diff --git a/NEWS b/NEWS index 2c40253ada..0386904800 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,32 @@ User-Visible OpenAFS Changes +OpenAFS 1.6.24 + +All platforms + + * Fix OPENAFS-SA-2019-001: information leakage in failed RPC output + Generated RPC handler routines ran output variables through XDR encoding + even when the call had failed and would shortly be aborted (and for + which uninitialized output variables is common); any complete packets + assembled in the process would be sent to the peer, leaking the contents + of the uninitialized memory in question. + + * Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars + Generated RPC handler routines did not initialize output variables of + scalar (fixed-length) type, since they did not require dedicated logic to + free. Such variables allocated on the stack could remain uninitialized + in some cases (including those affected by OPENAFS-SA-2019-001), and the + contents of uninitialized memory would be returned to the peer. + +All server platforms + + * Fix OPENAFS-SA-2019-003: fix crash in database servers + The ubik debugging RPCs prioritize being fast and non-disruptive to + database operations over strict correctness, and do not adhere to the + usual locking protocol for data access. A data race could cause a NULL + dereference if the second memory load was not optimized out by the + compiler. + OpenAFS 1.6.23 All platforms diff --git a/configure-libafs.ac b/configure-libafs.ac index 4a02dc5fe3..62bcb33d39 100644 --- a/configure-libafs.ac +++ b/configure-libafs.ac @@ -5,7 +5,7 @@ AC_CONFIG_SRCDIR(src/libafs/Makefile.common.in) AM_INIT_AUTOMAKE AC_CONFIG_HEADER(src/config/afsconfig.h) -MACOS_VERSION=1.6.23 +MACOS_VERSION=1.6.24 AC_SUBST(MACOS_VERSION) diff --git a/configure.ac b/configure.ac index ecc5baeaca..80dca168d3 100644 --- a/configure.ac +++ b/configure.ac @@ -5,8 +5,8 @@ AC_CONFIG_SRCDIR([src/config/stds.h]) AM_INIT_AUTOMAKE AC_CONFIG_HEADER(src/config/afsconfig.h) -MACOS_VERSION=1.6.23 -LINUX_PKGVER=1.6.23 +MACOS_VERSION=1.6.24 +LINUX_PKGVER=1.6.24 dnl Debian wants the release candidate version in the main upstream version, dnl and wants ~ before it. diff --git a/src/config/NTMakefile.amd64_w2k b/src/config/NTMakefile.amd64_w2k index 283a21734a..24cd10a48a 100644 --- a/src/config/NTMakefile.amd64_w2k +++ b/src/config/NTMakefile.amd64_w2k @@ -90,7 +90,7 @@ AFSPRODUCT_VER_MAJOR=1 AFSPRODUCT_VER_MINOR=6 !ENDIF !IF !DEFINED(AFSPRODUCT_VER_PATCH) -AFSPRODUCT_VER_PATCH=2300 +AFSPRODUCT_VER_PATCH=2400 !ENDIF !IF !DEFINED(AFSPRODUCT_VER_BUILD) AFSPRODUCT_VER_BUILD=0 diff --git a/src/config/NTMakefile.i386_nt40 b/src/config/NTMakefile.i386_nt40 index d03c144976..627a547529 100644 --- a/src/config/NTMakefile.i386_nt40 +++ b/src/config/NTMakefile.i386_nt40 @@ -90,7 +90,7 @@ AFSPRODUCT_VER_MAJOR=1 AFSPRODUCT_VER_MINOR=6 !ENDIF !IF !DEFINED(AFSPRODUCT_VER_PATCH) -AFSPRODUCT_VER_PATCH=2300 +AFSPRODUCT_VER_PATCH=2400 !ENDIF !IF !DEFINED(AFSPRODUCT_VER_BUILD) AFSPRODUCT_VER_BUILD=0 diff --git a/src/config/NTMakefile.i386_w2k b/src/config/NTMakefile.i386_w2k index 998c991a90..4c20879d0c 100644 --- a/src/config/NTMakefile.i386_w2k +++ b/src/config/NTMakefile.i386_w2k @@ -94,7 +94,7 @@ AFSPRODUCT_VER_MAJOR=1 AFSPRODUCT_VER_MINOR=6 !ENDIF !IF !DEFINED(AFSPRODUCT_VER_PATCH) -AFSPRODUCT_VER_PATCH=2300 +AFSPRODUCT_VER_PATCH=2400 !ENDIF !IF !DEFINED(AFSPRODUCT_VER_BUILD) AFSPRODUCT_VER_BUILD=0