http://www.openafs.org/pages/security/OPENAFS-SA-2016-001.txt CVE-2016-2860 - http://www.openafs.org/pages/security/OPENAFS-SA-2016-002.txt CVE-2015-8312 - https://www.openafs.org/dl/1.6.16/RELNOTES-1.6.16
I hope to have time to pull in 1.6.18 soon, which includes those fixes.
vuxml entry in the meantime as a heads up?
(In reply to Sevan Janiyan from comment #0) CVE-2016-4536 - http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4536
Diff to update the port to 1.6.18 is at https://people.freebsd.org/~bjk/openafs-1.6.18.diff
A commit references this bug: Author: bjk Date: Fri May 27 00:05:07 UTC 2016 New revision: 415920 URL: https://svnweb.freebsd.org/changeset/ports/415920 Log: Update net/openafs to upstream 1.6.18 This includes the changes in 1.6.17, a security release. PR: 209534 Approved by: mat (ports committer) Security: CVE-2016-2860 Changes: head/net/openafs/Makefile head/net/openafs/distinfo
A commit references this bug: Author: junovitch Date: Sun Jun 5 18:04:12 UTC 2016 New revision: 416410 URL: https://svnweb.freebsd.org/changeset/ports/416410 Log: Document OpenAFS vulnerabilities in 1.6.16 and 1.6.17 PR: 209534 Reported by: Sevan Janiyan <venture37@geeklan.co.uk> Security: CVE-2015-8312 Security: CVE-2016-2860 Security: CVE-2016-4536 Security: https://vuxml.FreeBSD.org/freebsd/2e8fe57e-2b46-11e6-ae88-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/bcbd3fe0-2b46-11e6-ae88-002590263bf5.html Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: junovitch Date: Sun Jun 5 18:05:46 UTC 2016 New revision: 416411 URL: https://svnweb.freebsd.org/changeset/ports/416411 Log: MFH: r415920 Update net/openafs to upstream 1.6.18 This includes the changes in 1.6.17, a security release. PR: 209534 Reported by: Sevan Janiyan <venture37@geeklan.co.uk> Security: CVE-2015-8312 Security: CVE-2016-2860 Security: CVE-2016-4536 Security: https://vuxml.FreeBSD.org/freebsd/2e8fe57e-2b46-11e6-ae88-002590263bf5.html Security: https://vuxml.FreeBSD.org/freebsd/bcbd3fe0-2b46-11e6-ae88-002590263bf5.html Approved by: ports-secteam (with hat) Changes: _U branches/2016Q2/ branches/2016Q2/net/openafs/Makefile branches/2016Q2/net/openafs/distinfo
bjk@, please don't forget the MFH: tag on the next security update.