[0.4.8][LIBTIRPC] Fix CVE-2018-14622 CORE-15005, and CVE-2018-14621 CORE-15407
The chance for us to get attacked is rather low, because
LIBTIRPC is used solely for the nfs service and
I pushed aggressively years ago to have that turned from
'Automatic' to 'Manual' already.
I doubt many used this service, that does not exist on real Windows at all.
Attacks may result in Denial-Of-Service.
For details check:
https://nvd.nist.gov/vuln/detail/CVE-2018-14622
https://nvd.nist.gov/vuln/detail/CVE-2018-14621
Fixes picked from:
0.4.11-dev-93-g
000bbe074ed29d1efe39d4d65c81d1c1ead07c93 CVE-2018-14622 CORE-15005
0.4.11-dev-887-g
f5f3ff86eafd51bd34665fdfed892a7fc3785879 CVE-2018-14621 CORE-15407
projects / reactos.git / commit