OpenAFS Master Repository branch, openafs-stable-1_6_x, updated. openafs-stable-1_6_23-74-ge654f63

Gerrit Code Review gerrit@openafs.org
Fri, 14 Sep 2018 09:13:45 -0400


The following commit has been merged in the openafs-stable-1_6_x branch:
commit 973bba24a6d2f419680873f4133dbad8cd37ce9f
Author: Mark Vitale <mvitale@sinenomine.net>
Date:   Tue Jun 26 05:26:21 2018 -0400

    OPENAFS-SA-2018-002 kaserver: prevent KAM_ListEntry information leak
    
    KAM_ListEntry (kas list) does not initialize its output correctly.  It
    leaks kaserver memory contents over the wire:
    
    struct kaindex
    - up to 64 bytes for member name
    - up to 64 bytes for member instance
    
    Initialize the buffer.
    
    [kaduk@mit.edu: move initialization to top of server routine]
    
    (cherry picked from commit b604ee7add7be416bf20973422a041e913d20761)
    
    (cherry picked from commit c912830e9c82d91bccf85018ef1e6a75edc410c4)
    
    (cherry picked from commit 04fb009f15b75aca8e62675972ce23526a62ba80)
    
    Change-Id: I613b1f46b913d4208bac15eb92274127da14e9c9

 src/kauth/kaprocs.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

-- 
OpenAFS Master Repository