[ubuntu/impish-security] nbd 1:3.21-1ubuntu0.1 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Mon Mar 14 10:50:39 UTC 2022

nbd (1:3.21-1ubuntu0.1) impish-security; urgency=medium

  * SECURITY UPDATE: heap overflow via long name length
    - nbd-server.c: limit the size of a name length.
    - CVE-2022-26495
  * SECURITY UPDATE: buffer overflow in NBD_OPT_INFO/NBD_OPT_GO handling
    - nbd-server.c: use consume function instead of socket_read.
    - CVE-2022-26496

Date: 2022-03-10 14:10:17.513114+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the impish-changes mailing list