This bug was fixed in the package nbd - 1:3.24-1
---
nbd (1:3.24-1) unstable; urgency=medium
* New upstream release.
- CVE-2022-26495: Disallow name lenghts of (unsigned int)-1, by
constraining the length to 4096 bytes
- CVE-2022-26496: Fix buffer overflow in NBD_OPT_I
+1, please go ahead and sync it Athos.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971294
Title:
Merge nbd from Debian unstable for kinetic
To manage notifications about this bug go to:
https://
The current delta contains two security fixes, which are included in
the new Debian unstable version of the package, as stated in d/changelog
and as verified in
https://salsa.debian.org/wouter/nbd/-/commit/d88ff98b5f314fa52049e98ae56b2ec0b7f9c8b7#d8b58112d12c35316db0278cb2a2753729d77d53_2116_2180
