[OpenAFS-devel] Re: CVE-2011-0430 and CVE-2011-0431
Andrew Deason
adeason@sinenomine.net
Tue, 22 Feb 2011 12:53:17 -0600
On Tue, 22 Feb 2011 13:50:26 -0500
Jack Neely <jjneely@pams.ncsu.edu> wrote:
> Folks,
>
> I've just come across CVE-2011-0430 and CVE-2011-0431 both against
> OpenAFS 1.4.14. Both CVEs site 1.4.14 as affected, but as far as I can
> tell these issues were fixed in the 1.4.14 upstream release.
>
> Can anyone confirm if those bugs have been corrected in 1.4.14?
The CVEs are incorrect; both issues were fixed in 1.4.14. An official
announcement from openafs.org about these issues will hopefully be
available soon.
--
Andrew Deason
adeason@sinenomine.net