安全研究
安全漏洞
OpenAFS文件服务器远程拒绝服务漏洞
发布日期:2007-12-20
更新日期:2008-01-07
受影响系统:
OpenAFS OpenAFS 1.5.0 - 1.5.27不受影响系统:
OpenAFS OpenAFS 1.3.50 - 1.4.5
OpenAFS OpenAFS 1.5.28描述:
OpenAFS OpenAFS 1.4.6
BUGTRAQ ID: 27132
CVE(CAN) ID: CVE-2007-6599
OpenAFS是一套开放源代码的分布式文件系统,允许系统之间通过局域和广域网来分享档案和资源。
OpenAFS的文件服务器中存在竞争条件错误,远程攻击者可能利用此漏洞导致程序崩溃。
如果远程攻击者同时请求并返回文件回调的话,GiveUpAllCallBacks RPC的处理器就会未经host_glock锁定便执行链表操作,导致守护程序崩溃。
<*来源:Derrick J Brashear (openafs-info@openafs.org)
链接:http://secunia.com/advisories/28327/
http://lists.openafs.org/pipermail/openafs-announce/2007/000220.html
http://www.debian.org/security/2008/dsa-1458
http://security.gentoo.org/glsa/glsa-200801-04.xml
*>
建议:
厂商补丁:
Debian
------
Debian已经为此发布了一个安全公告(DSA-1458-1)以及相应补丁:
DSA-1458-1:New openafs packages fix denial of service vulnerability
链接:http://www.debian.org/security/2008/dsa-1458
补丁下载:
Source archives:
http://security.debian.org/pool/updates/main/o/openafs/openafs_1.3.81-3sarge3.dsc
Size/MD5 checksum: 851 e976cc846cb191828237473b1d0e4983
http://security.debian.org/pool/updates/main/o/openafs/openafs_1.3.81.orig.tar.gz
Size/MD5 checksum: 13455346 d754e92f7a0cd9824991c850e001884c
http://security.debian.org/pool/updates/main/o/openafs/openafs_1.3.81-3sarge3.diff.gz
Size/MD5 checksum: 261881 e28ed82f25816569ae6f1e74c7cd651b
Architecture independent packages:
http://security.debian.org/pool/updates/main/o/openafs/openafs-modules-source_1.3.81-3sarge3_all.deb
Size/MD5 checksum: 4616288 3e229a9fe2d2b561a71622feac362a0a
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.3.81-3sarge3_alpha.deb
Size/MD5 checksum: 1111526 3c76348f4a27d5cda9aaa689ae9b1e11
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge3_alpha.deb
Size/MD5 checksum: 271230 33707e0d7ad8bb2b2ed152e5d92ae1fb
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.3.81-3sarge3_alpha.deb
Size/MD5 checksum: 693318 8977f1b81728d32a2f58fc7adaba7a49
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.3.81-3sarge3_alpha.deb
Size/MD5 checksum: 306556 c68d43f0a515c3ef40c26a69c3fa5267
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.3.81-3sarge3_alpha.deb
Size/MD5 checksum: 2228482 4df236f17ca09f966381191bc744738c
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.3.81-3sarge3_alpha.deb
Size/MD5 checksum: 1892222 47914dd9a679b3e5ef7073d2c9b992f9
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.3.81-3sarge3_amd64.deb
Size/MD5 checksum: 1442304 440380aae37ad9570d3488b2b94c1f20
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.3.81-3sarge3_amd64.deb
Size/MD5 checksum: 555860 3d5eeca465e786c8e3aeaa0f3a33c237
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.3.81-3sarge3_amd64.deb
Size/MD5 checksum: 246504 a1f8f9151ddf5d8b2223ccc9011262ea
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge3_amd64.deb
Size/MD5 checksum: 229864 b17737eccca71f36bc1d2353979a8c5f
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.3.81-3sarge3_amd64.deb
Size/MD5 checksum: 1833444 365d0d014c6328440fcab8c9f8a7b290
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.3.81-3sarge3_amd64.deb
Size/MD5 checksum: 884294 72860be9817d2a76f7dee14f133e55c3
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.3.81-3sarge3_hppa.deb
Size/MD5 checksum: 248674 8211521a46ed37194b1389206967afaa
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.3.81-3sarge3_hppa.deb
Size/MD5 checksum: 919204 c0fa4e2db69bcba11c9ee4dda530d361
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.3.81-3sarge3_hppa.deb
Size/MD5 checksum: 1827896 4555b91cc17ff27b33012e56736b93e7
