Bug 362101 - CVE-2007-3999 krb5 RPC library buffer overflow [Fdevel]
CVE-2007-3999 krb5 RPC library buffer overflow [Fdevel]
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: nfs-utils-lib (Show other bugs)
rawhide
All Linux
urgent Severity urgent
: ---
: ---
Assigned To: Steve Dickson
Fedora Extras Quality Assurance
: Security
Depends On:
Blocks: CVE-2007-3999
  Show dependency treegraph
 
Reported: 2007-11-01 12:40 EDT by Lubomir Kundrak
Modified: 2008-05-07 12:17 EDT (History)
1 user (show)

See Also:
Fixed In Version: nfs-utils-lib-1.1.0-4.fc9
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-07 12:17:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Lubomir Kundrak 2007-11-01 12:40:09 EDT
Fdevel tracking bug: see blocks bug list for full details of the security issue(s).



[bug automatically created by: add-tracking-bugs]
Comment 1 Lubomir Kundrak 2007-11-09 10:41:09 EST
What prevents you from doing an update? Do you need help? Otherwise please
prepare an update as soon as possible.
Comment 2 Steve Dickson 2008-01-24 14:35:42 EST
Fixed in nfs-utils-lib-1.1.1-2.fc9
Comment 3 Lubomir Kundrak 2008-04-08 15:59:58 EDT
Final Freeze is in effect now. Security fixes almost certainly warrant a freeze
break, so in case you build a fix for this, mail release engineering as
described here: [2]

[1] https://www.redhat.com/archives/fedora-devel-announce/2008-April/msg00007.html
[2] http://fedoraproject.org/wiki/ReleaseEngineering/FinalFreezePolicy

Thanks!
Comment 4 Tomas Hoger 2008-05-06 11:38:15 EDT
(In reply to comment #2)
> Fixed in nfs-utils-lib-1.1.1-2.fc9

Was that fixed upstream in 1.1.1?  If so, this can probably be closed, as
nfs-utils-lib-1.1.1-3.fc9 is already tagged f9-final.
Comment 5 Tomas Hoger 2008-05-07 12:17:15 EDT
This is fixed in nfs-utils-lib-1.1.0-4.fc9

Note You need to log in before you can comment on or make changes to this bug.