Описание
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| openafs | fixed | 1.8.5-1 | package | |
| openafs | no-dsa | buster | package | |
| openafs | no-dsa | stretch | package |
Примечания
http://openafs.org/pages/security/OPENAFS-SA-2019-002.txt
https://www.openafs.org/pages/security/openafs-sa-2019-002-stable16.patch (openafs-stable-1_6_24)
https://www.openafs.org/pages/security/openafs-sa-2019-002-stable18.patch (openafs-stable-1_8_5)
EPSS
Связанные уязвимости
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.
OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an information disclosure vulnerability because uninitialized scalars are sent over the network to a peer.
EPSS