrKDnGoyaHkyljqYkdNERTUym3JVWKyXJtl+pSu myhlZ8jMPxsI0DJ+rhGdQPanniLaKxxr9RNz1SC4dHSwjJT2Tjh0xyreMs1VZ+ns lbp+8wRZkmCA1S1R9P8ISwMNgTbx3Tf7P8na5KUN+hywcV4NYkFmHb1O7xRZV7av 5aIZqfLranfphyoUYPzYqgu9yS6zmuNrRGmQSlZfWnWdv6NTad8=
    =80li
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)