subject:"\[OE\-core\] \[PATCH\] rpcbind\: Security Advisory \- rpcbind \- CVE\-2015\-7236"

Re: [OE-core] [PATCH] rpcbind: Security Advisory - rpcbind - CVE-2015-7236

2015-11-24 Thread akuster808

On 11/18/2015 02:50 PM, Burton, Ross wrote: > On 18 November 2015 at 01:44, akuster808 wrote: > >> Can we get the CVE mentioned in the patch or rename the the patch to >> include the CVE #. >> > > I'd already merged this into mut, so have renamed the patch. thanks. -

Re: [OE-core] [PATCH] rpcbind: Security Advisory - rpcbind - CVE-2015-7236

2015-11-18 Thread Burton, Ross

On 18 November 2015 at 01:44, akuster808 wrote: > Can we get the CVE mentioned in the patch or rename the the patch to > include the CVE #. > I'd already merged this into mut, so have renamed the patch. Ross -- ___

Re: [OE-core] [PATCH] rpcbind: Security Advisory - rpcbind - CVE-2015-7236

2015-11-17 Thread akuster808

Li Zhou, Can we get the CVE mentioned in the patch or rename the the patch to include the CVE #. regards, Armin On 11/16/2015 11:18 PM, wenzong@windriver.com wrote: > From: Li Zhou > > rpcbind: Fix memory corruption in PMAP_CALLIT code > > Use-after-free

[OE-core] [PATCH] rpcbind: Security Advisory - rpcbind - CVE-2015-7236

2015-11-16 Thread wenzong.fan

From: Li Zhou rpcbind: Fix memory corruption in PMAP_CALLIT code Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of service (daemon crash) via crafted packets, involving a PMAP_CALLIT