You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34 lines
1.7 KiB
34 lines
1.7 KiB
User-Visible OpenAFS Changes |
|
|
|
OpenAFS 1.8.2 |
|
|
|
All platforms |
|
|
|
* Fix OPENAFS-SA-2018-002: information leakage in RPC output variables |
|
Various RPC routines did not always initialize all output fields, |
|
exposing memory contents to network attackers. The relevant RPCs include |
|
an AFSCB_ RPC, so cache managers are affected as well as servers. |
|
|
|
All server platforms |
|
|
|
* Fix OPENAFS-SA-2018-003: denial of service due to excess resource consumption |
|
Various RPCs were defined as allowing unbounded arrays as input, allowing |
|
an unauthenticated attacker to cause excess memory allocation and tie up |
|
network bandwidth by sending (or claiming to send) large input arrays. |
|
|
|
* Fix OPENAFS-SA-2018-001: unauthenticated volume operations via butc |
|
On systems using the in-tree backup system, the butc process was running |
|
with administrative credentials, but accepted incoming RPCs over |
|
unauthenticated connections; these incoming RPCs in turn triggered |
|
outgoing RPCs using the administrative credentials. Unauthenticated |
|
attackers could construct volue dumps containing arbitrary contents |
|
and cause these dumps to be restored and overwrite arbitrary volume |
|
contents; afterward, the backup database could be restored to its |
|
initial state, hiding evidence of the unauthorized changes. |
|
|
|
Running butc with -localauth now requires authenticated incoming |
|
connections, and the backup utility makes authenticated connections to |
|
the butc. Audit capabilities have been added to the butc RPC handlers. |
|
Command-line arguments are provided to retain the (insecure) historical |
|
behavior until all systems have been upgraded. |
|
|
|
|