openafs -- several vulnerabilities

2013-07-28T00:00:00
ID DSA-2729
Type debian
Reporter Debian
Modified 2013-07-28T00:00:00

Description

OpenAFS, the implementation of the distributed filesystem AFS, has been updated to no longer use DES for the encryption of tickets. Additional migration steps are needed to fully set the update into effect. For more information please see the upstream advisory: OPENAFS-SA-2013-003

In addition the encrypt option to the vos tool was fixed.

For the oldstable distribution (squeeze), these problems have been fixed in version 1.4.12.1+dfsg-4+squeeze2.

For the stable distribution (wheezy), these problems have been fixed in version 1.6.1-3+deb7u1.

For the unstable distribution (sid), these problems have been fixed in version 1.6.5-1.

We recommend that you upgrade your openafs packages.