From d12f72f1afcdee1076287a7fc41f8abcaae4ddc4 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Wed, 28 Oct 2015 08:49:20 -0400 Subject: [PATCH] NEWS: Update for 1.6.15 Security vulnerability release. Document OPENAFS-SA-2015-007. Change-Id: Id36480024fbdac7d3478bec7f3026b2c05bc37f0 --- NEWS | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/NEWS b/NEWS index 79c2fe18ba..3babf2ed50 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,20 @@ User-Visible OpenAFS Changes +OpenAFS 1.6.15 (Security Release) + + All client and server platforms + + * Fix for OPENAFS-SA-2015-007 "Tattletale" + + When constructing an Rx acknowledgment (ACK) packet, Andrew-derived + Rx implementations do not initialize three octets of data that are + padding in the C language structure and were inadvertently included + in the wire protocol (CVE-2015-7762). Additionally, OpenAFS Rx in + versions 1.5.75 through 1.5.78, 1.6.0 through 1.6.14, and 1.7.0 + through 1.7.32 include a variable-length padding at the end of the + ACK packet, in an attempt to detect the path MTU, but only four octets + of the additional padding are initialized (CVE-2015-7763). + OpenAFS 1.6.14.1 Linux clients