OpenAFS Master Repository branch, master, updated. openafs-devel-1_5_76-4793-ge63c257

[Gerrit Code Review]

The following commit has been merged in the master branch:
commit c12b3fee2fabd92c57d92fc945d70acba9f53ab3
Author: Benjamin Kaduk <kaduk@mit.edu>
Date:   Mon Mar 14 23:15:20 2016 -0500

    OPENAFS-SA-2016-002 VldbListByAttributes information leak
    
    The VldbListByAttributes structure is used as an input to several
    RPCs; it contains a Mask field that controls
    which of the other fields will actually be read by the server
    during the RPC processing.  Unfortunately, the client only
    wrote to the fields indicated by the mask, leaving the other
    fields uninitialized for transmission on the wire, leaking
    some contents of client memory.
    
    Plug the information leak by zeroing the entire structure before use.
    
    FIXES 132847
    
    Change-Id: I14964e98a57ba6ef060c6e392497f1ebd3afe042

 src/bucoord/commands.c     |    1 +
 src/libadmin/vos/vsprocs.c |    1 +
 src/volser/vos.c           |    4 ++--
 src/volser/vsprocs.c       |    1 +
 4 files changed, 5 insertions(+), 2 deletions(-)

-- 
OpenAFS Master Repository