Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 591
Alerts This Week
Warning Icon 1 591

Scientific Linux: 2013-0884-1 Moderate: libtirpc Buffer Allocation Issue

Scientific Large Esm H446
Moderate: libtirpc security update
Date: Thu, 30 May 2013 19:45:42 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: libtirpc on SL6.x i386/srpm/x86_64
MIME-Version: 1.0

Synopsis: Moderate: libtirpc security update
Advisory ID: SLSA-2013:0884-1
Issue Date: 2013-05-30
CVE Numbers: CVE-2013-1950
--

A flaw was found in the way libtirpc decoded RPC requests. A specially-
crafted RPC request could cause libtirpc to attempt to free a buffer
provided by an application using the library, even when the buffer was not
dynamically allocated. This could cause an application using libtirpc,
such as rpcbind, to crash. (CVE-2013-1950)

All running applications using libtirpc must be restarted for the update
to take effect.
--

SL6
 x86_64
 libtirpc-0.2.1-6.el6_4.x86_64.rpm
 libtirpc-devel-0.2.1-6.el6_4.x86_64.rpm
 libtirpc-devel-0.2.1-6.el6_4.i686.rpm
 libtirpc-0.2.1-6.el6_4.i686.rpm
 libtirpc-debuginfo-0.2.1-6.el6_4.i686.rpm
 libtirpc-debuginfo-0.2.1-6.el6_4.x86_64.rpm
 i386
 libtirpc-devel-0.2.1-6.el6_4.i686.rpm
 libtirpc-0.2.1-6.el6_4.i686.rpm
 libtirpc-debuginfo-0.2.1-6.el6_4.i686.rpm
 srpm
 libtirpc-0.2.1-6.el6_4.src.rpm
 noarch
 libtirpc-debuginfo-0.2.1-6.el6_4.i686.rpm
 libtirpc-debuginfo-0.2.1-6.el6_4.x86_64.rpm

- Scientific Linux Development Team