* SECURITY UPDATE: update ticket5 from heimdal. Avoids a double-free which
basically allows an arbitrary attack against any krb5-aware Rx service by
exploiting when the double-free occurs in asn1 payloads which came from
the wire. Patch thanks to Debian.
- CVE-2011-0430:
* SECURITY UPDATE: Use correct type of error in flock code. Patch thanks to
Debian.
- CVE-2011-0431
- LP: #723121
-- Christian Biamont <email address hidden> Fri, 19 Aug 2011 11:06:14 +0200
This bug was fixed in the package openafs - 1.4.12+ dfsg-3+ ubuntu0. 1
--------------- dfsg-3+ ubuntu0. 1) lucid-security; urgency=low
openafs (1.4.12+
* SECURITY UPDATE: update ticket5 from heimdal. Avoids a double-free which
basically allows an arbitrary attack against any krb5-aware Rx service by
exploiting when the double-free occurs in asn1 payloads which came from
the wire. Patch thanks to Debian.
- CVE-2011-0430:
* SECURITY UPDATE: Use correct type of error in flock code. Patch thanks to
Debian.
- CVE-2011-0431
- LP: #723121
-- Christian Biamont <email address hidden> Fri, 19 Aug 2011 11:06:14 +0200