[Oraclevm-errata] OVMSA-2017-0108 Important: Oracle VM 3.3 libtirpc security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Wed May 24 09:24:11 PDT 2017
Oracle VM Security Advisory OVMSA-2017-0108
The following updated rpms for Oracle VM 3.3 have been uploaded to the
Unbreakable Linux Network:
x86_64:
libtirpc-0.2.1-13.el6_9.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/libtirpc-0.2.1-13.el6_9.src.rpm
Description of changes:
[0.2.1-13_9]
- Fix for CVE-2017-8779 (bz 1449458)
[0.2.1-13]
- tirpc: fix taddr2uaddr for AF_LOCAL (bz 1285144)
[0.2.1-12]
- clnt_vc_create: Do not hold a global mutex during connect (bz 1332520)
[0.2.1-11]
- Backported upstream debugging (bz 1273158)
- Fixed memory leak in svc_vc_create (bz 1276687)
- Fixed memory leak in svc_tli_create (bz 1276855)
- Fixed memory leak in __svc_vc_dodestroy (bz 1276856)
[0.2.1-10]
- xdr_rejected_reply: Don't crash with invalid server rejection (bz 982064)
[0.2.1-9]
- Fixed overrun in svcauth_gss_validate() (bz 1056809)
[0.2.1-8]
- Added authgss_free_private_data call (bz 1082807)
[0.2.1-7]
- Fixed some races in getnetconfig code (bz 1031498)
- Remove the installation of libtirpc.a and libtirpc.la (bz 869397)
More information about the Oraclevm-errata
mailing list