CVS commit: pkgsrc/filesystems/openafs

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/filesystems/openafs
From: "Jonathan A. Kollasch" <jakllsch%netbsd.org@localhost>
Date: Wed, 28 Oct 2015 19:43:01 +0000

Module Name:    pkgsrc
Committed By:   jakllsch
Date:           Wed Oct 28 19:43:01 UTC 2015

Modified Files:
        pkgsrc/filesystems/openafs: Makefile distinfo

Log Message:
update openafs to 1.6.15

OpenAFS 1.6.15 (Security Release)

  All client and server platforms

    * Fix for OPENAFS-SA-2015-007 "Tattletale"

      When constructing an Rx acknowledgment (ACK) packet, Andrew-derived
      Rx implementations do not initialize three octets of data that are
      padding in the C language structure and were inadvertently included
      in the wire protocol (CVE-2015-7762).  Additionally, OpenAFS Rx in
      versions 1.5.75 through 1.5.78, 1.6.0 through 1.6.14, and 1.7.0
      through 1.7.32 include a variable-length padding at the end of the
      ACK packet, in an attempt to detect the path MTU, but only four octets
      of the additional padding are initialized (CVE-2015-7763).


To generate a diff of this commit:
cvs rdiff -u -r1.9 -r1.10 pkgsrc/filesystems/openafs/Makefile \
    pkgsrc/filesystems/openafs/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/graphics/gnuplot
Next by Date: CVS commit: pkgsrc/mk/defaults
Previous by Thread: CVS commit: pkgsrc/graphics/gnuplot
Next by Thread: CVS commit: pkgsrc/mk/defaults
Indexes:

Home | Main Index | Thread Index | Old Index