[Bug 930173] New: VUL-0: CVE-2015-0847: nbd: incorrect signal handling DoD
http://bugzilla.suse.com/show_bug.cgi?id=930173 Bug ID: 930173 Summary: VUL-0: CVE-2015-0847: nbd: incorrect signal handling DoD Classification: openSUSE Product: openSUSE Distribution Version: 13.2 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening@forge.provo.novell.com Reporter: abergmann@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- http://seclists.org/oss-sec/2015/q2/388 CVE-2015-0847 in nbd-server From: Florian Weimer <fw () deneb enyo de> Date: Thu, 07 May 2015 22:45:33 +0200 nbd-server uses signal handlers incorrectly, which leads to a denial of service vulnerability. We have assigned CVE-2015-0847 to this vulnerability. This was first reported to the Debian security team by Tuomas Räsänen, but we did not think this warranted an embargo. More details are available upstream: <http://sourceforge.net/p/nbd/mailman/message/34091218/> -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Alexander Bergmann <abergmann@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |abergmann@suse.com Assignee|bnc-team-screening@forge.pr |ms@suse.com |ovo.novell.com | -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Marcus Schaefer <ms@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|ms@suse.com |mpluskal@suse.com --- Comment #2 from Marcus Schaefer <ms@suse.com> --- I'm not maintaining nbd. I jumped in to help when Kurt Garloff left the company but afaik Martin Pluskal took it over and cleaned it up greatly -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Martin Pluskal <mpluskal@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|mpluskal@suse.com |bnc-team-screening@forge.pr | |ovo.novell.com --- Comment #3 from Martin Pluskal <mpluskal@suse.com> --- While I am not maintainer of nbd, I created sr for factory (nbd-3.10), backporting patches for maint update of old nbd (nbd-3.3) seems to be beyond my capabilities. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Chenzi Cao <chcao@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |chcao@suse.com Assignee|bnc-team-screening@forge.pr |tabraham@suse.com |ovo.novell.com | --- Comment #4 from Chenzi Cao <chcao@suse.com> --- Hi Tom, would you please help to have a look at this issue? Thank you! -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Martin Pluskal <mpluskal@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |mpluskal@suse.com Resolution|--- |DUPLICATE --- Comment #6 from Martin Pluskal <mpluskal@suse.com> --- Created https://build.opensuse.org/request/show/308367 and *** This bug has been marked as a duplicate of bug 931987 *** -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Martin Pluskal <mpluskal@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|DUPLICATE |FIXED --- Comment #8 from Martin Pluskal <mpluskal@suse.com> --- I am clumsy on fridays, it is obviously different issue. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@suse.com, | |security-team@suse.de Alias| |CVE-2015-0847 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Andreas Hasenkopf <ahasenkopf@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard| maint:planned:update |CVSSv2:NVD:CVE-2015-0847:7. |CVSSv2:NVD:CVE-2015-0847:7. |8:(AV:N/AC:L/Au:N/C:N/I:N/A |8:(AV:N/AC:L/Au:N/C:N/I:N/A |:C) |:C) |CVSSv2:RedHat:CVE-2015-0847 |CVSSv2:RedHat:CVE-2015-0847 |:5.7:(AV:A/AC:M/Au:N/C:N/I: |:5.7:(AV:A/AC:M/Au:N/C:N/I: |N/A:C) |N/A:C) | -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=930173 Swamp Workflow Management <swamp@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|CVSSv2:NVD:CVE-2015-0847:7. |CVSSv2:NVD:CVE-2015-0847:7. |8:(AV:N/AC:L/Au:N/C:N/I:N/A |8:(AV:N/AC:L/Au:N/C:N/I:N/A |:C) |:C) |CVSSv2:RedHat:CVE-2015-0847 |CVSSv2:RedHat:CVE-2015-0847 |:5.7:(AV:A/AC:M/Au:N/C:N/I: |:5.7:(AV:A/AC:M/Au:N/C:N/I: |N/A:C) |N/A:C) maint:planned:update -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com