[ubuntu/bionic-security] nbd 1:3.16.2-1ubuntu0.2 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Mar 14 10:50:41 UTC 2022

nbd (1:3.16.2-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: heap overflow via long name length
    - nbd-server.c: limit the size of a name length.
    - CVE-2022-26495
  * SECURITY UPDATE: buffer overflow in NBD_OPT_INFO/NBD_OPT_GO handling
    - nbd-server.c: use consume function instead of socket_read.
    - CVE-2022-26496

Date: 2022-03-10 14:25:11.416706+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list