Overview Details Repositories Revisions Requests Users Attributes Meta
update for nfs-utils

This update of nfs-utils includes several bug and security fixes.
- gssd-reverse-dns-fix: Allow DNS lookups to be
avoided when determining kerberos identity of
server. The GSSD_OPTIONS sysconfig
variable is added so that use of DNS can
be enforced for sites that need it.
(bnc#813464 CVE-2013-1923)
- gssd-n.fix: linux-3.7 changed behaviour of gssd
lookups so that "gssd -n" isn't sufficient to stop
the use of "machine credentials". This patch
add "-N" which stops the new use as well.
Also add GSSD_OPTIONS to sysconfig so these flags
can be set more easily. (bnc#817651)
- mountd-fix-exporting-of-with-sec-setting.patch
Fix bug when exporting root filesystem with
gss security. (bnc#809226)

- mountd-fix-error-check.patch: check for errors
with exporting filesystems correctly (bnc#809226)

- nfsserver.init: make sure warning about bind=
being deprecated goes to terminal and not into
/run/nfs/bind.mounts (bnc#809226)

Fixed bugs
bnc#809226
nfs initscript incorrectly unmounts mountpoints at shutdown (bind= directive)
bnc#813464
VUL-0: CVE-2013-1923: nfs-utils: rpc-gssd is vulnerable to DNS spoofing
bnc#817651
Kernel 3.7 and newer breaks rpc.gssd -n and thus update of nfs-client package for openSUSE 12.3 needed
CVE-CVE-2013-1923
Selected Binaries
openSUSE Build Service is sponsored by
Places