On 11/18/2015 02:50 PM, Burton, Ross wrote:
> On 18 November 2015 at 01:44, akuster808 wrote:
>
>> Can we get the CVE mentioned in the patch or rename the the patch to
>> include the CVE #.
>>
>
> I'd already merged this into mut, so have renamed the patch.
thanks.
-
On 18 November 2015 at 01:44, akuster808 wrote:
> Can we get the CVE mentioned in the patch or rename the the patch to
> include the CVE #.
>
I'd already merged this into mut, so have renamed the patch.
Ross
--
___
Li Zhou,
Can we get the CVE mentioned in the patch or rename the the patch to
include the CVE #.
regards,
Armin
On 11/16/2015 11:18 PM, wenzong@windriver.com wrote:
> From: Li Zhou
>
> rpcbind: Fix memory corruption in PMAP_CALLIT code
>
> Use-after-free
From: Li Zhou
rpcbind: Fix memory corruption in PMAP_CALLIT code
Use-after-free vulnerability in xprt_set_caller in rpcb_svc_com.c in
rpcbind 0.2.1 and earlier allows remote attackers to cause a denial of
service (daemon crash) via crafted packets, involving a PMAP_CALLIT