Oval Definition:oval:org.mitre.oval:def:7881
Revision Date:2014-06-23Version:18
Title:DSA-1458 openafs -- programming error
Description:A race condition in the OpenAFS fileserver allows remote attackers to cause a denial of service (daemon crash) by simultaneously acquiring and giving back file callbacks, which causes the handler for the GiveUpAllCallBacks RPC to perform linked-list operations without the host_glock lock. For the old stable distribution (sarge), this problem has been fixed in version 1.3.81-3sarge3. For the stable distribution (etch), this problem has been fixed in version 1.4.2-6etch1. We recommend that you upgrade your openafs packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-6599
DSA-1458
Platform(s):Debian GNU/Linux 3.1
Debian GNU/Linux 4.0
Product(s):openafs
Definition Synopsis
  • Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • openafs-modules-source is earlier than 1.4.2-6etch1
  • OR openafs-doc is earlier than 1.4.2-6etch1
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is hppa
  • AND Packages section
  • openafs-client is earlier than 1.4.2-6etch1
  • OR openafs-dbserver is earlier than 1.4.2-6etch1
  • OR openafs-dbg is earlier than 1.4.2-6etch1
  • OR openafs-fileserver is earlier than 1.4.2-6etch1
  • OR libpam-openafs-kaserver is earlier than 1.4.2-6etch1
  • OR openafs-krb5 is earlier than 1.4.2-6etch1
  • OR openafs-kpasswd is earlier than 1.4.2-6etch1
  • OR libopenafs-dev is earlier than 1.4.2-6etch1
  • OR Release section
  • Debian GNU/Linux 3.1 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND openafs-modules-source is earlier than 1.3.81-3sarge3
  • OR Architecture dependent section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is hppa
  • AND Packages section
  • openafs-client is earlier than 1.3.81-3sarge3
  • OR openafs-dbserver is earlier than 1.3.81-3sarge3
  • OR openafs-fileserver is earlier than 1.3.81-3sarge3
  • OR libpam-openafs-kaserver is earlier than 1.3.81-3sarge3
  • OR libopenafs-dev is earlier than 1.3.81-3sarge3
  • OR openafs-kpasswd is earlier than 1.3.81-3sarge3
    • BACK