SUSE-SU-2017:1306-1

UNKNOWN

Security update for libtirpc

Published May 16, 2017

Modified 8 years ago

Fix available

Details

This update for libtirpc fixes the following issues:

CVE-2017-8779: crafted UDP packaged could lead rpcbind to denial-of-service (bsc#1037559)

Affected Packages

libtirpc

SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server for SAP Applications 12 SP1SUSE Linux Enterprise Software Development Kit 12 SP1

Fixed in:

0.2.3-13.3.1

libtirpc1

SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server for SAP Applications 12 SP1

Fixed in:

0.2.3-13.3.1

libtirpc1-32bit

SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Server 12 SP1SUSE Linux Enterprise Server for SAP Applications 12 SP1

Fixed in:

0.2.3-13.3.1

libtirpc-devel

SUSE Linux Enterprise Software Development Kit 12 SP1

Fixed in:

0.2.3-13.3.1

References

REPORT

https://bugzilla.suse.com/1037559

WEB

https://www.suse.com/security/cve/CVE-2017-8779

ADVISORY

https://www.suse.com/support/update/announcement/2017/suse-su-20171306-1/

Upstream

CVE-2017-8779

Ecosystems

SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP1

Timeline

PublishedMay 16, 2017

ModifiedMay 16, 2017