-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 25 Dec 2024 21:19:02 +0100 Source: openafs Binary: libafsauthent2 libafsauthent2-dbgsym libafsrpc2 libafsrpc2-dbgsym libkopenafs2 libkopenafs2-dbgsym libopenafs-dev libopenafs-dev-dbgsym openafs-client openafs-client-dbgsym openafs-dbserver openafs-dbserver-dbgsym openafs-fileserver openafs-fileserver-dbgsym openafs-fuse openafs-fuse-dbgsym openafs-krb5 openafs-krb5-dbgsym Architecture: i386 Version: 1.8.9-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: i386 Build Daemon (x86-grnet-01) Changed-By: Salvatore Bonaccorso Description: libafsauthent2 - AFS distributed file system runtime library (authentication) libafsrpc2 - AFS distributed file system runtime library (RPC layer) libkopenafs2 - AFS distributed file system runtime library (PAGs) libopenafs-dev - AFS distributed filesystem development libraries openafs-client - AFS distributed filesystem client support openafs-dbserver - AFS distributed filesystem database server openafs-fileserver - AFS distributed filesystem file server openafs-fuse - AFS distributed file system experimental FUSE client openafs-krb5 - AFS distributed filesystem Kerberos 5 integration Closes: 1087406 1087407 Changes: openafs (1.8.9-1+deb12u1) bookworm-security; urgency=high . * Non-maintainer upload by the Security Team. * afs: Properly type afs_osi_suser cred arg * Theft of credentials in Unix client PAGs (CVE-2024-10394) (Closes: #1087406, #1087407) * Fileserver crash and possible information leak on StoreACL/FetchACL (CVE-2024-10396) (Closes: #1087406, #1087407) * Preallocated buffer overflows in XDR responses (CVE-2024-10397) (Closes: #1087406, #1087407) Checksums-Sha1: eaf0081d3c204cd5c664f626d476d267e1820a3f 364156 libafsauthent2-dbgsym_1.8.9-1+deb12u1_i386.deb 6961b53e98f4b2ec909ca43f681d666fabf85cd7 238404 libafsauthent2_1.8.9-1+deb12u1_i386.deb 1b89e0dafcc3f57a661a6219264d6a838a12e02b 338000 libafsrpc2-dbgsym_1.8.9-1+deb12u1_i386.deb d9046147b203265cc5c70a43c529ba9f14ecaf35 216976 libafsrpc2_1.8.9-1+deb12u1_i386.deb ac45cff3fcea16960c593a9d4943710d0ea70051 6644 libkopenafs2-dbgsym_1.8.9-1+deb12u1_i386.deb 43fda97aa8ea87eb67bd001c883025b2e24fc555 82380 libkopenafs2_1.8.9-1+deb12u1_i386.deb a29042a0790b420342f66d51b89312460029d89d 82520 libopenafs-dev-dbgsym_1.8.9-1+deb12u1_i386.deb f1e522f33e6dd9c19e2ee9b52133a1212f45329d 1785424 libopenafs-dev_1.8.9-1+deb12u1_i386.deb 2e149ff5c6e655398ddbefb830f06c305d49f080 8019292 openafs-client-dbgsym_1.8.9-1+deb12u1_i386.deb b14c0a939db1866792c57397d09f418035833af9 2187736 openafs-client_1.8.9-1+deb12u1_i386.deb b53b88636b5374950479cc7bb79813cbb26968e8 2156884 openafs-dbserver-dbgsym_1.8.9-1+deb12u1_i386.deb b758ad2b4fe341f4452baab2ff01fa7d9cd46897 666380 openafs-dbserver_1.8.9-1+deb12u1_i386.deb 