MGASA-2016-0121
- Source
- https://advisories.mageia.org/MGASA-2016-0121.html
- Import Source
- https://advisories.mageia.org/MGASA-2016-0121.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2016-0121
- Related
- Published
- 2016-03-25T06:38:37Z
- Modified
- 2016-05-06T12:06:45Z
- Summary
- Updated openafs packages fix security vulnerability
- Details
-
In OpenAFS before 1.6.17, users from foreign Kerberos realms can create groups as if they were administrators (CVE-2016-2860).
In OpenAFS before 1.6.17, information leakage over the network due to uninitialized memory (CVE-2016-4536).
- References
-
- https://advisories.mageia.org/MGASA-2016-0121.html
- https://bugs.mageia.org/show_bug.cgi?id=18034
- http://www.openafs.org/pages/security/OPENAFS-SA-2016-001.txt
- http://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt
- http://dl.openafs.org/dl/1.6.16/RELNOTES-1.6.16
- http://dl.openafs.org/dl/1.6.16/RELNOTES-1.6.17
- https://lists.openafs.org/pipermail/openafs-announce/2015/000495.html
- https://lists.openafs.org/pipermail/openafs-announce/2016/000496.html
- http://openwall.com/lists/oss-security/2016/05/05/23
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / openafs
Package
- Name
- openafs
- Purl
- pkg:rpm/mageia/openafs?arch=source&distro=mageia-5