[SECURITY] [DLA 223-1] nbd security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 223-1] nbd security update
From: Wouter Verhelst <wouter@debian.org>
Date: Sun, 17 May 2015 11:20:25 +0200
Message-id: <[🔎] 20150517092025.GA10891@grep.be>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

Package        : nbd
Version        : 1:2.9.16-8+squeeze2
CVE ID         : CVE-2015-0847
Debian Bug     : 784657

A vulnerability has been discovered in nbd-server, the server for the
Linux Network Block Device.

CVE-2015-0847

    Tuomas Räsänen discovered that unsafe signal handling is present in
    nbd-server. This vulnerability could be exploited by a remote client
    to cause a denial of service.

For the oldoldstable distribution (squeeze), these problems have been
fixed in version 1:2.9.16-8+squeeze2.

For the oldstable, stable, and testing distributions, these problems
will be fixed soon.

We recommend that you upgrade your nbd-server packages.

-- 
Wouter Verhelst

Attachment: signature.asc
Description: Digital signature

Reply to:

Prev by Date: [SECURITY] [DLA 221-1] tiff security update
Next by Date: [SECURITY] [DLA 224-1] ruby1.8 security update
Previous by thread: [SECURITY] [DLA 221-1] tiff security update
Next by thread: [SECURITY] [DLA 224-1] ruby1.8 security update
Index(es):
- Date
- Thread