thrift Info

thrift was added to epel7 repo on 2014-05-05
Page updated: 2023-11-21 11:36
Repo Status - Overall Status

Source NVR: thrift-0.9.1-15.el7 (2017-03-29)

Binary Packages

fb303 fb303-0.9.1-15.el7
fb303-devel fb303-devel-0.9.1-15.el7
fb303-java fb303-java-0.9.1-15.el7
libthrift-java libthrift-java-0.9.1-15.el7
libthrift-javadoc libthrift-javadoc-0.9.1-15.el7
perl-thrift perl-thrift-0.9.1-15.el7
python-fb303 python-fb303-0.9.1-15.el7
python-thrift python-thrift-0.9.1-15.el7
thrift thrift-0.9.1-15.el7
thrift-devel thrift-devel-0.9.1-15.el7
thrift-glib thrift-glib-0.9.1-15.el7
thrift-qt thrift-qt-0.9.1-15.el7

Bugs

1462785 NEW CVE-2015-3254 thrift: Infinite recursion via vectors involving the skip function [epel-7]
1544621 NEW CVE-2016-5397 thrift: Improper file path sanitization in t_go_generator.cc:format_go_output() of the go client library can allow an attacker to inject commands [epel-all]
1667189 NEW CVE-2018-11798 thrift: Improper Access Control grants access to files outside the webservers docroot path [epel-7]
1667205 NEW CVE-2018-1320 thrift: SASL negotiation isComplete validation bypass in the org.apache.thrift.transport.TSaslTransport class [epel-7]
1764609 NEW CVE-2019-0210 thrift: Out-of-bounds read related to TJSONProtocol or TSimpleJSONProtocol [epel-7]
1764614 NEW CVE-2019-0205 thrift: Endless loop when feed with specific input data [epel-7]
1816348 NEW CVE-2019-11939 thrift: Resource exhaustion via containers sizes messages [epel-7]
1928175 NEW CVE-2020-13949 thrift: libthrift: potential DoS when processing untrusted payloads [epel-all]

Install Failures