rpcbind 0.2.3-0.6ubuntu0.18.04.2 source package in Ubuntu

Changelog

rpcbind (0.2.3-0.6ubuntu0.18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: DoS via memory consumption (LP: #1925280)
    - debian/patches/CVE-2017-8779.patch: pair all svc_getargs() calls with
      svc_freeargs() to avoid memory leak in src/pmap_svc.c,
      src/rpcb_svc.c, src/rpcb_svc_4.c, src/rpcb_svc_com.c.
    - debian/patches/CVE-2017-8779-2.patch: fix building without
      --enable-debug in src/pmap_svc.c.
    - The patch included in 0.2.3-0.6 did not correctly fix this issue.
    - CVE-2017-8779

 -- Marc Deslauriers <email address hidden>  Tue, 08 Jun 2021 09:03:58 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2021-06-08
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
net
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
rpcbind_0.2.3.orig.tar.bz2 118.5 KiB 9897823a9d820ea011d9ea02054d5ab99469b9ca5346265fee380713c8fed27b
rpcbind_0.2.3-0.6ubuntu0.18.04.2.debian.tar.xz 16.1 KiB 96d7569058c80d59d6c2c410fa6ec2c9608fe55d29912202b6464f093b2c478e
rpcbind_0.2.3-0.6ubuntu0.18.04.2.dsc 2.0 KiB 32b16a191d12011bbc34140d5539d09af66cc6c0b5599dbe7838de14ec9d1ff3

View changes file

Binary packages built by this source

rpcbind: converts RPC program numbers into universal addresses

 The rpcbind utility is a server that converts RPC program numbers
 into universal addresses.

rpcbind-dbgsym: debug symbols for rpcbind