Version in base suite: 1.3.81-3sarge2
Version in overlay suite: 1.3.81-3sarge3

Base version: openafs_1.3.81-3sarge2
Target version: openafs_1.3.81-3sarge3
Base file: /org/ftp.debian.org/ftp/pool/main/o/openafs/openafs_1.3.81-3sarge2.dsc
Target file: /org/ftp.debian.org/ftp/pool/main/o/openafs/openafs_1.3.81-3sarge3.dsc

diff -u openafs-1.3.81/debian/changelog openafs-1.3.81/debian/changelog
--- openafs-1.3.81/debian/changelog
+++ openafs-1.3.81/debian/changelog
@@ -1,3 +1,9 @@
+openafs (1.3.81-3sarge3) oldstable-security; urgency=high
+
+  * upload by the security team to fix CVE-2007-6599 (OpenAFS SA-2007-003)
+
+ -- Noah Meyerhans <noahm@debian.org>  Mon, 07 Jan 2008 22:10:51 -0500
+
 openafs (1.3.81-3sarge2) stable-security; urgency=high
 
   * Non-maintainer upload by the Security Team.
only in patch2:
unchanged:
--- openafs-1.3.81.orig/src/viced/host.c
+++ openafs-1.3.81/src/viced/host.c
@@ -1092,6 +1092,7 @@
 		     host->interface ? uuid2 : ""));
 
 	    /* The host in the cache is not the host for this connection */
+	    h_Lock_r(host);
 	    host->hostFlags |= HOSTDELETED;
 	    h_Unlock_r(host);
 	    if (!held)
only in patch2:
unchanged:
--- openafs-1.3.81.orig/src/viced/afsfileprocs.c
+++ openafs-1.3.81/src/viced/afsfileprocs.c
@@ -5877,7 +5877,9 @@
 		 (tcon->peer ? tcon->peer->host : 0)));
 	errorCode = GetClient(tcon, &client);
 	if (!errorCode)
+	    H_LOCK;
 	    DeleteAllCallBacks_r(client->host, 1);
+	    H_UNLOCK;
     } else {
 	if (FidArray->AFSCBFids_len < CallBackArray->AFSCBs_len) {
 	    ViceLog(0,