[Oraclevm-errata] OVMSA-2017-0108 Important: Oracle VM 3.3 libtirpc security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed May 24 09:24:11 PDT 2017


Oracle VM Security Advisory OVMSA-2017-0108

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
libtirpc-0.2.1-13.el6_9.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/libtirpc-0.2.1-13.el6_9.src.rpm



Description of changes:

[0.2.1-13_9]
- Fix for CVE-2017-8779 (bz 1449458)

[0.2.1-13]
- tirpc: fix taddr2uaddr for AF_LOCAL (bz 1285144)

[0.2.1-12]
- clnt_vc_create: Do not hold a global mutex during connect (bz 1332520)

[0.2.1-11]
- Backported upstream debugging (bz 1273158)
- Fixed memory leak in svc_vc_create (bz 1276687)
- Fixed memory leak in svc_tli_create (bz 1276855)
- Fixed memory leak in __svc_vc_dodestroy (bz 1276856)

[0.2.1-10]
- xdr_rejected_reply: Don't crash with invalid server rejection (bz 982064)

[0.2.1-9]
- Fixed overrun in svcauth_gss_validate() (bz 1056809)

[0.2.1-8]
- Added authgss_free_private_data call (bz 1082807)

[0.2.1-7]
- Fixed some races in getnetconfig code (bz 1031498)
- Remove the installation of libtirpc.a and libtirpc.la (bz 869397)




More information about the Oraclevm-errata mailing list