-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : openafs Version : 1.6.1-3+deb7u7 CVE ID : CVE-2016-9772
It was discovered that there was an information leak vulnerability in openafs, a distributed filesystem. Due to incomplete initialization or clearing of reused memory, OpenAFS directory objects are likely to contain 'dead' directory entry information. For Debian 7 "Wheezy", this issue has been fixed in openafs version 1.6.1-3+deb7u7. We recommend that you upgrade your openafs packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlhDSi4ACgkQHpU+J9Qx Hlh2jQ//eQj9nObvDPOJBXopYv0v1mn1DrC4Y8jFiGPwfm6gApbAjlqTowJADELO +NoCoHvJqvjbOFWstQ0Hfv3t3zJV4oIXM6+wFy1duqk+JDp7E2uOb09LAW+O7xfJ eCqgJ29UJw8zEUu+/tXujvcXh5dB2o5PVzosUQVaUUiJMw7/yA9erIhgP0vg1trE VJ1zz7PJrYkXGeat6GVM/0irUSA+2uGrVXS5GLi/GrEXhgfoPUKddmYKHXY/r5vF w2hXudKC8jwuY81qnuUW36iu82vI0OShPv4n6MJogV9X90kjFDUMVhC1XrikSzz6 uUIoqt8ItOapF91pvI0du5d0KSP7dXp3bpPb0g0j5mxLnnZohUiJVz8hH+ydvz0s iQQW2CQaPxirT9Nlc4/ObLK4SLWGHEPmY8aXLecUlyHuRcaKFMUjGJstqHwjXQB8 OfrulIUWLJ7ecfzCMVq/euUvexclVCsk8H7Q82fwxhUCvH3U8Q9qiMFjHoB4IaAX GwvHVnCldUIeF2rQKLBQDiMxlEtUQ96LyNmQJN0x8ai4LnILDCt/HmS6cj0Jayvw CovoXahOB0ThLqtxHUzJJ6iAF7SBb5y2P0EFw+NUuM79ttWDpBEDaQ4c8AtDxrwh NDf5ewogH09xVEmARqeTaCe9F1ff3eUc0Hv36tmMR0SW4lFZ+yc= =0Qku -----END PGP SIGNATURE-----