Debian 9844 Published by

Updated openafs packages has been released for Debian 7 LTS



Package : openafs
Version : 1.6.1-3+deb7u7
CVE ID : CVE-2016-9772

It was discovered that there was an information leak vulnerability in
openafs, a distributed filesystem.

Due to incomplete initialization or clearing of reused memory, OpenAFS
directory objects are likely to contain 'dead' directory entry
information.

For Debian 7 "Wheezy", this issue has been fixed in openafs version
1.6.1-3+deb7u7.

We recommend that you upgrade your openafs packages.