[ubuntu/focal-security] nbd 1:3.20-1ubuntu0.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Mar 14 10:50:40 UTC 2022

nbd (1:3.20-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: heap overflow via long name length
    - nbd-server.c: limit the size of a name length.
    - CVE-2022-26495
  * SECURITY UPDATE: buffer overflow in NBD_OPT_INFO/NBD_OPT_GO handling
    - nbd-server.c: use consume function instead of socket_read.
    - CVE-2022-26496

Date: 2022-03-10 14:10:19.888373+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list