News

=========================================================== Ubuntu Security Notice USN-36-1 December 01, 2004 nfs-utils vulnerability CAN-2004-1014 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: nfs-common The problem can be corrected by upgrading the affected package to version 1:1.0.6-3ubuntu1.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: SGI discovered a remote Denial of Service vulnerability in the NFS statd server. statd did not ignore the "SIGPIPE" signal which caused it to shutdown if a misconfigured or malicious peer terminated the TCP connection prematurely.