Date: Wed, 30 Sep 2015 14:47:30 -0400 From: Robert Blayzor <rblayzor.bulk@inoc.net> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind Message-ID: <B821DB04-67A9-4F7C-85E1-8ABCF72C6D46@inoc.net> In-Reply-To: <20150929183942.569F311FD@freefall.freebsd.org> References: <20150929183942.569F311FD@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Was this regression tested or missing more info? After updating and = rebooting seeing a ton of problems with rpcbind core dumping at start.. = lock manager fails to start, etc. dmesg da0: quirks=3D0x40<RETRY_BUSY> SMP: AP CPU #1 Launched! Trying to mount root from ufs:/dev/da0p2 [rw].. pid 367 (rpcbind), uid 0: exited on signal 6 (core dumped) NLM: failed to contact remote rpcbind, stat =3D 5, port =3D 28416 NLM: failed to contact remote rpcbind, stat =3D 0, port =3D 0 Can't start NLM - unable to contact NSM NLM: failed to contact remote rpcbind, stat =3D 0, port =3D 0 NLM: failed to contact remote rpcbind, stat =3D 0, port =3D 0 Can't start NLM - unable to contact NSM [~] egrep rpc\|nis /etc/rc.conf rpcbind_enable=3D"YES" rpc_lockd_enable=3D"YES" rpc_lockd_flags=3D"-p 4045" rpc_statd_enable=3D"YES" rpc_statd_flags=3D"-p 4046" nis_client_enable=3D=E2=80=9CYES" nis_server_enable=3D=E2=80=9CYES" [~] uname -a FreeBSD 10.2-RELEASE-p4 FreeBSD 10.2-RELEASE-p4 #0 r288419: Wed Sep 30 = 18:33:40 UTC 2015 amd64 No problems prior to patching. -- Robert inoc.net!rblayzor Jabber: rblayzor.AT.inoc.net PGP Key: 78BEDCE1 @ pgp.mit.edu > On Sep 29, 2015, at 2:39 PM, FreeBSD Security Advisories = <security-advisories@freebsd.org> wrote: >=20 > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 >=20 > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D > FreeBSD-SA-15:24.rpcbind Security = Advisory > The FreeBSD = Project >=20 > Topic: rpcbind(8) remote denial of service >=20 > Category: core > Module: rpcbind > Announced: 2015-09-29 > Affects: All supported versions of FreeBSD. > Corrected: 2015-09-29 18:06:27 UTC (stable/10, 10.2-STABLE) > 2015-09-29 18:07:18 UTC (releng/10.2, 10.2-RELEASE-p4) > 2015-09-29 18:07:18 UTC (releng/10.1, 10.1-RELEASE-p21) > 2015-09-29 18:06:27 UTC (stable/9, 9.3-STABLE) > 2015-09-29 18:07:18 UTC (releng/9.3, 9.3-RELEASE-p27) > CVE Name: CVE-2015-7236
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B821DB04-67A9-4F7C-85E1-8ABCF72C6D46>