Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.1
openafs
RELNOTES-1.8.2
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File RELNOTES-1.8.2 of Package openafs
User-Visible OpenAFS Changes OpenAFS 1.8.2 All platforms * Fix OPENAFS-SA-2018-002: information leakage in RPC output variables Various RPC routines did not always initialize all output fields, exposing memory contents to network attackers. The relevant RPCs include an AFSCB_ RPC, so cache managers are affected as well as servers. All server platforms * Fix OPENAFS-SA-2018-003: denial of service due to excess resource consumption Various RPCs were defined as allowing unbounded arrays as input, allowing an unauthenticated attacker to cause excess memory allocation and tie up network bandwidth by sending (or claiming to send) large input arrays. * Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc On systems using the in-tree backup system, the butc process was running with administrative credentials, but accepted incoming RPCs over unauthenticated connections; these incoming RPCs in turn triggered outgoing RPCs using the administrative credentials. Unauthenticated attackers could construct volue dumps containing arbitrary contents and cause these dumps to be restored and overwrite arbitrary volume contents; afterward, the backup database could be restored to its initial state, hiding evidence of the unauthorized changes. Running butc with -localauth now requires authenticated incoming connections, and the backup utility makes authenticated connections to the butc. Audit capabilities have been added to the butc RPC handlers. Command-line arguments are provided to retain the (insecure) historical behavior until all systems have been upgraded.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor