This bug was fixed in the package openafs - 1.4.12+dfsg-3+ubuntu0.1
---
openafs (1.4.12+dfsg-3+ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: update ticket5 from heimdal. Avoids a double-free which
basically allows an arbitrary attack against any krb5-aware Rx service
In the interest of time, I have made the requested changes. Comparing
with Debian, the patch looks good. I'll upload this to the security
queue and publish it when it is done.
** Changed in: openafs (Ubuntu Lucid)
Status: Incomplete => In Progress
--
You received this bug notification bec
Actually the version number must be 1.4.12.1+dfsg-3+ubuntu0.1 (note the second
+). This is needed for all kernel module packages that build with
module-assistant, because of
https://bugs.launchpad.net/ubuntu/+source/openafs/+bug/660360/comments/6
--
You received this bug notification because y
Although I'm not on the security team, I've reviewed your debdiff and there
still seem to be a couple of problems, both of which can be picked up from
https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Update_the_packaging
*) The first, and less important, is the version. From that table it
** Changed in: openafs (Ubuntu Lucid)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/723121
Title:
Security bugs "DSA-2168-1 openafs -- several vulnerabilitie
Merge from debian package.
- CVE-2011-0430: update ticket5 from heimdal. Avoids a double-free which
basically allows an arbitrary attack against any krb5-aware Rx service by
exploiting when the double-free occurs in asn1 payloads which came from the
wire.
- CVE-2011-0431: Us
** Tags added: patch-needswork
** Tags removed: patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/723121
Title:
Security bugs "DSA-2168-1 openafs -- several vulnerabilities"
--
ubuntu-bugs mailin
Natty is not affected.
** Changed in: openafs (Ubuntu Natty)
Status: Incomplete => Fix Released
** Changed in: openafs (Ubuntu Natty)
Assignee: Niklas Wennerstrand (niklaswe) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a di
Niklas, thank you for preparing a debdiff, however there are several problems:
1. it is a debdiff going the wrong way (eg, it doesn't add the patches to
lucid, but takes them away from squeeze)
2. the debdiff is the complete differences between lucid and squeeze. Since
these versions do not sure
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
https://bugs.launchpad.net/bugs/723121
Title:
Security bugs "DSA-2168-1 openafs -- several vulnerabilities"
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.c
Hello,
I have made debdiff between openafs_1.4.12.1+dfsg-4.dsc (Debian Squeeze fixed
patch.) and
Ubuntu lucid openafs_1.4.12+dfsg-3.dsc.
I have choose this packages because this was the last "fixed" for debian
stable and the reason why i take Ubuntu openafs_1.4.12+dfsg-3.dsc is
that i using th
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
posting a debdiff for this issue. When a debdiff is available, members
of the security team
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0430
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0431
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/7231
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/723121
Title:
Security bugs "DSA-2168-1 openafs -- several vulnerabilities"
--
ubuntu-bugs mailing list
ubuntu-bugs@l
14 matches
Mail list logo
