- Issued:
- 2013-10-23
- Updated:
- 2013-10-23
RHBA-2013:1454 - rpcbind bug fix
Synopsis
rpcbind bug fix
Type/Severity
Bug Fix Advisory
Topic
Updated rpcbind packages that fix one bug are now available for Red Hat Enterprise Linux 6.
Description
The rpcbind utility maps RPC (Remote Procedure Call) services to the ports on which the services listen and allows the host to make RPC calls to the RPC server.
This update fixes the following bug:
- Previously, in the insecure mode, which enables non-root users to set or unset ports, a privileged port was required. As only root users can obtain a privileged port, non-root users could not set or unset ports. To fix this bug, the privileged port has been removed, and thus non-root users are now allowed to set or unset ports on the loopback interface. (BZ#858572)
All users of rpcbind are advised to upgrade to these updated packages, which fix this bug.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Storage | 2.0 | x86_64 |
| Red Hat Storage for Public Cloud (via RHUI) | 2.0 | x86_64 |
| Red Hat Gluster Storage Server for On-premise | 2.0 | x86_64 |
| Red Hat Enterprise Linux for x86_64 - Extended Update Support | 6.2 | x86_64 |
| Red Hat Enterprise Linux for x86_64 - Extended Update Support | 6.2 | i386 |
| Red Hat Enterprise Linux for Power, big endian - Extended Update Support | 6.2 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems - Extended Update Support | 6.2 | s390x |
| Red Hat Enterprise Linux Server - Extended Update Support from RHUI | 6.2 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Update Support from RHUI | 6.2 | i386 |
| Red Hat Enterprise Linux Server - AUS | 6.2 | x86_64 |
| Red Hat Enterprise Linux EUS Compute Node | 6.2 | x86_64 |
Updated Packages
- rpcbind-0.2.0-8.el6_2.1.src.rpm
- rpcbind-debuginfo-0.2.0-8.el6_2.1.ppc64.rpm
- rpcbind-debuginfo-0.2.0-8.el6_2.1.s390x.rpm
- rpcbind-debuginfo-0.2.0-8.el6_2.1.x86_64.rpm
- rpcbind-debuginfo-0.2.0-8.el6_2.1.i686.rpm
- rpcbind-0.2.0-8.el6_2.1.i686.rpm
- rpcbind-0.2.0-8.el6_2.1.ppc64.rpm
- rpcbind-0.2.0-8.el6_2.1.x86_64.rpm
- rpcbind-0.2.0-8.el6_2.1.s390x.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.