933fa5135d47bc2312aef3e4c6069d0ce73a5eb0 8450516 openafs-fileserver-dbgsym_1.8.9-1+deb12u1_i386.deb b5667c73b8a8c8c44110b60c39fb890b48886378 1510760 openafs-fileserver_1.8.9-1+deb12u1_i386.deb 380ee701c020276b4493b1b5d0e18ee82ad7777e 769240 openafs-fuse-dbgsym_1.8.9-1+deb12u1_i386.deb ec3be9596b500b3be85759d3bcc27ff922f20498 342420 openafs-fuse_1.8.9-1+deb12u1_i386.deb d9427bbae7a082a5455279889d0dc70788d06f0d 1381620 openafs-krb5-dbgsym_1.8.9-1+deb12u1_i386.deb 583014756e939df4564e04ee25b8eafaa3f808e4 361000 openafs-krb5_1.8.9-1+deb12u1_i386.deb 515f565d7af7d31334dbe532476c41dae1bd45d6 13236 openafs_1.8.9-1+deb12u1_i386-buildd.buildinfo Checksums-Sha256: 37dd03655a43e8cb9798505ece3d11aefea44b15f9108230edb781ed5db95184 364156 libafsauthent2-dbgsym_1.8.9-1+deb12u1_i386.deb b46fc54273d247089eea7c56c5c545ac659d734318a99d5012c5af7e9c6706a9 238404 libafsauthent2_1.8.9-1+deb12u1_i386.deb 35b7c58707797b441e71306c74d178fd5e29f5b49660ba89b0d22b461bcd7169 338000 libafsrpc2-dbgsym_1.8.9-1+deb12u1_i386.deb 960e2377ff90aa41d1398035292b9d5faae04ae1704af0556c5fbfa4695b4914 216976 libafsrpc2_1.8.9-1+deb12u1_i386.deb f019d0ebaff59558f944b7773443a15e4aa1c9cef6c69767471cebbbd579a2c7 6644 libkopenafs2-dbgsym_1.8.9-1+deb12u1_i386.deb 270ac60189dcc4b46824a82d77a9b6f3ef710ab371b8099b56e457a241880ae3 82380 libkopenafs2_1.8.9-1+deb12u1_i386.deb 8b1c1fe08d3921bbeed23fe5b291ded6b1dde542c438f3a4f97175e0da5bdee1 82520 libopenafs-dev-dbgsym_1.8.9-1+deb12u1_i386.deb 0cf3401e34b5228ae31b9bcf22fa12814536f1a60307d3233b456b2dc26f37a3 1785424 libopenafs-dev_1.8.9-1+deb12u1_i386.deb d0bb0de92c6f8fd7580b4dabd6f4a51704438235957d658e04c1a1c496d09ccd 8019292 openafs-client-dbgsym_1.8.9-1+deb12u1_i386.deb bc7657eec2cf3f7762bbdbc9cf6652045009b92cbb5a6c3d3ee7d49aa64bbed4 2187736 openafs-client_1.8.9-1+deb12u1_i386.deb b33394e734e4d64d7e8b83c2bcc3ef651533f6b0738b36915a2485c35aca8953 2156884 openafs-dbserver-dbgsym_1.8.9-1+deb12u1_i386.deb f85832a77eafabf8c4d0f428f26897da447399cce975ab3aba14b8002639ef6e 666380 openafs-dbserver_1.8.9-1+deb12u1_i386.deb 5ff0ce19dfa52a3671013a35c1d37e40d7f0668cc2b1c9ba5ad2f35bb72913db 8450516 openafs-fileserver-dbgsym_1.8.9-1+deb12u1_i386.deb ab049a11a1b6d07124b6ee6e88eb76182ac20fe2eec6189216a72e8fffefc8d6 1510760 openafs-fileserver_1.8.9-1+deb12u1_i386.deb 5e53e4a3f40e123bed8e88d546a461385e42bb0fc29b93212a75d8f39eb2d135 769240 openafs-fuse-dbgsym_1.8.9-1+deb12u1_i386.deb 9baf73c8c3b27a62cbfd6d7b0828d91d4d52d8f8ce0f74cb428b50d1eb9e5331 342420 openafs-fuse_1.8.9-1+deb12u1_i386.deb 40c03d991f175660febc74b2bf488457079d3cd6cd8f698527202eeb57fc1b09 1381620 openafs-krb5-dbgsym_1.8.9-1+deb12u1_i386.deb 9cd25caadbb2c0b2996c21aa7f46e4b8b4f26af5b3be0d83105daddc3397ed75 361000 openafs-krb5_1.8.9-1+deb12u1_i386.deb 977b5d4a3c2d2048c1a229e48f61874bdc04cd3a0151a6de3a31b5563fc6c1b2 