[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 936-1] libtirpc security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : libtirpc
Version        : 0.2.2-5+deb7u1
CVE ID         : CVE-2017-8779
Debian Bug     : 861834

Guido Vranken discovered that incorrect memory management in libtirpc,
a transport-independent RPC library used by rpcbind and other programs
may result in denial of service via memory exhaustion (depending on
memory management settings).

For Debian 7 "Wheezy", these problems have been fixed in version
0.2.2-5+deb7u1.

We recommend that you upgrade your libtirpc packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlkTAGBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeSFthAAyYiIUXPnVfgl29irsY58aFbReIAfy8bYsqE2Fe53vWrxPLbBQH9Lu/Ur
uzfc3AOWtWfu8asgvHRpZJRRCPiKZh6FP+yYQebPVbbdzMwYWfylq/07aZm873NU
+rGPJtvklH0WkDig+DMz3AutdjQufhVurhxPSr/LMKP8EEn6Lk1DeQcUWLltyWZE
FhikOnkNC7V80mrGnHADhG32EbxgzjWv2sQrB4or2U3BbHmFSWtyW4vgC151WbcO
BIYMVhpXA4OP+teHeGAnQ5P+MI4LUxjsFljy6z5U6PbxvQAN/mnIxfnhk8+JNhJw
UTXodeXNH+sn2FkeQOHVqAP1Z/4lz4XEOAsJ+B4g64fUq80oQdXjWhCRITsDDhn8
BjsrFIEw6T8t2hgz1LsFWJNaJkk4jIpiaNzbOBPIIf8BXQxPGJG6tRgRW7pDV5+M
QoaAUVy3hKtQfX6A5bB/mjZD+oPDwhEcEcHQbPLVljcmviYZVewesPcmKMQv6ElY
6WgG/0A4cxVOjrCfzRJjr9bDB624PoBSPaB5frTo+hf1o4Uh6emPfwqUkUhVX2Gx
3otfXdS3e59m30PRX7ALaKT+9hg7BB6S8yNsHTNPXy6o0qZg9E63upAWxz4/JvPD
LRyTMtO5OT9NAwGIJprJU6D9FstQQ9bIyYnzWSxP6cUll9nVL+M=
=cSAi
-----END PGP SIGNATURE-----


Reply to: