Bug 362101 - CVE-2007-3999 krb5 RPC library buffer overflow [Fdevel]
Summary: CVE-2007-3999 krb5 RPC library buffer overflow [Fdevel]
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: nfs-utils-lib
Version: rawhide
Hardware: All
OS: Linux
urgent
urgent
Target Milestone: ---
Assignee: Steve Dickson
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: CVE-2007-3999
TreeView+ depends on / blocked
 
Reported: 2007-11-01 16:40 UTC by Lubomir Kundrak
Modified: 2008-05-07 16:17 UTC (History)
1 user (show)

Fixed In Version: nfs-utils-lib-1.1.0-4.fc9
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-05-07 16:17:15 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Lubomir Kundrak 2007-11-01 16:40:09 UTC
Fdevel tracking bug: see blocks bug list for full details of the security issue(s).



[bug automatically created by: add-tracking-bugs]

Comment 1 Lubomir Kundrak 2007-11-09 15:41:09 UTC
What prevents you from doing an update? Do you need help? Otherwise please
prepare an update as soon as possible.

Comment 2 Steve Dickson 2008-01-24 19:35:42 UTC
Fixed in nfs-utils-lib-1.1.1-2.fc9

Comment 3 Lubomir Kundrak 2008-04-08 19:59:58 UTC
Final Freeze is in effect now. Security fixes almost certainly warrant a freeze
break, so in case you build a fix for this, mail release engineering as
described here: [2]

[1] https://www.redhat.com/archives/fedora-devel-announce/2008-April/msg00007.html
[2] http://fedoraproject.org/wiki/ReleaseEngineering/FinalFreezePolicy

Thanks!

Comment 4 Tomas Hoger 2008-05-06 15:38:15 UTC
(In reply to comment #2)
> Fixed in nfs-utils-lib-1.1.1-2.fc9

Was that fixed upstream in 1.1.1?  If so, this can probably be closed, as
nfs-utils-lib-1.1.1-3.fc9 is already tagged f9-final.

Comment 5 Tomas Hoger 2008-05-07 16:17:15 UTC
This is fixed in nfs-utils-lib-1.1.0-4.fc9


Note You need to log in before you can comment on or make changes to this bug.