[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5200-1] libtirpc security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5200-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
August 07, 2022                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : libtirpc
CVE ID         : CVE-2021-46828
Debian Bug     : 1015873

It was discovered that libtirpc, a transport-independent RPC library,
does not properly handle idle TCP connections. A remote attacker can
take advantage of this flaw to cause a denial of service.

For the stable distribution (bullseye), this problem has been fixed in
version 1.3.1-1+deb11u1.

We recommend that you upgrade your libtirpc packages.

For the detailed security status of libtirpc please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libtirpc

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmLvfYhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0TzrA/9Hjs/RCKrgdwxyekoBVFbps+p9oPpSzio0+zBLYRNooI/TfOZbTogNMIP
35hyPiZmPV05Lsscsc4QEQF8SnMLzks38WBv8UjvmMvBfSOwVgYyz2aK7p9vR12k
K5d9TAd1ZJIdLPrBkH+H6VFtWcLf53RRYcHCEyWiBPHynFfvCi9oqsSVYnsSAVIL
KGOQJiGhAyEvepmQfjlrS2f+JnzTUemmXvQqpp+W2LoJl2ZZ5LouHKSw/aryPrvc
/qp/UIWNKlepyiLCnmcMyxLSOViFTm4YexQtgJqGlQ2zQOv1F5GO/V5DIQvOmcrJ
o9UH8Vymj+IM72CK7IoUtEmiuLQ9pbixOZKEsd6wYo4HcEx9dEdRHp0fomoTG0Lf
CJo1jXJzM3pjFjZHw2ix1Ra1Qhw95xm11YLE19pNwZXazp0luR3drNIcAFLlGNIJ
uNyEBEzqf8vj9AzF+Efx4Ox4fF03zXs5JMhX1izDYHkAJbGzf2/LzUwkWT3VFrRD
tuJe11kO3fsxj84LT0Y8evT50/iAFHXuBO79I2HPXmTWoNe5qTo6dotHLAUp4RrT
c+yNQeSlF+rKEaRWETu3HzR9pTdg+94Qj64d/MwQh1BErtFLZve9VXrRusxx4hKf
/Bvl+iZevDpAhPL3Um1jONNQtDJwYhXkY78JXLqS3MMyXXWq6OU=
=ztqU
-----END PGP SIGNATURE-----
Reply to: