SCIENTIFIC-LINUX-ERRATA Archives

July 2015

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Important: openafs on SL5.x, SL6.x, SL7.x i386/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Thu, 30 Jul 2015 14:33:20 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (118 lines) 
Synopsis:          Important: openafs security update

Issue Date:        2015-07-30

CVE Numbers:       CVE-2015-3282

                    CVE-2015-3283

                    CVE-2015-3284

                    CVE-2015-3285

--

This update resolves the following issues:



   All server platforms



     * Fix for CVE-2015-3282: vos leaks stack data onto the wire in the

       clear when creating vldb entries



     * Workaround for CVE-2015-3283: bos commands can be spoofed,

       including some which alter server state



     * Disabled searching the VLDB by volume name regular expression to

       avoid possible buffer overruns in the volume location server



   All client platforms



     * Fix for CVE-2015-3284: pioctls leak kernel memory



     * Fix for CVE-2015-3285: kernel pioctl support for OSD command

       passing can trigger a panic



After installing the update, you must restart your AFS connections

and AFS services.



--



SL5

   x86_64

      kernel-module-openafs-2.6.18-404.el5-1.4.15-86.sl5.x86_64.rpm

      kernel-module-openafs-2.6.18-404.el5xen-1.4.15-86.sl5.x86_64.rpm

      kernel-module-openafs-2.6.18-406.el5-1.4.15-86.sl5.x86_64.rpm

      kernel-module-openafs-2.6.18-406.el5xen-1.4.15-86.sl5.x86_64.rpm

      openafs-1.4.15-86.sl5.x86_64.rpm

      openafs-authlibs-1.4.15-86.sl5.x86_64.rpm

      openafs-authlibs-devel-1.4.15-86.sl5.x86_64.rpm

      openafs-client-1.4.15-86.sl5.x86_64.rpm

      openafs-compat-1.4.15-86.sl5.x86_64.rpm

      openafs-debug-1.4.15-86.sl5.x86_64.rpm

      openafs-devel-1.4.15-86.sl5.x86_64.rpm

      openafs-kernel-source-1.4.15-86.sl5.x86_64.rpm

      openafs-kpasswd-1.4.15-86.sl5.x86_64.rpm

      openafs-krb5-1.4.15-86.sl5.x86_64.rpm

      openafs-server-1.4.15-86.sl5.x86_64.rpm



   i386

      kernel-module-openafs-2.6.18-404.el5-1.4.15-86.sl5.i686.rpm

      kernel-module-openafs-2.6.18-404.el5PAE-1.4.15-86.sl5.i686.rpm

      kernel-module-openafs-2.6.18-404.el5xen-1.4.15-86.sl5.i686.rpm

      kernel-module-openafs-2.6.18-406.el5-1.4.15-86.sl5.i686.rpm

      kernel-module-openafs-2.6.18-406.el5PAE-1.4.15-86.sl5.i686.rpm

      kernel-module-openafs-2.6.18-406.el5xen-1.4.15-86.sl5.i686.rpm

      openafs-1.4.15-86.sl5.i386.rpm

      openafs-authlibs-1.4.15-86.sl5.i386.rpm

      openafs-authlibs-devel-1.4.15-86.sl5.i386.rpm

      openafs-client-1.4.15-86.sl5.i386.rpm

      openafs-compat-1.4.15-86.sl5.i386.rpm

      openafs-debug-1.4.15-86.sl5.i386.rpm

      openafs-devel-1.4.15-86.sl5.i386.rpm

      openafs-kernel-source-1.4.15-86.sl5.i386.rpm

      openafs-kpasswd-1.4.15-86.sl5.i386.rpm

      openafs-krb5-1.4.15-86.sl5.i386.rpm

      openafs-server-1.4.15-86.sl5.i386.rpm

SL6

   x86_64

      kmod-openafs-504-1.6.13-215.sl6.504.x86_64.rpm

      openafs-1.6.13-215.sl6.x86_64.rpm

      openafs-authlibs-1.6.13-215.sl6.x86_64.rpm

      openafs-authlibs-devel-1.6.13-215.sl6.x86_64.rpm

      openafs-client-1.6.13-215.sl6.x86_64.rpm

      openafs-compat-1.6.13-215.sl6.x86_64.rpm

      openafs-devel-1.6.13-215.sl6.x86_64.rpm

      openafs-kernel-source-1.6.13-215.sl6.x86_64.rpm

      openafs-kpasswd-1.6.13-215.sl6.x86_64.rpm

      openafs-krb5-1.6.13-215.sl6.x86_64.rpm

      openafs-module-tools-1.6.13-215.sl6.x86_64.rpm

      openafs-plumbing-tools-1.6.13-215.sl6.x86_64.rpm

      openafs-server-1.6.13-215.sl6.x86_64.rpm

   i386

      kmod-openafs-504-1.6.13-215.sl6.504.i686.rpm

      openafs-1.6.13-215.sl6.i686.rpm

      openafs-authlibs-1.6.13-215.sl6.i686.rpm

      openafs-authlibs-devel-1.6.13-215.sl6.i686.rpm

      openafs-client-1.6.13-215.sl6.i686.rpm

      openafs-compat-1.6.13-215.sl6.i686.rpm

      openafs-devel-1.6.13-215.sl6.i686.rpm

      openafs-kernel-source-1.6.13-215.sl6.i686.rpm

      openafs-kpasswd-1.6.13-215.sl6.i686.rpm

      openafs-krb5-1.6.13-215.sl6.i686.rpm

      openafs-module-tools-1.6.13-215.sl6.i686.rpm

      openafs-plumbing-tools-1.6.13-215.sl6.i686.rpm

      openafs-server-1.6.13-215.sl6.i686.rpm

SL7

   x86_64

      kmod-openafs-1.6-sl-229-1.6.13-215.sl7.229.1.2.x86_64.rpm

      openafs-1.6-sl-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-authlibs-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-authlibs-devel-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-client-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-compat-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-devel-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-kernel-source-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-kpasswd-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-krb5-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-module-tools-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-plumbing-tools-1.6.13-215.sl7.x86_64.rpm

      openafs-1.6-sl-server-1.6.13-215.sl7.x86_64.rpm









- Scientific Linux Development Team

ATOM RSS1 RSS2