 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Wed, 20 Apr 2011 16:22:30 -0500 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Synopsis: Low: openafs security and bug fix update
Issue date: 2011-04-20
CVE Names: CVE-2011-0430 CVE-2011-0431
Double free vulnerability in the Rx server process in OpenAFS 1.4.14,
1.4.12, 1.4.7, and possibly other versions allows remote attackers to
cause a denial of service and execute arbitrary code via unknown
vectors. (CVE-2011-0430)
The afs_linux_lock function in afs/LINUX/osi_vnodeops.c in the kernel
module in OpenAFS 1.4.14, 1.4.12, 1.4.7, and possibly other versions
does not properly handle errors, which allows attackers to cause a
denial of service via unknown vectors. (CVE-2011-0431)
This update will also bring all the SL4 and SL5 openafs versions up to
the same version.
SL 4.x
SRPMS:
openafs-1.4.14-80.sl4.src.rpm
i386:
openafs-1.4.14-80.sl4.i686.rpm
openafs-authlibs-1.4.14-80.sl4.i686.rpm
openafs-authlibs-devel-1.4.14-80.sl4.i686.rpm
openafs-client-1.4.14-80.sl4.i686.rpm
openafs-compat-1.4.14-80.sl4.i686.rpm
openafs-debug-1.4.14-80.sl4.i686.rpm
openafs-devel-1.4.14-80.sl4.i686.rpm
openafs-kernel-source-1.4.14-80.sl4.i686.rpm
openafs-kpasswd-1.4.14-80.sl4.i686.rpm
openafs-krb5-1.4.14-80.sl4.i686.rpm
openafs-server-1.4.14-80.sl4.i686.rpm
kernel-module-openafs-2.6.9-89.35.1.EL-1.4.14-80.sl4.i686.rpm
kernel-module-openafs-2.6.9-89.35.1.ELhugemem-1.4.14-80.sl4.i686.rpm
kernel-module-openafs-2.6.9-89.35.1.ELsmp-1.4.14-80.sl4.i686.rpm
kernel-module-openafs-2.6.9-89.35.1.ELxenU-1.4.14-80.sl4.i686.rpm
...
... kernel modules for all released SL4 i386 kernels
...
x86_64:
openafs-1.4.14-80.sl4.x86_64.rpm
openafs-authlibs-1.4.14-80.sl4.x86_64.rpm
openafs-authlibs-devel-1.4.14-80.sl4.x86_64.rpm
openafs-client-1.4.14-80.sl4.x86_64.rpm
openafs-compat-1.4.14-80.sl4.x86_64.rpm
openafs-debug-1.4.14-80.sl4.x86_64.rpm
openafs-devel-1.4.14-80.sl4.x86_64.rpm
openafs-kernel-source-1.4.14-80.sl4.x86_64.rpm
openafs-kpasswd-1.4.14-80.sl4.x86_64.rpm
openafs-krb5-1.4.14-80.sl4.x86_64.rpm
openafs-server-1.4.14-80.sl4.x86_64.rpm
kernel-module-openafs-2.6.9-89.35.1.EL-1.4.14-80.sl4.x86_64.rpm
kernel-module-openafs-2.6.9-89.35.1.ELlargesmp-1.4.14-80.sl4.x86_64.rpm
kernel-module-openafs-2.6.9-89.35.1.ELsmp-1.4.14-80.sl4.x86_64.rpm
kernel-module-openafs-2.6.9-89.35.1.ELxenU-1.4.14-80.sl4.x86_64.rpm
...
... kernel modules for all released SL4 x86_64 kernels
...
SL 5.x
SRPMS:
openafs-1.4.14-80.sl5.src.rpm
i386:
openafs-1.4.14-80.sl5.i686.rpm
openafs-authlibs-1.4.14-80.sl5.i686.rpm
openafs-authlibs-devel-1.4.14-80.sl5.i686.rpm
openafs-client-1.4.14-80.sl5.i686.rpm
openafs-compat-1.4.14-80.sl5.i686.rpm
openafs-debug-1.4.14-80.sl5.i686.rpm
openafs-devel-1.4.14-80.sl5.i686.rpm
openafs-kernel-source-1.4.14-80.sl5.i686.rpm
openafs-kpasswd-1.4.14-80.sl5.i686.rpm
openafs-krb5-1.4.14-80.sl5.i686.rpm
openafs-server-1.4.14-80.sl5.i686.rpm
kernel-module-openafs-2.6.18-238.9.1.el5-1.4.14-80.sl5.i686.rpm
kernel-module-openafs-2.6.18-238.9.1.el5PAE-1.4.14-80.sl5.i686.rpm
kernel-module-openafs-2.6.18-238.9.1.el5xen-1.4.14-80.sl5.i686.rpm
...
... kernel modules for all released SL5 i386 kernels
...
x86_64:
openafs-1.4.14-80.sl5.x86_64.rpm
openafs-authlibs-1.4.14-80.sl5.x86_64.rpm
openafs-authlibs-devel-1.4.14-80.sl5.x86_64.rpm
openafs-client-1.4.14-80.sl5.x86_64.rpm
openafs-compat-1.4.14-80.sl5.x86_64.rpm
openafs-debug-1.4.14-80.sl5.x86_64.rpm
openafs-devel-1.4.14-80.sl5.x86_64.rpm
openafs-kernel-source-1.4.14-80.sl5.x86_64.rpm
openafs-kpasswd-1.4.14-80.sl5.x86_64.rpm
openafs-krb5-1.4.14-80.sl5.x86_64.rpm
openafs-server-1.4.14-80.sl5.x86_64.rpm
kernel-module-openafs-2.6.18-238.9.1.el5-1.4.14-80.sl5.x86_64.rpm
kernel-module-openafs-2.6.18-238.9.1.el5xen-1.4.14-80.sl5.x86_64.rpm
...
... kernel modules for all released SL5 x86_64 kernels
...
- Scientific Linux Development Team
|
|
|