13236 openafs_1.8.9-1+deb12u1_i386-buildd.buildinfo Files: 992241463b1a098d9e51847516f4e69e 364156 debug optional libafsauthent2-dbgsym_1.8.9-1+deb12u1_i386.deb 186164d5ef025d62da8c08d3cc983dea 238404 libs optional libafsauthent2_1.8.9-1+deb12u1_i386.deb 70f5e346e8416c69a1d1b7d40117f279 338000 debug optional libafsrpc2-dbgsym_1.8.9-1+deb12u1_i386.deb ab61636d9c2fb50a13774b76b2f68973 216976 libs optional libafsrpc2_1.8.9-1+deb12u1_i386.deb 3d66bf19c800b0d8b0540dc159a425ee 6644 debug optional libkopenafs2-dbgsym_1.8.9-1+deb12u1_i386.deb 247003d64c8f30aeaf9d3492bef315d5 82380 libs optional libkopenafs2_1.8.9-1+deb12u1_i386.deb d31418f2281917befecf650b6e248799 82520 debug optional libopenafs-dev-dbgsym_1.8.9-1+deb12u1_i386.deb d7b33b4fd9813b92fcc54bcef813c3c0 1785424 libdevel optional libopenafs-dev_1.8.9-1+deb12u1_i386.deb 51ac3dd141ad30daf0c02d79967406db 8019292 debug optional openafs-client-dbgsym_1.8.9-1+deb12u1_i386.deb 64ee3971e2bfe41766f666c3a08639dd 2187736 net optional openafs-client_1.8.9-1+deb12u1_i386.deb ea84cd089b02d34caf2f90c53d55b1f1 2156884 debug optional openafs-dbserver-dbgsym_1.8.9-1+deb12u1_i386.deb 9aa84e52c4ad007cd30b9334933eed50 666380 net optional openafs-dbserver_1.8.9-1+deb12u1_i386.deb 3bdd40fda247097480a4a2c1d7ceb615 8450516 debug optional openafs-fileserver-dbgsym_1.8.9-1+deb12u1_i386.deb d46bcfb8c886a2473300e316d52575e9 1510760 net optional openafs-fileserver_1.8.9-1+deb12u1_i386.deb 9e20bbe76ad67cb5a2b31c00c30ca35c 769240 debug optional openafs-fuse-dbgsym_1.8.9-1+deb12u1_i386.deb 033fdcd53c563c7e4ba8772dcb69d053 342420 net optional openafs-fuse_1.8.9-1+deb12u1_i386.deb 21117f95ca888d23b86e3db740f2f4b6 1381620 debug optional openafs-krb5-dbgsym_1.8.9-1+deb12u1_i386.deb 49a569b670db75d5e695355ff424582b 361000 net optional openafs-krb5_1.8.9-1+deb12u1_i386.deb 5f7d3a209aaa3c833a58b8fc801d40e8 13236 net optional openafs_1.8.9-1+deb12u1_i386-buildd.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEyTfXx8sBpQ0Lh3cUU9a0/LcaTpMFAmdtZpoACgkQU9a0/Lca TpNItBAAkj1SJRvFtYykZtqAgZEAs0FJZEhreDysIJQ0CoCXdzS7kqDs19uefmzp oAwJnr7Otjnb91uS4QwN2S5clzBErxU7iJ333ZEKEUVWQbHQGc5k8zrr+PsX3/Qp yb9IokjpElITPzas0TLSqZjfzdBNKtlYwT98XujiT3tzb9RHSMbMFx+g0rrheQjz IwEZyoBhjv2giN2NBMnaUEEBQdDup57fGKCfGJNPyo7uYjkaFVIBzDpPM5ZSQ7z+ L1euoiPtZhzn33t4GA/Q8Hx94JJnRj0MCvpiFFHdNuaaZw5ZMd+c2ImSClMxXLcZ pcbxiWWkOPLDzuKWhdUjOTKkrEL/0K3jCyYWjq9JOYiOdA/TN0FIPEYmHkqYQ2ms /Q22pULCz61xFZa8kpM/hcaJz4BPP8uqoskfho/cMZ7RC/bmk+p1iET+0B15q5gP dJUrpPZN2vzZRTGHBELcc28VXy6lBHJOIZ9fNZPg07+m8wgcZE9cXvUZkhOKFAz7 ofX7wFHlVr1GsSTuN3jel4xuK73OxhAPufg1eNiQ2qsZROyRTDoHpziBFC/Kv9bg 16qFpOwgoVT7n5CNJzgfM+61G7wdvL2dTMOGp5wWbHDB1BfcdRKsP71HBKeFOs2n QSMKE54bfTMF70uXrqJDT4V8XswLjJ6AbImjTcVO7rEGgGfMfkA= =IBXk -----END PGP SIGNATURE-----