OpenAFS 1.6.24

-----BEGIN PGP SIGNATURE-----
 
 iQHGBAABCgAsFiEE2WGV4E2ARf9BYP0XKNmm82TrdRIFAl2vhN0OHGthZHVrQG1p
 dC5lZHUACgkQKNmm82TrdRI+dAwfWNrRQr/W+EWx4yY96v5n3BTeU/vm3oBIJMXk
 /9guWSCKHuCnpWmPvu/2bfiS8kytADlJJmkrxmnIG2WxWTCH6pcAYVBfO+OX7Fuz
 vaYtEocCLbzDpHpE43ViBh+2KaMdHuwhVe7+0R6GPGqu28Almk/f3qZXiF4k0on0
 eNio+SHupZwff7rNSe+cHe/Nw44F2nhmG4rK1yEMVqUwsPPrMIBih3ZMRwcloXqj
 5ybHfP7OY7S+uPebLyyu0AnQ+OEMOpjst3H56QydomVQmKWVQtyCKSjjPBAQlgGF
 BocLU4gvJOJlhdla7ii3YGhqrkT4GFaHSGnwFB0o/zQKB0xZneAVo+SQ29jVtHzz
 YA63O+srAFKdaTTGNJnXcl3FqMTjsG+L/cJExbIw4y3P0AfakfsWHnPDl5xxflxc
 Eci4eOX5hzo1TXYtGljfw9y6nVz0CYzA7HrW2CIxt8soM5aXvN0A1J/qe9Fp08W2
 ttAQUhvrveFCjPU/ZV1E/McdEt8Drc0+hg==
 =HKCY
 -----END PGP SIGNATURE-----

Merge tag 'openafs-stable-1_6_24' into openafs-stable-1_6_x

Join the history of the security release into the
1.6.x stable release branch.

Change-Id: I5e75a3f9d475bacc39bbd8539d561d5e9395f300
This commit is contained in:
Benjamin Kaduk 2019-10-22 16:05:45 -07:00
commit 304a589767
6 changed files with 33 additions and 6 deletions

27
NEWS
View File

@ -1,5 +1,32 @@
User-Visible OpenAFS Changes
OpenAFS 1.6.24
All platforms
* Fix OPENAFS-SA-2019-001: information leakage in failed RPC output
Generated RPC handler routines ran output variables through XDR encoding
even when the call had failed and would shortly be aborted (and for
which uninitialized output variables is common); any complete packets
assembled in the process would be sent to the peer, leaking the contents
of the uninitialized memory in question.
* Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars
Generated RPC handler routines did not initialize output variables of
scalar (fixed-length) type, since they did not require dedicated logic to
free. Such variables allocated on the stack could remain uninitialized
in some cases (including those affected by OPENAFS-SA-2019-001), and the
contents of uninitialized memory would be returned to the peer.
All server platforms
* Fix OPENAFS-SA-2019-003: fix crash in database servers
The ubik debugging RPCs prioritize being fast and non-disruptive to
database operations over strict correctness, and do not adhere to the
usual locking protocol for data access. A data race could cause a NULL
dereference if the second memory load was not optimized out by the
compiler.
OpenAFS 1.6.23
All platforms

View File

@ -5,7 +5,7 @@ AC_CONFIG_SRCDIR(src/libafs/Makefile.common.in)
AM_INIT_AUTOMAKE
AC_CONFIG_HEADER(src/config/afsconfig.h)
MACOS_VERSION=1.6.23
MACOS_VERSION=1.6.24
AC_SUBST(MACOS_VERSION)

View File

@ -5,8 +5,8 @@ AC_CONFIG_SRCDIR([src/config/stds.h])
AM_INIT_AUTOMAKE
AC_CONFIG_HEADER(src/config/afsconfig.h)
MACOS_VERSION=1.6.23
LINUX_PKGVER=1.6.23
MACOS_VERSION=1.6.24
LINUX_PKGVER=1.6.24
dnl Debian wants the release candidate version in the main upstream version,
dnl and wants ~ before it.

View File

@ -90,7 +90,7 @@ AFSPRODUCT_VER_MAJOR=1
AFSPRODUCT_VER_MINOR=6
!ENDIF
!IF !DEFINED(AFSPRODUCT_VER_PATCH)
AFSPRODUCT_VER_PATCH=2300
AFSPRODUCT_VER_PATCH=2400
!ENDIF
!IF !DEFINED(AFSPRODUCT_VER_BUILD)
AFSPRODUCT_VER_BUILD=0

View File

@ -90,7 +90,7 @@ AFSPRODUCT_VER_MAJOR=1
AFSPRODUCT_VER_MINOR=6
!ENDIF
!IF !DEFINED(AFSPRODUCT_VER_PATCH)
AFSPRODUCT_VER_PATCH=2300
AFSPRODUCT_VER_PATCH=2400
!ENDIF
!IF !DEFINED(AFSPRODUCT_VER_BUILD)
AFSPRODUCT_VER_BUILD=0

View File

@ -94,7 +94,7 @@ AFSPRODUCT_VER_MAJOR=1
AFSPRODUCT_VER_MINOR=6
!ENDIF
!IF !DEFINED(AFSPRODUCT_VER_PATCH)
AFSPRODUCT_VER_PATCH=2300
AFSPRODUCT_VER_PATCH=2400
!ENDIF
!IF !DEFINED(AFSPRODUCT_VER_BUILD)
AFSPRODUCT_VER_BUILD=0