1nbdkit-security(1)                  NBDKIT                  nbdkit-security(1)
2
3
4

NAME

6       nbdkit-security - information about past security issues in nbdkit
7

DESCRIPTION

9       This page details past security issues found in nbdkit.
10
11       For how to report new security issues, see the "SECURITY" file in the
12       top level source directory, also available online here:
13       https://github.com/libguestfs/nbdkit/blob/master/SECURITY
14
15   CVE-2019-14850 denial of service due to premature opening of back-end
16       connection
17       See the full announcement and links to mitigation, tests and fixes
18       here:
19       https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html
20
21   CVE-2019-14851 assertion failure by issuing commands in the wrong order
22       This CVE was caused by the fix to the previous issue.
23
24       See the full announcement and links to mitigation, tests and fixes
25       here:
26       https://www.redhat.com/archives/libguestfs/2019-September/msg00272.html
27

SEE ALSO

29       nbdkit(1).
30

AUTHORS

32       Eric Blake
33
34       Richard W.M. Jones
35

COPYRIGHT

37       Copyright (C) 2013-2019 Red Hat Inc.
38

LICENSE

40       Redistribution and use in source and binary forms, with or without
41       modification, are permitted provided that the following conditions are
42       met:
43
44       ·   Redistributions of source code must retain the above copyright
45           notice, this list of conditions and the following disclaimer.
46
47       ·   Redistributions in binary form must reproduce the above copyright
48           notice, this list of conditions and the following disclaimer in the
49           documentation and/or other materials provided with the
50           distribution.
51
52       ·   Neither the name of Red Hat nor the names of its contributors may
53           be used to endorse or promote products derived from this software
54           without specific prior written permission.
55
56       THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND ANY
57       EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
58       IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
59       PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR CONTRIBUTORS BE
60       LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
61       CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
62       SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
63       BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
64       WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
65       OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
66       ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
67
68
69
70nbdkit-1.16.1                     2019-12-03                nbdkit-security(1)