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.3.81-3sarge3_hppa.deb
Size/MD5 checksum: 555912 6eaa5c2f587367d3fb9ea0c991a2e42c
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.3.81-3sarge3_hppa.deb
Size/MD5 checksum: 1508082 076c45dfa9ac8f962c0f8cd3edca36ff
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge3_hppa.deb
Size/MD5 checksum: 250190 9f56665de9b2cdf4dd77d25e5ea80f67
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge3_i386.deb
Size/MD5 checksum: 217500 700591848a35d23ce47290f24cae4fbd
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.3.81-3sarge3_i386.deb
Size/MD5 checksum: 783520 d59e41054171bc7d1fb0aba29f02a350
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.3.81-3sarge3_i386.deb
Size/MD5 checksum: 1547026 79eaa3c48d97c4fef817247c422ccac3
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.3.81-3sarge3_i386.deb
Size/MD5 checksum: 1274902 a402d82dcccfcbb98900c10c819f74e4
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.3.81-3sarge3_i386.deb
Size/MD5 checksum: 205700 371cba49e969d2177930a8c0fba08acb
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.3.81-3sarge3_i386.deb
Size/MD5 checksum: 466994 0dcffdb0d36cc18ee29c445fc2099fda
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.3.81-3sarge3_ia64.deb
Size/MD5 checksum: 767748 922758417f41c9042a0b981b4e821ed1
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.3.81-3sarge3_ia64.deb
Size/MD5 checksum: 2592104 803aa4ef7d09ee197f24df23b795daf0
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.3.81-3sarge3_ia64.deb
Size/MD5 checksum: 350256 d8fa12297f5356b49d29e6fb29091fda
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge3_ia64.deb
Size/MD5 checksum: 310280 290defd02a6dbf0f67f2ba58a2b476c9
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.3.81-3sarge3_ia64.deb
Size/MD5 checksum: 1841412 ffcad21ff23511bf2d63a3dbc64c36e3
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.3.81-3sarge3_ia64.deb
Size/MD5 checksum: 1277792 8d450683d8e95f67900405f18bc1b6de
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.3.81-3sarge3_powerpc.deb
Size/MD5 checksum: 517662 9b59769223c18e987a77013f9d8c0300
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.3.81-3sarge3_powerpc.deb
Size/MD5 checksum: 229684 abfc07fb1905dcf791061ed4150b26b6
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.3.81-3sarge3_powerpc.deb
Size/MD5 checksum: 1692200 da974fc36d3d5d1341e77f80e86ee211
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.3.81-3sarge3_powerpc.deb
Size/MD5 checksum: 852162 4990eb799fef4094addf9fc20b92a8c6
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.3.81-3sarge3_powerpc.deb
Size/MD5 checksum: 1460262 1751615de133fcd2f5c4b029a32b1beb
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge3_powerpc.deb
Size/MD5 checksum: 223554 9df7d747f46b12eac1213c420d0c617f
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.3.81-3sarge3_s390.deb
Size/MD5 checksum: 473236 e6614ec300bf67f58713a63c8295d9d9
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.3.81-3sarge3_s390.deb
Size/MD5 checksum: 212084 4521ec178094273d6f853dfe9984b1e5
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge3_s390.deb
Size/MD5 checksum: 224854 b1b5099db8e51c7b06af169af1ae8473
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.3.81-3sarge3_s390.deb
Size/MD5 checksum: 1536414 7b444adef57f3535661ecad5b91aa50d
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.3.81-3sarge3_s390.deb
Size/MD5 checksum: 1383964 076d2df92940591dcd09c3beeeb2e4fc
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.3.81-3sarge3_s390.deb
