[Bug 356861] Re: OpenAFS Security Advisories 2009-001 and 2009-002
Evan Broder
broder at mit.edu
Thu Apr 16 15:20:03 UTC 2009
Here's a new patch for Dapper that includes the OPENAFS-SA-2007-001
patch. I don't have easy access to a Dapper machine (I have to install a
VM when I need one), so I don't know when I'll be able to test this, but
the added patch is pretty simple:
--- openafs-1.4.1.orig/src/afs/afs_cell.c
+++ openafs-1.4.1/src/afs/afs_cell.c
@@ -708,8 +708,7 @@
tc->vlport = AFS_VLPORT;
RWLOCK_INIT(&tc->lock, "cell lock");
newc = 1;
- if (afs_thiscell && !strcmp(acellName, afs_thiscell))
- aflags &= ~CNoSUID;
+ aflags |= CNoSUID;
}
ObtainWriteLock(&tc->lock, 688);
** Attachment removed: "openafs_1.4.1-2+ubuntu0.1.debdiff"
http://launchpadlibrarian.net/25468149/openafs_1.4.1-2%2Bubuntu0.1.debdiff
** Attachment added: "openafs_1.4.1-2+ubuntu0.1.debdiff"
http://launchpadlibrarian.net/25541052/openafs_1.4.1-2%2Bubuntu0.1.debdiff
--
OpenAFS Security Advisories 2009-001 and 2009-002
https://bugs.launchpad.net/bugs/356861
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list