-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : libtirpc Version : 0.2.5-1+deb8u3 CVE ID : CVE-2016-4429
It was discovered that libtiprc, a transport-independent RPC library, could be used for a denial of service or possibly unspecified other impact by a stack-based buffer overflow due to a flood of crafted ICMP and UDP packets.
For Debian 8 "Jessie", this problem has been fixed in version 0.2.5-1+deb8u3. We recommend that you upgrade your libtirpc packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl74iyVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEeioBAAxg3VI6ZQN+48cjUQqgIiOsTr7MqlLpdZXNzEdxjK4+9Fl4j9VrAzjHUG 9Oyt5XBSt7WllCV+LcGREFwxJMufJNrbmip4xy/GgoBOvKcrOOGlyuEUu3NAxtZC kO+hYG1fVOifHly8E3J7+MWut7JVrYb6Ulw/kcO3m9AxshZz73iIp76vaxf59wpn tRFDg+VkcwGXmzFKS0SL8uYqVehlSEW+eSqTHLsrgQw2YEcbS2ddztAGLWi6O/i0 puFi63xUaldW/XKcG57z6xz5i8LmjgB39LpNcjmeHKtmWZ3ggXIbXy3hfJThF2Ql Qvn4lMoMj4Qnecxup6+zyGmwfBNEpqDVsOd50SCRSkrNO40KL2pYuoSt0SkfYcs8 HA+0bXCjXISDSG70lvQrbxsUNJfs9X0awlgeS8VHpkcUPpsrrpQEDxAIu4ofVVHs NTeKP8kE0ZKdib4BfPnIDHnwULeduBv4WNVej/mVpP3OD1EcU4aMcWD+4RRF0L+6 DGjnLTbk76+AHrghziJ7JP2flR//ES98/ixAob/YLxTqYYdw/3TLk+sL0OnSEbKd TNwhc2ONYeyXPSAnpnDAS+L86SiiCKDb7TBKDOr2wEG5ooXZTA6po8tMjh7HYxgN 45r5v4Z/alMtOB4sDGgC+e7wP/MIBpah+43UyvDGJ2aE9YFzhy0= =aNvl -----END PGP SIGNATURE-----
