[OpenAFS] Re: GiveUpAllCallBacks callers
Andrew Deason
adeason@sinenomine.net
Mon, 13 Dec 2010 15:18:25 -0600
On Mon, 13 Dec 2010 15:51:21 -0500
Jeffrey Altman <jaltman@secure-endpoints.com> wrote:
> 3. A security advisory was published on 20-Dec-2007
> http://www.openafs.org/pages/security/OPENAFS-SA-2007-003.txt
> The affected servers are versions:
>
> OpenAFS 1.3.50 - 1.4.5, OpenAFS 1.5.0 - 1.5.27
And if anyone reading this is running fileservers in this range, please
say something!
Speaking only for myself personally, I support the change that Derrick
mentions and am not going to expend much effort in mitigating fallout,
but part of the reason is that I'm not aware of any publicly-accessible
fileservers running the affected versions. If there is anyone reading
this that is running these fileserver versions and somehow has a good
reason to not upgrade, that might change my opinion, so please speak up.
--
Andrew Deason
adeason@sinenomine.net