Login-Name Passwort


Sicherheit: Denial of Service in libtirpc
Aktuelle Meldungen Distributionen
Name: Denial of Service in libtirpc
ID: FEDORA-2017-44d0e642a4
Distribution: Fedora
Plattformen: Fedora 25
Datum: Sa, 20. Mai 2017, 08:38
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779


Fedora Update Notification
2017-05-19 13:16:01.267018

Name : libtirpc
Product : Fedora 25
Version : 1.0.1
Release : 4.rc3.fc25
URL : http://nfsv4.bullopensource.org/
Summary : Transport Independent RPC Library
Description :
This package contains SunLib's implementation of transport-independent
RPC (TI-RPC) documentation. This library forms a piece of the base of
Open Network Computing (ONC), and is derived directly from the
Solaris 2.3 source.

TI-RPC is an enhanced version of TS-RPC that requires the UNIX System V
Transport Layer Interface (TLI) or an equivalent X/Open Transport Interface
(XTI). TI-RPC is on-the-wire compatible with the TS-RPC, which is supported
by almost 70 vendors on all major operating systems. TS-RPC source code
(RPCSRC 4.0) remains available from several internet sites.

Update Information:

Fix for CVE-2017-8779

[ 1 ] Bug #1448127 - CVE-2017-8779 libtirpc: rpcbind: Unbounded maximum RPC
data size during memory allocation for XDR strings [fedora-all]

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade libtirpc' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Traut euch!
Neue Nachrichten