-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 19 Mar 2007 15:56:43 -0400 Source: openafs Binary: openafs-client libopenafs-dev openafs-dbserver openafs-modules-source openafs-fileserver openafs-kpasswd libpam-openafs-kaserver Architecture: source i386 all Version: 1.3.81-3sarge2 Distribution: stable-security Urgency: high Maintainer: noahm@debian.org Changed-By: Noah Meyerhans <noahm@debian.org> Description: libopenafs-dev - The AFS distributed filesystem- development libraries libpam-openafs-kaserver - The AFS distributed filesystem- kaserver PAM module openafs-client - The AFS distributed filesystem- client support openafs-dbserver - The AFS distributed filesystem- database server openafs-fileserver - The AFS distributed filesystem- file server openafs-kpasswd - The AFS distributed filesystem- old password changing openafs-modules-source - The AFS distributed filesystem- Module Sources Changes: openafs (1.3.81-3sarge2) stable-security; urgency=high . * Non-maintainer upload by the Security Team. * Apply upstream patch to disable setuid status on all cells by default. Prior versions of AFS defaulted to honoring setuid bits in the local cell, but since unauthenticated file access in AFS is unencrypted, an attacker could forge packets from an AFS file server to synthesize a setuid binary in AFS. (CVE-2007-1507, OPENAFS-SA-2007-001) Files: 45351031494d87ff12f1bf08d14533f9 851 net optional openafs_1.3.81-3sarge2.dsc 5804a2d738b2ec24f4055489c6287dca 262444 net optional openafs_1.3.81-3sarge2.diff.gz e71b35c9862df561b51b67a3c90fafc9 4491356 net extra openafs-modules-source_1.3.81-3sarge2_all.deb 05dba8404a3d8257e06b612cf07efc74 1549640 net optional openafs-client_1.3.81-3sarge2_i386.deb 11e4dfaf88f70f36cf9d25d9c18998aa 205962 net extra openafs-kpasswd_1.3.81-3sarge2_i386.deb 86567fbce7562f935b17a7e760bb9fbc 783268 net optional openafs-fileserver_1.3.81-3sarge2_i386.deb 752c5b703fa2f013ddd21817d82749f4 467028 net optional openafs-dbserver_1.3.81-3sarge2_i386.deb d57b49ef1af6ca9c0b1b35066ecb20dd 1260276 libdevel extra libopenafs-dev_1.3.81-3sarge2_i386.deb 5008556d2e73108e1c3db41643df22b3 217288 net extra libpam-openafs-kaserver_1.3.81-3sarge2_i386.deb d754e92f7a0cd9824991c850e001884c 13455346 net extra openafs_1.3.81.orig.tar.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGAAc+YrVLjBFATsMRAgdQAJ9sAd7omedUbFf6zHm1VGNfpxeAbwCfZykF 09WCkWrKNHviW9FMmvEC7NU= =7njU -----END PGP SIGNATURE----- Accepted: libopenafs-dev_1.3.81-3sarge2_i386.deb to pool/main/o/openafs/libopenafs-dev_1.3.81-3sarge2_i386.deb libpam-openafs-kaserver_1.3.81-3sarge2_i386.deb to pool/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge2_i386.deb openafs-client_1.3.81-3sarge2_i386.deb to pool/main/o/openafs/openafs-client_1.3.81-3sarge2_i386.deb openafs-dbserver_1.3.81-3sarge2_i386.deb to pool/main/o/openafs/openafs-dbserver_1.3.81-3sarge2_i386.deb openafs-fileserver_1.3.81-3sarge2_i386.deb to pool/main/o/openafs/openafs-fileserver_1.3.81-3sarge2_i386.deb openafs-kpasswd_1.3.81-3sarge2_i386.deb to pool/main/o/openafs/openafs-kpasswd_1.3.81-3sarge2_i386.deb openafs-modules-source_1.3.81-3sarge2_all.deb to pool/main/o/openafs/openafs-modules-source_1.3.81-3sarge2_all.deb openafs_1.3.81-3sarge2.diff.gz to pool/main/o/openafs/openafs_1.3.81-3sarge2.diff.gz openafs_1.3.81-3sarge2.dsc to pool/main/o/openafs/openafs_1.3.81-3sarge2.dsc