-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 17 Mar 2016 00:55:42 -0400 Source: openafs Binary: openafs-client openafs-fuse openafs-kpasswd openafs-fileserver openafs-dbserver openafs-doc openafs-krb5 libkopenafs1 libafsauthent1 libafsrpc1 libopenafs-dev openafs-modules-source openafs-modules-dkms libpam-openafs-kaserver openafs-dbg Architecture: source Version: 1.6.17-1 Distribution: unstable Urgency: high Maintainer: Benjamin Kaduk <kaduk@mit.edu> Changed-By: Anders Kaseorg <andersk@mit.edu> Description: libafsauthent1 - AFS distributed file system runtime library (authentication) libafsrpc1 - AFS distributed file system runtime library (RPC layer) libkopenafs1 - AFS distributed file system runtime library (PAGs) libopenafs-dev - AFS distributed filesystem development libraries libpam-openafs-kaserver - AFS distributed filesystem kaserver PAM module openafs-client - AFS distributed filesystem client support openafs-dbg - AFS distributed filesystem debugging information openafs-dbserver - AFS distributed filesystem database server openafs-doc - AFS distributed filesystem documentation openafs-fileserver - AFS distributed filesystem file server openafs-fuse - AFS distributed file system experimental FUSE client openafs-kpasswd - AFS distributed filesystem old password changing openafs-krb5 - AFS distributed filesystem Kerberos 5 integration openafs-modules-dkms - AFS distributed filesystem kernel module DKMS source openafs-modules-source - AFS distributed filesystem kernel module source Closes: 815521 Changes: openafs (1.6.17-1) unstable; urgency=high . * New upstream release 1.6.16. - Fix bosserver crashes related to fixed-sized buffers. - Fix potential denial of service issue in pioctl logic (CVE-2015-8312). - Provide a new vos remaddrs subcommand for removing server entries. - Allow pioctls to work with read-only /proc (e.g. Docker containers). * New upstream security release 1.6.17. - Prevent users in foreign Kerberos realms from creating groups as if they were administrators (CVE-2016-2860). - Fix an information leak of uninitialized memory over the network. - Fix a crash when the AFS root volume is not found. * debian/patches/Linux-4.4-key_payload-has-no-member-value.patch, debian/patches/Linux-4.4-Use-locks_lock_file_wait.patch, debian/patches/Linux-4.4-Do-not-use-splice.patch: Add upstream patches for current Linux kernel support. (Closes: #815521) Checksums-Sha1: 317fffe37f8acc46a0f5e5fa9ad08ab16cfad36a 3828 openafs_1.6.17-1.dsc 02073e2e77d475c94ab10c11a0e86fe8a191e780 6657064 openafs_1.6.17.orig.tar.xz e5f73a9e57e11f0f64f6693ee3e0e8e72885528f 136976 openafs_1.6.17-1.debian.tar.xz Checksums-Sha256: bb6427b70b0c8c8391bbf4800318a9fa509405a52414f3385275bfa510b9e693 3828 openafs_1.6.17-1.dsc f05e52411e92b1901e1955d4b5d1c1a22c599c772e153a781d38ac72e54ed53f 6657064 openafs_1.6.17.orig.tar.xz 450bc4c85ed4c7bb5436fdf9e12762d0405a8cf4a010fb749a8d9dfc8f65f112 136976 openafs_1.6.17-1.debian.tar.xz Files: fc9de12ef23177b4f9ef59604aa88f4d 3828 net optional openafs_1.6.17-1.dsc 2c8d235e3f1f40c4a59406c9cfa62244 6657064 net optional openafs_1.6.17.orig.tar.xz c8bd3badc75fefc4f1e5522355388f60 136976 net optional openafs_1.6.17-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQGcBAEBCAAGBQJW6lvnAAoJEN/zqzdPFvc6x8oMAJ1KGMtXiElWbX8Wcyq0ReFy O3nr+DK6N12gWZnryihl733NXrFhqlqHhRm1ncJEWgqHF9i0d62PuYtlXb7DYyhY fpZGU0+3XjTZSwfsCC/Bp5uV5FdVKfIUyjGyJR8wlMr7e82ckNe7HgncKxbKOVlV FrFEG7yjaSp2pZFQE+H2KLNaDAe5GmSPz1LOnP675zNNjhD+KSdtgy81gErw37vO /faWTtYT3f5soGzUdCvStwHG7V2b87D/tSF9F2caoM6iF0Ag42g4FpEqEQw1/9fO 1IxWmbirtLIeiDFmuI3NatIX0KcDUK44+vurr8r3YyhUN5uO3j26XSOKYJ4HKwkO vSIC9tfFySYIK/0dTMXguWZpVYGxj/UAVw/myQUFDWZPvdSeJpJSvkQDxuufkDHz sh3EALeXjVH4NMnANB5Spm6PA7VWD5q5DfBEx0FksoM9zpmvGUE2vg0tM1QrLe3K FXkP50sEZi2164s8CJngqZsywwOgmBId8cj7rEwwjg== =sPtr -----END PGP SIGNATURE-----