obsolete

nfs-utils-1.3.1-2.1.fc21

FEDORA-2014-15038 created by steved 8 years ago for Fedora 21

commit e4569a0961ff9f059b9ae71327d291cf95399597 Author: Bodo Stroesser bstroesser@ts.fujitsu.com Date: Wed Nov 12 09:43:29 2014 -0500

rpc.mountd: set libtirpc nonblocking mode to avoid DOS

In works fine in that it  removes the vulnerability against 
a DOS attack. rpc.mountd can be blocked by a bad client, 
that sends many RPC requests  but never reads the responses. 
This might happen intentionally or caused by a wrong network 
config (MTU). The patch switches on the nonblocking mode of 
libtirpc. In that mode writes can block for a max of 2  
seconds. Attackers are forced to send requests slower, as 
libtirpc will close a connection if it finds two requests to 
read at the same time.

This update has been submitted for testing by steved.

8 years ago

Please Note: To stop this DOS the libtirpc-0.2.5-1.0.fc21 has to be installed which is currently in testing

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/12435/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/12435/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

8 years ago

This update has been pushed to testing

8 years ago
User Icon chr77 commented & provided feedback 8 years ago
karma

Works for me

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

8 years ago

Please login to add feedback.

Metadata
Type
bugfix
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
BZ#1163886 rpc.mountd can be blocked by a bad client
0
0

Automated Test Results

None