Dear SRM,
Is there any chance to get a fix for #423369 and #423108, a memory leak
in both libc6 and nfs-kernel-server, into etch r1?
The libc6 bug causes nfs-kernel-server to leak a lot of memory on busy
NFS servers that use netgroups (and other software that uses netgroups).
In extremis this could be used as a denial of service by letting the NFS
server run out of memory. I've applied the patch mentioned in
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=169051 to the etch
libc6 package and I can confirm that it fixes the bug. Note that it can
also be exploited locally by running the example program mentioned in
the bugzilla bug report.
The nfs-kernel-server also leaks memory in two functions. The fix is a
one line fix in both cases. The fixes have also been applied to the
version in testing (1.0.12) and unstable.
Thanks
Rik
--
Rik Theys
KU Leuven - Dept. ESAT
Kasteelpark Arenberg 10
B-3001 LEUVEN - HEVERLEE
Tel.: +32(0)16/32.11.07
----------------------------------------------------------------
<<Any errors in spelling, tact or fact are transmission errors>>
Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
