Denial of Service in rpcbind
ID: | FEDORA-2015-9eee2fbc78 |
Distribution: | Fedora |
Plattformen: | Fedora 22 |
Datum: | Do, 19. November 2015, 14:36 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7236 |
Applikationen: | rpcbind |
Originalnachricht |
|
Name : rpcbind Product : Fedora 22 Version : 0.2.3 Release : 0.3.fc22 URL : http://nfsv4.bullopensource.org Summary : Universal Addresses to RPC Program Number Mapper Description : The rpcbind utility is a server that converts RPC program numbers into universal addresses. It must be running on the host to be able to make RPC calls on a server on that machine. -------------------------------------------------------------------------------- Update Information: rpcbind-0.2.3-0.4.fc23 - Fixed Seg fault in PMAP_CALLIT code (bz1264351) rpcbind-0.2.3-0.3.fc22 - Fixed Seg fault in PMAP_CALLIT code (bz 1264351) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1159941 - Add nss-altfiles to rpcbind user lookup path https://bugzilla.redhat.com/show_bug.cgi?id=1159941 [ 2 ] Bug #1264351 - CVE-2015-7236 rpcbind: Use-after-free vulnerability in PMAP_CALLIT [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1264351 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update rpcbind' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce |