Upstream has issued advisories on September 11: https://openafs.org/pages/security/OPENAFS-SA-2018-001.txt https://openafs.org/pages/security/OPENAFS-SA-2018-002.txt https://openafs.org/pages/security/OPENAFS-SA-2018-003.txt The issues are fixed upstream in 1.6.23 and 1.8.2: http://openafs.org/dl/openafs/1.6.23/RELNOTES-1.6.23 http://openafs.org/dl/openafs/1.8.2/RELNOTES-1.8.2 Debian has issued an advisory for this on September 23: https://www.debian.org/security/2018/dsa-4302 Mageia 6 is also affected.
Whiteboard: (none) => MGA6TOO
Assigning to all packagers collectively, since there is no registered maintainer for this package. Also CC'ing some committers.
CC: (none) => geiger.david68210, marja11, smelror, tmbAssignee: bugsquad => pkg-bugs
Fixed in openafs-1.8.2-1.mga7 in Cauldron.
Version: Cauldron => 6Whiteboard: MGA6TOO => (none)
Advisory: ======================== Updated openafs packages fix security vulnerabilities: Jeffrey Altman reported that the backup tape controller (butc) process does accept incoming RPCs but does not require (or allow for) authentication of those RPCs, allowing an unauthenticated attacker to perform volume operations with administrator credentials (CVE-2018-16947). Mark Vitale reported that several RPC server routines do not fully initialize output variables, leaking memory contents (from both the stack and the heap) to the remote caller for otherwise-successful RPCs (CVE-2018-16948). Mark Vitale reported that an unauthenticated attacker can consume large amounts of server memory and network bandwidth via specially crafted requests, resulting in denial of service to legitimate clients (CVE-2018-16949). References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16947 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16948 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16949 https://openafs.org/pages/security/OPENAFS-SA-2018-001.txt https://openafs.org/pages/security/OPENAFS-SA-2018-002.txt https://openafs.org/pages/security/OPENAFS-SA-2018-003.txt http://openafs.org/dl/openafs/1.6.23/RELNOTES-1.6.23 https://www.debian.org/security/2018/dsa-4302 ======================== Updated packages in core/updates_testing: ======================== openafs-1.6.23-1.mga6 openafs-client-1.6.23-1.mga6 openafs-server-1.6.23-1.mga6 libopenafs1-1.6.23-1.mga6 libopenafs-devel-1.6.23-1.mga6 libopenafs-static-devel-1.6.23-1.mga6 dkms-libafs-1.6.23-1.mga6 openafs-doc-1.6.23-1.mga6 from openafs-1.6.23-1.mga6.src.rpm
Assignee: pkg-bugs => qa-bugs
MGA6-32 MATE on IBM Thinkpad R50e No installation issues Ref bug 22209 fot tests At CLI: # afsio help afsio: Commands are: append append to a file in AFS apropos search by help text fidappend append to a file in AFS fidlock lock by FID a file from AFS fidread read on a non AFS-client a file from AFS fidunlock unlock by FID a file from AFS etc .... # cmdebug -help Usage: cmdebug -servers <server machine> [-port <IP port>] [-long] [-refcounts] [-callbacks] [-ctime] [-addrs] [-cache] [-cellservdb] [-help] Where: -long print all info -refcounts print only cache entries with positive reference counts -callbacks print only cache entries with callbacks -ctime print human readable expiration time -addrs print only host interfaces -cache print only cache configuration -cellservdb print only cellservdb info # systemctl -l start openafs-server # systemctl -l status openafs-server ● openafs-server.service - OpenAFS Server Service Loaded: loaded (/usr/lib/systemd/system/openafs-server.service; enabled; vendor preset: enab Active: active (running) since ma 2019-01-07 14:29:57 CET; 22s ago Main PID: 17746 (bosserver) CGroup: /system.slice/openafs-server.service └─17746 /usr/sbin/bosserver -nofork opened 7100/udp as indicated in bug 22209, and then # systemctl start openafs-client # systemctl -l status openafs-client ● openafs-client.service - OpenAFS Client Service Loaded: loaded (/usr/lib/systemd/system/openafs-client.service; enabled; vendor preset: enab Active: active (running) since ma 2019-01-07 14:32:42 CET; 22s ago Process: 18723 ExecStart=/sbin/afsd $AFSD_ARGS (code=exited, status=0/SUCCESS) Process: 18719 ExecStartPre=/sbin/modprobe libafs (code=exited, status=0/SUCCESS) Process: 18716 ExecStartPre=/bin/chmod 0644 /etc/openafs/CellServDB (code=exited, status=0/SU Process: 18713 ExecStartPre=/bin/sed -n w/etc/openafs/CellServDB /etc/openafs/CellServDB.loca Main PID: 18729 (afsd) CGroup: /system.slice/openafs-client.service └─18729 /sbin/afsd -dynroot -fakestat -afsdb jan 07 14:32:40 mach6.hviaene.thuis systemd[1]: Starting OpenAFS Client Service... jan 07 14:32:41 mach6.hviaene.thuis afsd[18723]: afsd: All AFS daemons started. jan 07 14:32:41 mach6.hviaene.thuis afsd[18723]: afsd: All AFS daemons started. jan 07 14:32:42 mach6.hviaene.thuis systemd[1]: Started OpenAFS Client Service. # ls /afs acm-csuf.org/ hep.man.ac.uk/ nucleares.unam.mx/ acm.jhu.edu/ hep.sc.edu/ numenor.mit.edu/ and a lot more ..... # cd /etc/openafs # ll totaal 96 -rw-r--r-- 1 root root 10 jan 7 14:29 bosserver.rxbind -rw-r--r-- 1 root root 31 jan 1 19:23 cacheinfo -rw-r--r-- 1 root root 37197 jan 7 14:32 CellServDB -rw-r--r-- 1 root root 37197 jan 1 19:23 CellServDB.dist -rw-r--r-- 1 root root 0 jan 7 14:26 CellServDB.local drwxr-xr-x 2 root root 4096 jan 7 14:29 server/ -rw-r--r-- 1 root root 12 jan 1 19:23 ThisCell # wget http://dl.central.org/dl/cellservdb/CellServDB --2019-01-07 14:36:08-- http://dl.central.org/dl/cellservdb/CellServDB Herleiden van dl.central.org... 128.2.13.212 Verbinding maken met dl.central.org|128.2.13.212|:80... verbonden. HTTP-verzoek is verzonden; wachten op antwoord... 200 OK Lengte: 36955 (36K) Wordt opgeslagen als: ‘CellServDB.1’ CellServDB.1 100%[==============================>] 36,09K --.-KB/s in 0,1s 2019-01-07 14:36:08 (329 KB/s) - '‘CellServDB.1’' opgeslagen [36955/36955] # echo grand.central.org > /etc/openafs/ThisCell [root@mach6 openafs]# df /var/cache/openafs Bestandssysteem Grootte Gebruikt Besch Geb% Aangekoppeld op /dev/sda1 20G 18G 287M 99% / [root@mach6 openafs]# df -h | grep -i afs AFS 2,0T 0 2,0T 0% /afs [root@mach6 openafs]# df -h | grep sda16 [root@mach6 openafs]# df -h | grep sda1 /dev/sda1 20G 18G 287M 99% / Did not go any further as the file system is really very full, but apparently iy works.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA6-32-OK
Thank you Herman. Advisoried & validating.
Keywords: (none) => advisory, validated_updateCC: (none) => lewyssmith, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0021.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED