From $URL: This bug is exploitable via the following scenario and could allow an attacker access to data that they shouldn't be able to access. Suppose you export a filesystem to some subnet or FQDN and also to a wildcard or netgroup, and I know the details of this (maybe showmount -e tells me) Suppose further that I can get IP packets to your server.. Then I create a reverse mapping for my ipaddress to a domain that I own, say "black.hat.org", and a forward mapping from that domain to my IP address, and one of your IP addresses. Then I try to mount your filesystem. The IP address gets correctly mapped to "black.hat.org" and then mapped to both my IP address and your IP address. Then you search through all of your exports and find that one of the addresses: yours - is allowed to access the filesystem. So you create an export based on the addrinfo you have which allows my IP address the same access as your IP address. Fix this by instead using the forward lookup of the hostname just to verify that the original address is in the list. Then do a numeric lookup using the address and stick the hostname in the ai_canonname.
this fix is in nfs-utils-1.2.6 which is in stable now
GLSA vote: no.
GLSA vote: no Closing as noglsa