MGASA-2019-0021 Updated openafs packages fix security vulnerabilities

Jeffrey Altman reported that the backup tape controller butc process does accept incoming RPCs but does not require or allow for authentication of those RPCs, allowing an unauthenticated attacker to perform volume operations with administrator credentials CVE-2018-16947. Mark Vitale reported that...

MGASA-2015-0424 Updated openafs packages fix security vulnerabilities

Updated openafs packages fix security vulnerabilities: When constructing an Rx acknowledgment ACK packet, Andrew-derived Rx implementations do not initialize three octets of data that are padding in the C language structure and were inadvertently included in the wire protocol CVE-2015-7762...