Size/MD5 checksum: 762240 6266fc592f0426aed77a62c8f45ca0a8
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.3.81-3sarge3_sparc.deb
Size/MD5 checksum: 215874 663b6fdfd91ea4f1b20d91d8a65b6021
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.3.81-3sarge3_sparc.deb
Size/MD5 checksum: 1542632 18efaaad5c53eb8efc56d17ed9a49bd4
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.3.81-3sarge3_sparc.deb
Size/MD5 checksum: 1331536 77c16cc6d140ecb42b22e91e591cd56a
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.3.81-3sarge3_sparc.deb
Size/MD5 checksum: 775104 fd19130984d2434dd1f903117943b10c
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.3.81-3sarge3_sparc.deb
Size/MD5 checksum: 209502 be4bb6a273b96ea8b895462f29f9176f
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.3.81-3sarge3_sparc.deb
Size/MD5 checksum: 459574 ba8061dcdd273138b1eec7a581f2505c
Debian (stable)
- ---------------
Stable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.2-6etch1.diff.gz
Size/MD5 checksum: 117510 2e34f43b59444768ed69bde2e15c0f93
http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.2.orig.tar.gz
Size/MD5 checksum: 9210858 5c1c4c39a592ec52f5a4fa68f89ab7e3
http://security.debian.org/pool/updates/main/o/openafs/openafs_1.4.2-6etch1.dsc
Size/MD5 checksum: 879 7dc9cb6b160d09b9daa364a6b42573ff
Architecture independent packages:
http://security.debian.org/pool/updates/main/o/openafs/openafs-doc_1.4.2-6etch1_all.deb
Size/MD5 checksum: 2989598 a05f8ec2a6db2775f45dbc9e839da685
http://security.debian.org/pool/updates/main/o/openafs/openafs-modules-source_1.4.2-6etch1_all.deb
Size/MD5 checksum: 5739796 b88a073e49f76d86d0639eece8c15801
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch1_alpha.deb
Size/MD5 checksum: 3627092 4119e1a7a55ee68880f1e142c0fdd70f
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch1_alpha.deb
Size/MD5 checksum: 1302986 9a6e5450f64a11cab0f15ef8ed2daf26
http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch1_alpha.deb
Size/MD5 checksum: 203332 abb48a00583cfdd3938e8721943cf3a8
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch1_alpha.deb
Size/MD5 checksum: 359628 76bd610ae9f352fa48e68edf26304aef
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch1_alpha.deb
Size/MD5 checksum: 2923162 a3dc29dcb35d8953504b790e873d9cf1
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch1_alpha.deb
Size/MD5 checksum: 1853582 1e6946b3b1f4ed4ba783cfafe980a37d
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch1_alpha.deb
Size/MD5 checksum: 740182 266a3cfebcf3399c8aece740ff8e11b7
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch1_alpha.deb
Size/MD5 checksum: 506468 db89fb29220c29ae8bdeb8846fe56a07
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch1_amd64.deb
Size/MD5 checksum: 454440 0b162dfc097b5f1135004bb0698dc39d
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch1_amd64.deb
Size/MD5 checksum: 1917568 95f27ef79eae78b3b29574d54eece7c0
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch1_amd64.deb
Size/MD5 checksum: 2207856 de138ad94fba3ee3712f0b34316302af
http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch1_amd64.deb
Size/MD5 checksum: 182310 e4f0d60cdeb2bd80103b461978a232a8
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch1_amd64.deb
Size/MD5 checksum: 3283284 118d6283652ac4daaf7ea1d07a323f37
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch1_amd64.deb
Size/MD5 checksum: 1134402 94637f6da5e69ce8f5a82406e57e6459
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch1_amd64.deb
