CVE-2015-3283

Publication date 12 August 2015

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

Description

OpenAFS before 1.6.13 allows remote attackers to spoof bos commands via unspecified vectors.

Read the notes from the security team

Status

Package Ubuntu Release Status
openafs 15.10 wily
Not affected
15.04 vivid Ignored end of life
14.04 LTS trusty
Fixed 1.6.7-1ubuntu1.1
12.04 LTS precise
Fixed 1.6.1-1+ubuntu0.6

Notes

seth-arnold

The patch forces encryption; this likely requires coordinated update on all nodes in a network.

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
openafs

References

Other references