SCIENTIFIC-LINUX-ERRATA Archives

May 2013

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security ERRATA Moderate: libtirpc on SL6.x i386/srpm/x86_64
From:
Pat Riehecky <[log in to unmask]>
Reply To:
[log in to unmask]
Date:
Thu, 30 May 2013 19:45:42 +0000
Content-Type:
text/plain
Parts/Attachments:
text/plain (36 lines) 
Synopsis:          Moderate: libtirpc security update
Advisory ID:       SLSA-2013:0884-1
Issue Date:        2013-05-30
CVE Numbers:       CVE-2013-1950
--

A flaw was found in the way libtirpc decoded RPC requests. A specially-
crafted RPC request could cause libtirpc to attempt to free a buffer
provided by an application using the library, even when the buffer was not
dynamically allocated. This could cause an application using libtirpc,
such as rpcbind, to crash. (CVE-2013-1950)

All running applications using libtirpc must be restarted for the update
to take effect.
--

SL6
  x86_64
    libtirpc-0.2.1-6.el6_4.x86_64.rpm
    libtirpc-devel-0.2.1-6.el6_4.x86_64.rpm
    libtirpc-devel-0.2.1-6.el6_4.i686.rpm
    libtirpc-0.2.1-6.el6_4.i686.rpm
    libtirpc-debuginfo-0.2.1-6.el6_4.i686.rpm
    libtirpc-debuginfo-0.2.1-6.el6_4.x86_64.rpm
  i386
    libtirpc-devel-0.2.1-6.el6_4.i686.rpm
    libtirpc-0.2.1-6.el6_4.i686.rpm
    libtirpc-debuginfo-0.2.1-6.el6_4.i686.rpm
  srpm
    libtirpc-0.2.1-6.el6_4.src.rpm
  noarch
    libtirpc-debuginfo-0.2.1-6.el6_4.i686.rpm
    libtirpc-debuginfo-0.2.1-6.el6_4.x86_64.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2