Control: notfound -1 0.2.5-1 Control: notfixed -1 1.0.2-0.1 On Thu, Aug 30, 2018 at 09:19:49AM +0200, Salvatore Bonaccorso wrote: > Source: libtirpc > Version: 0.2.5-1 > Severity: important > Tags: patch security upstream > Control: fixed -1 1.0.2-0.1 > > Hi, > > The following vulnerability was published for libtirpc. > > CVE-2018-14621[0]: > Infinite loop in EMFILE case in svc_vc.c
Did wrongly triaged this. The issue is actually only introduced in 0.3.3-rc3 upstream, so we never had a vulnerable version in Debian as the experimental version did as well contain the fix. Closing this bug as invalid. Regards, Salvatore