rpcbind-0.2.0-33.el7
エラータID: AXSA:2016-005:01
Release date:
Friday, January 8, 2016 - 00:46
Subject:
rpcbind-0.2.0-33.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
The rpcbind utility is a server that converts RPC program numbers into
universal addresses. It must be running on the host to be able to make
RPC calls on a server on that machine.
Security issues fixed with this release:
CVE-2015-7236
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in
rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of
service (daemon crash) via crafted packets, involving a PMAP_CALLIT
code.
Solution:
Update packages.
CVEs:
CVE-2015-7236
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT code.
Additional Info:
N/A
Download:
SRPMS
- rpcbind-0.2.0-33.el7.src.rpm
MD5: d5138052474b0fca302d23a3fae35ac0
SHA-256: 0b2296416af9fe38f1a265eda686eb1138791ec1778a7de1ed5ba2a0ab03a3e0
Size: 299.92 kB
Asianux Server 7 for x86_64
- rpcbind-0.2.0-33.el7.x86_64.rpm
MD5: 27b0a850825e797e4287a1425e216577
SHA-256: 501a0971da68aa0fe33887f0cb832c476bc90a7bf44c2eb9cf67e211b9ff74d3
Size: 56.54 kB
日本語