Ubuntu
openafs package

  1. Bug #723121
  2. Comment #9

Comment 9 for bug 723121

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openafs - 1.4.12+dfsg-3+ubuntu0.1

---------------
openafs (1.4.12+dfsg-3+ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: update ticket5 from heimdal. Avoids a double-free which
    basically allows an arbitrary attack against any krb5-aware Rx service by
    exploiting when the double-free occurs in asn1 payloads which came from
    the wire. Patch thanks to Debian.
    - CVE-2011-0430:
  * SECURITY UPDATE: Use correct type of error in flock code. Patch thanks to
    Debian.
    - CVE-2011-0431
    - LP: #723121
 -- Christian Biamont <email address hidden> Fri, 19 Aug 2011 11:06:14 +0200