Size/MD5 checksum: 315030 38ce302c3b5b8dc3bfa56c47056c5902
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch1_amd64.deb
Size/MD5 checksum: 643228 e1b34754c8e5027b36b406dc9504014c
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch1_hppa.deb
Size/MD5 checksum: 319832 be9dead7f0f3469ffdc1503eee98c2e0
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch1_hppa.deb
Size/MD5 checksum: 1796338 e0be88e194a7b3acb3f2086f0d09f7bd
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch1_hppa.deb
Size/MD5 checksum: 645672 f1985fecfb5ebe14e277ec2f49ba6170
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch1_hppa.deb
Size/MD5 checksum: 1183618 b49bd59c6b7484eb9a70cfebd7826a7a
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch1_hppa.deb
Size/MD5 checksum: 2382642 69c2d83cdfb7f3a7b2eec451508a484b
http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch1_hppa.deb
Size/MD5 checksum: 184270 38f5874405c51a2bf61049eb54831d67
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch1_hppa.deb
Size/MD5 checksum: 479366 c22ca484b2c84cfd8d56bf6d32351289
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch1_hppa.deb
Size/MD5 checksum: 3285472 9c4399cf9778602467056cc974e08e7d
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch1_i386.deb
Size/MD5 checksum: 543662 75bb15499bb19ecd838dd307bc7bb1f6
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch1_i386.deb
Size/MD5 checksum: 1859228 f37c9f8513ff2885552f7a253054d280
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch1_i386.deb
Size/MD5 checksum: 271164 815a07baf484b25a31946d5b23da08d2
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch1_i386.deb
Size/MD5 checksum: 2857542 20bab5cc08b997ceff6703ca79b30614
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch1_i386.deb
Size/MD5 checksum: 1894590 e2d2fa8b6a5fe10d69db86eeea3e3061
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch1_i386.deb
Size/MD5 checksum: 412258 ef22e27857987188d7bb693e6c4b6c48
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch1_i386.deb
Size/MD5 checksum: 1005052 9296fe936d7b2cc5b6e000cf732e1265
http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch1_i386.deb
Size/MD5 checksum: 159544 515bab8ac2b70db336e5c1ff1687cf0b
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch1_ia64.deb
Size/MD5 checksum: 1795782 219afc80145bc2fdcbfa6c0ddc499c71
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch1_ia64.deb
Size/MD5 checksum: 441932 efb43feed2a2622e5bc998480886ffc3
http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch1_ia64.deb
Size/MD5 checksum: 249084 a7bf489cc5312804a975ed54eea78da3
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch1_ia64.deb
Size/MD5 checksum: 919754 6a0d714f6a0ac86f99f07426c93444e5
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch1_ia64.deb
Size/MD5 checksum: 1721588 1f332c21b904045b9af40c91745e5f5a
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch1_ia64.deb
Size/MD5 checksum: 654748 b38cbe755b945791154854defb601737
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch1_ia64.deb
Size/MD5 checksum: 3062280 a089e38e502bc3c011a4e50051c633fe
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch1_ia64.deb
Size/MD5 checksum: 4527440 6d56ff6c53df824107221dc869ff8a1b
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch1_powerpc.deb
Size/MD5 checksum: 2186102 53d737a6c95aa38f3d009ad37e67ba1b
http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch1_powerpc.deb
Size/MD5 checksum: 173876 f1d02ff85d878907aec03e4ac2a52193
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch1_powerpc.deb
