[SECURITY] [DLA 733-1] openafs security update

2016-12-03T22:42:13
ID DEBIAN:DLA-733-1:B1855
Type debian
Reporter Debian
Modified 2016-12-03T22:42:13

Description

Package : openafs Version : 1.6.1-3+deb7u7 CVE ID : CVE-2016-9772

It was discovered that there was an information leak vulnerability in openafs, a distributed filesystem.

Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain 'dead' directory entry information.

For Debian 7 "Wheezy", this issue has been fixed in openafs version 1.6.1-3+deb7u7.

We recommend that you upgrade your openafs packages.

Regards,


  ,''`.
 : :'  :     Chris Lamb
 `. `'`      lamby@debian.org / chris-lamb.co.uk
   `-