PT-2026-49132 · Suse · Rpcbind
Published
2026-06-04
·
Updated
2026-06-04
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
This update for rpcbind fixes the following issues
Update to rpcbind 1.2.9:
Security issue:
- Fix several memory leaks and buffer overflows (bsc#1267212).
Non security issue:
- rpcbind fails to start (tumbleweed snapshot 20181120) (bsc#1117217).
Changes:
- rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist()
- rpcbind: Stop unauthenticated oversized allocation in PMAPPROC CALLIT decode
- rpcbind: fix memory leak in read warmstart()
- rpcbind: fix memory leaks in network init()
- rpcbind: fix memory leak in init transport()
- Added -v (print version and compile flags)
- rpcinfo: Removed a number of "old-style function definition" warnings
- man/rpcbind: Update list of options
- Comment out ListenStream=@/run/rpcbind.sock
- [nfs/nfs-utils/rpcbind] rpcbind: avoid dereferencing NULL from realloc()
- systemd/rpcbind.service.in: Add various hardenings options
- man/rpcbind: Add Files section to manpage
- Moved rpcbind.lock and default configs to /run instead of /var/run
- rpcinfo: try connecting using abstract address
- Listen on an AF UNIX abstract address if supported
- autotools/systemd: call rpcbind with -w only on enabled warm starts
- rpcbind: fix double free in init transport
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Rpcbind