mirror of
https://git.openafs.org/openafs.git
synced 2025-01-18 06:50:12 +00:00
OpenAFS 1.6.24
-----BEGIN PGP SIGNATURE----- iQHGBAABCgAsFiEE2WGV4E2ARf9BYP0XKNmm82TrdRIFAl2vhN0OHGthZHVrQG1p dC5lZHUACgkQKNmm82TrdRI+dAwfWNrRQr/W+EWx4yY96v5n3BTeU/vm3oBIJMXk /9guWSCKHuCnpWmPvu/2bfiS8kytADlJJmkrxmnIG2WxWTCH6pcAYVBfO+OX7Fuz vaYtEocCLbzDpHpE43ViBh+2KaMdHuwhVe7+0R6GPGqu28Almk/f3qZXiF4k0on0 eNio+SHupZwff7rNSe+cHe/Nw44F2nhmG4rK1yEMVqUwsPPrMIBih3ZMRwcloXqj 5ybHfP7OY7S+uPebLyyu0AnQ+OEMOpjst3H56QydomVQmKWVQtyCKSjjPBAQlgGF BocLU4gvJOJlhdla7ii3YGhqrkT4GFaHSGnwFB0o/zQKB0xZneAVo+SQ29jVtHzz YA63O+srAFKdaTTGNJnXcl3FqMTjsG+L/cJExbIw4y3P0AfakfsWHnPDl5xxflxc Eci4eOX5hzo1TXYtGljfw9y6nVz0CYzA7HrW2CIxt8soM5aXvN0A1J/qe9Fp08W2 ttAQUhvrveFCjPU/ZV1E/McdEt8Drc0+hg== =HKCY -----END PGP SIGNATURE----- Merge tag 'openafs-stable-1_6_24' into openafs-stable-1_6_x Join the history of the security release into the 1.6.x stable release branch. Change-Id: I5e75a3f9d475bacc39bbd8539d561d5e9395f300
This commit is contained in:
commit
304a589767
27
NEWS
27
NEWS
@ -1,5 +1,32 @@
|
||||
User-Visible OpenAFS Changes
|
||||
|
||||
OpenAFS 1.6.24
|
||||
|
||||
All platforms
|
||||
|
||||
* Fix OPENAFS-SA-2019-001: information leakage in failed RPC output
|
||||
Generated RPC handler routines ran output variables through XDR encoding
|
||||
even when the call had failed and would shortly be aborted (and for
|
||||
which uninitialized output variables is common); any complete packets
|
||||
assembled in the process would be sent to the peer, leaking the contents
|
||||
of the uninitialized memory in question.
|
||||
|
||||
* Fix OPENAFS-SA-2019-002: information leakage from uninitialized scalars
|
||||
Generated RPC handler routines did not initialize output variables of
|
||||
scalar (fixed-length) type, since they did not require dedicated logic to
|
||||
free. Such variables allocated on the stack could remain uninitialized
|
||||
in some cases (including those affected by OPENAFS-SA-2019-001), and the
|
||||
contents of uninitialized memory would be returned to the peer.
|
||||
|
||||
All server platforms
|
||||
|
||||
* Fix OPENAFS-SA-2019-003: fix crash in database servers
|
||||
The ubik debugging RPCs prioritize being fast and non-disruptive to
|
||||
database operations over strict correctness, and do not adhere to the
|
||||
usual locking protocol for data access. A data race could cause a NULL
|
||||
dereference if the second memory load was not optimized out by the
|
||||
compiler.
|
||||
|
||||
OpenAFS 1.6.23
|
||||
|
||||
All platforms
|
||||
|
@ -5,7 +5,7 @@ AC_CONFIG_SRCDIR(src/libafs/Makefile.common.in)
|
||||
AM_INIT_AUTOMAKE
|
||||
|
||||
AC_CONFIG_HEADER(src/config/afsconfig.h)
|
||||
MACOS_VERSION=1.6.23
|
||||
MACOS_VERSION=1.6.24
|
||||
|
||||
AC_SUBST(MACOS_VERSION)
|
||||
|
||||
|
@ -5,8 +5,8 @@ AC_CONFIG_SRCDIR([src/config/stds.h])
|
||||
AM_INIT_AUTOMAKE
|
||||
|
||||
AC_CONFIG_HEADER(src/config/afsconfig.h)
|
||||
MACOS_VERSION=1.6.23
|
||||
LINUX_PKGVER=1.6.23
|
||||
MACOS_VERSION=1.6.24
|
||||
LINUX_PKGVER=1.6.24
|
||||
|
||||
dnl Debian wants the release candidate version in the main upstream version,
|
||||
dnl and wants ~ before it.
|
||||
|
@ -90,7 +90,7 @@ AFSPRODUCT_VER_MAJOR=1
|
||||
AFSPRODUCT_VER_MINOR=6
|
||||
!ENDIF
|
||||
!IF !DEFINED(AFSPRODUCT_VER_PATCH)
|
||||
AFSPRODUCT_VER_PATCH=2300
|
||||
AFSPRODUCT_VER_PATCH=2400
|
||||
!ENDIF
|
||||
!IF !DEFINED(AFSPRODUCT_VER_BUILD)
|
||||
AFSPRODUCT_VER_BUILD=0
|
||||
|
@ -90,7 +90,7 @@ AFSPRODUCT_VER_MAJOR=1
|
||||
AFSPRODUCT_VER_MINOR=6
|
||||
!ENDIF
|
||||
!IF !DEFINED(AFSPRODUCT_VER_PATCH)
|
||||
AFSPRODUCT_VER_PATCH=2300
|
||||
AFSPRODUCT_VER_PATCH=2400
|
||||
!ENDIF
|
||||
!IF !DEFINED(AFSPRODUCT_VER_BUILD)
|
||||
AFSPRODUCT_VER_BUILD=0
|
||||
|
@ -94,7 +94,7 @@ AFSPRODUCT_VER_MAJOR=1
|
||||
AFSPRODUCT_VER_MINOR=6
|
||||
!ENDIF
|
||||
!IF !DEFINED(AFSPRODUCT_VER_PATCH)
|
||||
AFSPRODUCT_VER_PATCH=2300
|
||||
AFSPRODUCT_VER_PATCH=2400
|
||||
!ENDIF
|
||||
!IF !DEFINED(AFSPRODUCT_VER_BUILD)
|
||||
AFSPRODUCT_VER_BUILD=0
|
||||
|
Loading…
Reference in New Issue
Block a user