LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Critical: openafs security update
Advisory ID:       OPENAFS-SA-2015-007
Issue Date:        2015-10-21
CVE Numbers:       CVE-2015-7762
                    CVE-2015-7763
--

This release fixes the high impact security vulnerability named
"Tattletale"

The packet paylod of Rx ACK packets is not fully initialized, leaking
plaintext from packets previously processed.

--
SL5
   x86_64
kernel-module-openafs-2.6.18-406.el5-1.4.15-88.sl5.x86_64.rpm
kernel-module-openafs-2.6.18-406.el5xen-1.4.15-88.sl5.x86_64.rpm
     openafs-1.4.15-88.sl5.x86_64.rpm
     openafs-authlibs-1.4.15-88.sl5.x86_64.rpm
     openafs-authlibs-devel-1.4.15-88.sl5.x86_64.rpm
     openafs-client-1.4.15-88.sl5.x86_64.rpm
     openafs-compat-1.4.15-88.sl5.x86_64.rpm
     openafs-debug-1.4.15-88.sl5.x86_64.rpm
     openafs-devel-1.4.15-88.sl5.x86_64.rpm
     openafs-kernel-source-1.4.15-88.sl5.x86_64.rpm
     openafs-kpasswd-1.4.15-88.sl5.x86_64.rpm
     openafs-krb5-1.4.15-88.sl5.x86_64.rpm
     openafs-server-1.4.15-88.sl5.x86_64.rpm
   i386
kernel-module-openafs-2.6.18-406.el5-1.4.15-88.sl5.i686.rpm
kernel-module-openafs-2.6.18-406.el5PAE-1.4.15-88.sl5.i686.rpm
kernel-module-openafs-2.6.18-406.el5xen-1.4.15-88.sl5.i686.rpm
     openafs-1.4.15-88.sl5.i386.rpm
     openafs-authlibs-1.4.15-88.sl5.i386.rpm
     openafs-authlibs-devel-1.4.15-88.sl5.i386.rpm
     openafs-client-1.4.15-88.sl5.i386.rpm
     openafs-compat-1.4.15-88.sl5.i386.rpm
     openafs-debug-1.4.15-88.sl5.i386.rpm
     openafs-devel-1.4.15-88.sl5.i386.rpm
     openafs-kernel-source-1.4.15-88.sl5.i386.rpm
     openafs-kpasswd-1.4.15-88.sl5.i386.rpm
     openafs-krb5-1.4.15-88.sl5.i386.rpm
     openafs-server-1.4.15-88.sl5.i386.rpm
SL6
   x86_64
     kmod-openafs-573-1.6.14-219.sl6.573.3.1.x86_64.rpm
     openafs-1.6.14-219.sl6.x86_64.rpm
     openafs-authlibs-1.6.14-219.sl6.x86_64.rpm
     openafs-authlibs-devel-1.6.14-219.sl6.x86_64.rpm
     openafs-client-1.6.14-219.sl6.x86_64.rpm
     openafs-compat-1.6.14-219.sl6.x86_64.rpm
     openafs-devel-1.6.14-219.sl6.x86_64.rpm
     openafs-kernel-source-1.6.14-219.sl6.x86_64.rpm
     openafs-kpasswd-1.6.14-219.sl6.x86_64.rpm
     openafs-krb5-1.6.14-219.sl6.x86_64.rpm
     openafs-module-tools-1.6.14-219.sl6.x86_64.rpm
     openafs-plumbing-tools-1.6.14-219.sl6.x86_64.rpm
     openafs-server-1.6.14-219.sl6.x86_64.rpm
   i386
     kmod-openafs-573-1.6.14-219.sl6.573.3.1.i686.rpm
     openafs-1.6.14-219.sl6.i686.rpm
     openafs-authlibs-1.6.14-219.sl6.i686.rpm
     openafs-authlibs-devel-1.6.14-219.sl6.i686.rpm
     openafs-client-1.6.14-219.sl6.i686.rpm
     openafs-compat-1.6.14-219.sl6.i686.rpm
     openafs-devel-1.6.14-219.sl6.i686.rpm
     openafs-kernel-source-1.6.14-219.sl6.i686.rpm
     openafs-kpasswd-1.6.14-219.sl6.i686.rpm
     openafs-krb5-1.6.14-219.sl6.i686.rpm
     openafs-module-tools-1.6.14-219.sl6.i686.rpm
     openafs-plumbing-tools-1.6.14-219.sl6.i686.rpm
     openafs-server-1.6.14-219.sl6.i686.rpm
SL7
   x86_64
kmod-openafs-1.6-sl-229-1.6.14-219.sl7.229.14.1.x86_64.rpm
     openafs-1.6-sl-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-authlibs-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-authlibs-devel-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-client-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-compat-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-devel-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-kernel-source-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-kpasswd-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-krb5-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-module-tools-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-plumbing-tools-1.6.14-219.sl7.x86_64.rpm
     openafs-1.6-sl-server-1.6.14-219.sl7.x86_64.rpm

- Scientific Linux Development Team