[ubuntu/focal-security] nbd 1:3.20-1ubuntu0.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Mar 14 10:50:40 UTC 2022
nbd (1:3.20-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: heap overflow via long name length
- nbd-server.c: limit the size of a name length.
- CVE-2022-26495
* SECURITY UPDATE: buffer overflow in NBD_OPT_INFO/NBD_OPT_GO handling
- nbd-server.c: use consume function instead of socket_read.
- CVE-2022-26496
Date: 2022-03-10 14:10:19.888373+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/nbd/1:3.20-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list