Summary: | OpenAFS latest is 1.2.9a _not_ 1.3.2-r1 | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Nick Palmer <nicholas> |
Component: | New packages | Assignee: | Gentoo Linux bug wranglers <bug-wranglers> |
Status: | RESOLVED WONTFIX | ||
Severity: | normal | CC: | nicholas |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://openafs.org/release/latest.html | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
Ebuild for OpenAFS 1.2.9a
Ebuild for OpenAFS 1.2.9a Ebuild for OpenAFS 1.2.9a Patch for pinstall for 1.2.9a Digest for 1.2.9a. |
Description
Nick Palmer
2003-07-27 13:34:27 UTC
Created attachment 15091 [details]
Ebuild for OpenAFS 1.2.9a
Attaching the ebuild for 1.2.9a.
Created attachment 15092 [details]
Ebuild for OpenAFS 1.2.9a
Attaching the ebuild for 1.2.9a.
Created attachment 15093 [details]
Ebuild for OpenAFS 1.2.9a
Attaching the ebuild for 1.2.9a.
Created attachment 15094 [details, diff]
Patch for pinstall for 1.2.9a
Sorry for the multiple attachements of teh ebuild. Got an error posting it so
retried, and it ended up in here multiple times. Marked the duplicates as
obsolete.
Created attachment 15095 [details]
Digest for 1.2.9a.
Digest for 1.2.9a.
please follow GLSA http://forums.gentoo.org/viewtopic.php?t=44890 1.2.9.a fixes the vulnerability that is listed in http://forums.gentoo.org/viewtopic.php?t=44890 You have to follow the link to the OpenAFS advisory @ http://www.openafs.org/pages/security/OPENAFS-SA-2003-001.txt And in the Fixes section you find FIXES ===== The OpenAFS project recomments that all users of kaserver disable all cross-realm authentication, by either deleting cross-realm keys (using "kas delete"; simply disabling the keys is insufficient), upgrading to OpenAFS 1.2.9 when it becomes available (where kaserver cross-realm authentication is disabled by default), or applying this kaserver patch, which disables cross-realm authentication in kaserver by default: So it looks like 1.2.9a is safe (or at least as safe as 1.3.2). |