-
openafs (1.6.2-1+ubuntu2.1) raring-security; urgency=low
* SECURITY UPDATE: Brute force DES attack permits compromise of AFS cell.
- 0001-Add-rxkad-server-hook-function-to-decrypt-more-types.patch
- 0002-New-optional-rxkad-functionality-for-decypting-krb5-.patch
- 0003-Integrate-keytab-based-decryption-into-afsconf_Build.patch
- 0004-Derive-DES-fcrypt-session-key-from-other-key-types.patch
- 0005-Move-akimpersonate-to-libauth.patch
- 0006-Clean-up-akimpersonate-and-use-for-server-to-server.patch
- 0007-auth-Do-not-always-fallback-to-noauth.patch
- 0008-Avoid-calling-afsconf_GetLatestKey-directly.patch
- 0009-Reload-rxkad.keytab-on-CellServDB-modification.patch
- 0010-Add-support-for-deriving-DES-keys-to-klog.krb5.patch
- 0011 skipped because it was a version bump
- 0012-ubik-Fix-encryption-selection-in-ugen.patch
- Thanks to Chaskiel Grundman, Alexander Chernyakhovsky, Ben Kaduk,
Andrew Deason, and Michael Meffie for the above patch series.
- swap-libs.patch: Resolve FTBFS with newer toolchains. Thanks to Anders
Kaseorg.
- OPENAFS-SA-2013-003
- OPENAFS-SA-2013-004
- CVE-2013-4134
- CVE-2013-4135
- LP: #1204195
-- Luke Faraone <email address hidden> Tue, 23 Jul 2013 21:25:03 -0400
-
openafs (1.6.2-1+ubuntu2) raring; urgency=low
* Explicitly include -pthread in UAFS_XLIBS to fix build failure
-- Luke Faraone <email address hidden> Tue, 05 Mar 2013 01:01:49 -0500
-
openafs (1.6.2-1+ubuntu1) raring; urgency=low
* Merge from Debian.
- Fixes OPENAFS-SA-2013-001 and OPENAFS-SA-2013-002. (LP: #1145560)
* Apply upstream deltas for Linux 3.8 (LP: #1098843):
- [b61eac7] Linux: setpag() may replace credentials
- [c6d27e3] Linux 3.8: session_keyring changes
- [d0479bb] Linux 3.8: vmtruncate removal
-- Anders Kaseorg <email address hidden> Mon, 04 Mar 2013 22:40:09 -0500
-
openafs (1.6.2~pre2-2) experimental; urgency=low
* Restore include of <sys/param.h> in userspace builds of rx/rx_packet.h
to get a definition of MIN and MAX on, at least, powerpc. Thanks,
Andrew Deason.
-- Russ Allbery <email address hidden> Thu, 03 Jan 2013 12:06:41 -0800
-
openafs (1.6.1-2ubuntu2) quantal; urgency=low
* Really fix for kernel 3.5. (LP: #1015925)
-- Luke Yelavich <email address hidden> Thu, 13 Sep 2012 09:45:52 +1000