Advisories » MGASA-2018-0065

Updated openafs packages fixes security vulnerability

Publication date: 06 Jan 2018
Modification date: 06 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-17432

Description

This update provides an update to openafs 1.6.22, fixing the following
security issue:

It was discovered that malformed jumbogram packets could result in denial
of service against OpenAFS (CVE-2017-17432).

It also adds support for 4.14 series kernels.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22209
• https://www.openafs.org/pages/security/OPENAFS-SA-2017-001.txt
• https://dl.openafs.org/dl/1.6.21/RELNOTES-1.6.21
• https://dl.openafs.org/dl/1.6.22/RELNOTES-1.6.22
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17432

SRPMS

6/core

• openafs-1.6.22-1.mga6