LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

January 2016

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA January 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Moderate: rpcbind on SL6.x, SL7.x i386/x86_64
From:	Pat Riehecky <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Thu, 7 Jan 2016 21:25:32 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (29 lines)

Synopsis:          Moderate: rpcbind security update

Advisory ID:       SLSA-2016:0005-1

Issue Date:        2016-01-07

CVE Numbers:       CVE-2015-7236

--



A use-after-free flaw related to the PMAP_CALLIT operation and TCP/UDP

connections was discovered in rpcbind. A remote attacker could possibly

exploit this flaw to crash the rpcbind service by performing a series of

UDP and TCP calls. (CVE-2015-7236)



If the rpcbind service is running, it will be automatically restarted

after installing this update.

--



SL6

  x86_64

    rpcbind-0.2.0-11.el6_7.x86_64.rpm

    rpcbind-debuginfo-0.2.0-11.el6_7.x86_64.rpm

  i386

    rpcbind-0.2.0-11.el6_7.i686.rpm

    rpcbind-debuginfo-0.2.0-11.el6_7.i686.rpm

SL7

  x86_64

    rpcbind-0.2.0-33.el7_2.x86_64.rpm

    rpcbind-debuginfo-0.2.0-33.el7_2.x86_64.rpm



- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV