Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Patches » RHBA-2015:0006-01


Id RHBA-2015:0006-01
Name Red Hat 2015:0006-01 RHBA nss_db bug fix update for RHEL 5 x86
Vendor Name red_hat
Product None
Content Type Recommended Recommended
Operating System(s) Linux 
Released On 05 Jan 2015 12:00:00


Red Hat 2015:0006-01 RHBA nss_db bug fix update for RHEL 5 x86

Vendor Name




Released On

05 Jan 2015 12:00:00



The nss_db packages provide a plug-in which allows libc, and in turn applications, to read information about users, groups, and other information from local database files which might otherwise need to be read from the unindexed text-like databases which are typically stored under the /etc directory on a host, or from remote servers. This update fixes the following bug: * Due to a programming error, the plug-in provided by the nss_db package leaked the memory used to hold a copy of a database file name whenever an application caused a database to be opened. Among the libc functions back-ended by nss_db which attempted to open databases, and thus could leak if they succeeded, were: getaliasbyname(), getgrgid(), getgrnam(), getprotobyname(), getprotobynumber(), getpwnam(), getpwuid(), getrpcbyname(), getrpcbynumber(), getservbyname(), getservbyport(), getspnam(), getgrouplist(), setaliasent(), setetherent(), setgrent(), setnetgrent(), setprotoent(), setpwent(), setrpcent(), setservent(), and setspent(). A patch has been provided to fix this bug, and debugging оr tracing no longer demonstrates the memory leak when calling the above listed functions. (BZ#1163493) Users of nss_db are advised to upgrade to these updated packages, which fix this bug.

Related Resources

Related Vulnerabilities


Related Patches

Superseded Patches


Last Updated: 27 May 2016 11:20:28