drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in openafs
Name: |
Mehrere Probleme in openafs |
|
ID: |
DSA-5842-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian bookworm |
|
Datum: |
Sa, 11. Januar 2025, 18:45 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10397
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10396
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10394 |
|
Applikationen: |
OpenAFS |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5842-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso January 11, 2025 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : openafs CVE ID : CVE-2024-10394 CVE-2024-10396 CVE-2024-10397 Debian Bug : 1087406 1087407
Several vulnerabilities were discovered in OpenAFS, an implementation of the AFS distributed filesystem, which may result in theft of credentials in Unix client PAGs (CVE-2024-10394), fileserver crashes and information leak on StoreACL/FetchACL (CVE-2024-10396) or buffer overflows in XDR responses resulting in denial of service and potentially code execution (CVE-2024-10397).
For the stable distribution (bookworm), these problems have been fixed in version 1.8.9-1+deb12u1.
We recommend that you upgrade your openafs packages.
For the detailed security status of openafs please refer to its security tracker page at: https://security-tracker.debian.org/tracker/openafs
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmeCVn9fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RlGg//YOizHS/4uE2qeksEA9GdQroD51UhYckMFaNrtP4y3G/UjNKFE3l9b+wY oF3/hA6Z+7PDN6nQe9jRGiKdl1/22x5+l42RjRRU7p+8anIZl2rAHIUczVFLXFC0 N7+C+IUictTrPAlTFTi5Xdps68ZkLfXfx4eTJ6i1IwBUsdXpArghYhpePZfzpdH9 p4GheeCbETmuKQGhjpoqYSS1YxW2RA70vWPzO13F0WBhbxYr5FYmY+P1H6pi0rpH qRfvmpjRgWbIWJa1S5aAfyibSrsWSXEqqcJ44cI2iZXrL2ZMFJrAJoG+k6PQgIjx Qpz7oZRWCgYZ3+WpQHqMroQA5mEh5hlTsyfG/cfTIYIt54BfBgPMce2C7CVK/b7g 68f69mIj2dhPd8xIir8RX8FYnfDDmQmzCQs7ofFzGpPrFgQyatR4OtlxgLtoTHrM 6AHGu86QZuekMS7gU/PNYv4YtYrKDnGoyaHkyljqYkdNERTUym3JVWKyXJtl+pSu myhlZ8jMPxsI0DJ+rhGdQPanniLaKxxr9RNz1SC4dHSwjJT2Tjh0xyreMs1VZ+ns lbp+8wRZkmCA1S1R9P8ISwMNgTbx3Tf7P8na5KUN+hywcV4NYkFmHb1O7xRZV7av 5aIZqfLranfphyoUYPzYqgu9yS6zmuNrRGmQSlZfWnWdv6NTad8= =80li -----END PGP SIGNATURE-----
|
|
|
|