Size/MD5 checksum: 1836364 0d87a032ccc7525645ea4f86000cab1c
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch1_powerpc.deb
Size/MD5 checksum: 3082512 e68b50a759165ef711ac5df2a43158a5
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch1_powerpc.deb
Size/MD5 checksum: 297690 b6be09bdcebda88218fcff8fc4193f45
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch1_powerpc.deb
Size/MD5 checksum: 597156 86538a031ec48c51a47603785a76b8f2
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch1_powerpc.deb
Size/MD5 checksum: 1101324 619426a084808af40354c4b14870f147
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch1_powerpc.deb
Size/MD5 checksum: 463150 fcdeeab1bde5b021bbf84267edd78b46
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch1_s390.deb
Size/MD5 checksum: 1688792 f7b79590a980d664f401ae0fdc1f3956
http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch1_s390.deb
Size/MD5 checksum: 165072 4daf05495997c84cce683eaf22d6fce3
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch1_s390.deb
Size/MD5 checksum: 2903280 1e045d3be6d721aa777934d89e8737ee
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch1_s390.deb
Size/MD5 checksum: 282972 625a5f4add61e7b924e2df6a41b69a2a
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch1_s390.deb
Size/MD5 checksum: 563302 67187a1e033fd77bc356cc0840fbba87
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch1_s390.deb
Size/MD5 checksum: 415598 0d112df8223bf8dd5f2ae4fc987e5176
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch1_s390.deb
Size/MD5 checksum: 1013276 1e1839d5776b6087882cf9d30c1c7aa6
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch1_s390.deb
Size/MD5 checksum: 1999702 7514ddb7ec1fe7097ba054bb11291428
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/o/openafs/libpam-openafs-kaserver_1.4.2-6etch1_sparc.deb
Size/MD5 checksum: 411794 d977f39c4d36d2e7fdcbb9e41be6d338
http://security.debian.org/pool/updates/main/o/openafs/openafs-fileserver_1.4.2-6etch1_sparc.deb
Size/MD5 checksum: 992738 426057a7bab8a91a496375f68bc87a5d
http://security.debian.org/pool/updates/main/o/openafs/openafs-client_1.4.2-6etch1_sparc.deb
Size/MD5 checksum: 2848950 ac726e21dc5fb911d260cb6f1a468cb6
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbg_1.4.2-6etch1_sparc.deb
Size/MD5 checksum: 1645308 c57a0e57768b24e335b25687a10c6713
http://security.debian.org/pool/updates/main/o/openafs/libopenafs-dev_1.4.2-6etch1_sparc.deb
Size/MD5 checksum: 2041582 c340c65e422ce37f01ccc90eecae6728
http://security.debian.org/pool/updates/main/o/openafs/openafs-dbserver_1.4.2-6etch1_sparc.deb
Size/MD5 checksum: 529396 b62edafb34cbcf1bffaae81eaf9371c8
http://security.debian.org/pool/updates/main/o/openafs/openafs-kpasswd_1.4.2-6etch1_sparc.deb
Size/MD5 checksum: 274194 9484352b3edb64cda69ab27e560438ca
http://security.debian.org/pool/updates/main/o/openafs/openafs-krb5_1.4.2-6etch1_sparc.deb
Size/MD5 checksum: 159066 9e5796fd4f3f8d14effab03d309d4465
补丁安装方法:
1. 手工安装补丁包:
首先,使用下面的命令来下载补丁软件:
# wget url (url是补丁下载链接地址)
然后,使用下面的命令来安装补丁:
# dpkg -i file.deb (file是相应的补丁名)
2. 使用apt-get自动安装补丁包:
首先,使用下面的命令更新内部数据库:
# apt-get update
然后,使用下面的命令安装更新软件包:
# apt-get upgrade
OpenAFS
-------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.openafs.org/release/latest.html
Gentoo
------
Gentoo已经为此发布了一个安全公告(GLSA-200801-04)以及相应补丁:
GLSA-200801-04:OpenAFS: Denial of Service
链接:http://security.gentoo.org/glsa/glsa-200801-04.xml
所有OpenAFS用户都应升级到最新版本:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-fs/openafs-1.4.6"
浏览次数:5998
严重程度:0(网友投票)
绿盟科技给您安全的保障