Subject: | |
From: | |
Reply To: | |
Date: | Tue, 7 Apr 2009 14:22:11 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Stephan Wiesand wrote:
> Hi All,
>
> the OpenAFS folks issued two security advisories:
>
> http://www.openafs.org/pages/security/OPENAFS-SA-2009-001.txt
> http://www.openafs.org/pages/security/OPENAFS-SA-2009-002.txt
>
> Exploiting these issues is probably very difficult, but the impact
> especially of the first one could be really serious.
>
> The patches provided apply reasonably cleanly to our current build
> for SL5 (1.4.7-68.1, which is a minute update to the current one on SL4,
> 1.4.7-68), and from reading the source and the patches, it should be ok to
> just use them like this.
>
> I put up an SRPM with these patches here:
>
> http://www-zeuthen.desy.de/~wiesand/SL5/openafs.SLx-1.4.7-68.2.src.rpm
>
> I could not yet test the resulting RPMs yet, and won't be able to do so
> before tomorrow during the day (GMT+2), but wanted to provide this asap in
> case someone else can.
>
> Once tested, this should probably become a "critical" security update for
> SL4 and SL5.
>
> The patches do not apply to the 1.2.13 source (for SL3). It seems quite
> feasible to apply the required changes (I wouldn't even call it
> "backporting"), but that will take some time and testing the SL5 and
> SL4 builds is much higher on my priority list. As a stopgap measure, the
> 1.4.7-68.2 SRPM will build and should work on SL3 as well.
>
> Cheers,
> Stephan
>
It is now up in the testing are for SL4 and SL5. I have installed and
started it on a SL50 machine, but no other testing.
I will send out an e-mail to have people test it.
Troy
--
__________________________________________________
Troy Dawson [log in to unmask] (630)840-6468
Fermilab ComputingDivision/LCSI/CSI LMSS Group
__________________________________________________
|
|
|