Subject: | |
From: | |
Reply To: | |
Date: | Wed, 20 Jan 2010 13:36:55 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Moderate: gcc and gcc4 security update
Issue date: 2010-01-13
CVE Names: CVE-2009-3736
CVE-2009-3736 libtool: libltdl may load and execute code from a library
in the current directory
A flaw was found in the way GNU Libtool's libltdl library looked for
libraries to load. It was possible for libltdl to load a malicious
library from the current working directory. In certain configurations,
if a local attacker is able to trick a local user into running a Java
application (which uses a function to load native libraries, such as
System.loadLibrary) from within an attacker-controlled directory
containing a malicious library or module, the attacker could possibly
execute arbitrary code with the privileges of the user running the Java
application. (CVE-2009-3736)
All running Java applications using libgcj must be restarted for this
update to take effect.
SL 3.0.x
SRPMS:
gcc-3.2.3-60.src.rpm
i386:
cpp-3.2.3-60.i386.rpm
gcc-3.2.3-60.i386.rpm
gcc-c++-3.2.3-60.i386.rpm
gcc-g77-3.2.3-60.i386.rpm
gcc-gnat-3.2.3-60.i386.rpm
gcc-java-3.2.3-60.i386.rpm
gcc-objc-3.2.3-60.i386.rpm
libf2c-3.2.3-60.i386.rpm
libgcc-3.2.3-60.i386.rpm
libgcj-3.2.3-60.i386.rpm
libgcj-devel-3.2.3-60.i386.rpm
libgnat-3.2.3-60.i386.rpm
libobjc-3.2.3-60.i386.rpm
libstdc++-3.2.3-60.i386.rpm
libstdc++-devel-3.2.3-60.i386.rpm
x86_64:
cpp-3.2.3-60.x86_64.rpm
gcc-3.2.3-60.x86_64.rpm
gcc-c++-3.2.3-60.x86_64.rpm
gcc-g77-3.2.3-60.x86_64.rpm
gcc-gnat-3.2.3-60.x86_64.rpm
gcc-java-3.2.3-60.x86_64.rpm
gcc-objc-3.2.3-60.x86_64.rpm
libf2c-3.2.3-60.i386.rpm
libf2c-3.2.3-60.x86_64.rpm
libgcc-3.2.3-60.i386.rpm
libgcc-3.2.3-60.x86_64.rpm
libgcj-3.2.3-60.i386.rpm
libgcj-3.2.3-60.x86_64.rpm
libgcj-devel-3.2.3-60.x86_64.rpm
libgnat-3.2.3-60.i386.rpm
libgnat-3.2.3-60.x86_64.rpm
libobjc-3.2.3-60.i386.rpm
libobjc-3.2.3-60.x86_64.rpm
libstdc++-3.2.3-60.i386.rpm
libstdc++-3.2.3-60.x86_64.rpm
libstdc++-devel-3.2.3-60.i386.rpm
libstdc++-devel-3.2.3-60.x86_64.rpm
SL 4.x
SRPMS:
gcc-3.4.6-11.el4_8.1.src.rpm
gcc4-4.1.2-44.EL4_8.1.src.rpm
i386:
cpp-3.4.6-11.el4_8.1.i386.rpm
gcc-3.4.6-11.el4_8.1.i386.rpm
gcc4-4.1.2-44.EL4_8.1.i386.rpm
gcc4-c++-4.1.2-44.EL4_8.1.i386.rpm
gcc4-gfortran-4.1.2-44.EL4_8.1.i386.rpm
gcc4-java-4.1.2-44.EL4_8.1.i386.rpm
gcc-c++-3.4.6-11.el4_8.1.i386.rpm
gcc-g77-3.4.6-11.el4_8.1.i386.rpm
gcc-gnat-3.4.6-11.el4_8.1.i386.rpm
gcc-java-3.4.6-11.el4_8.1.i386.rpm
gcc-objc-3.4.6-11.el4_8.1.i386.rpm
libf2c-3.4.6-11.el4_8.1.i386.rpm
libgcc-3.4.6-11.el4_8.1.i386.rpm
libgcj-3.4.6-11.el4_8.1.i386.rpm
libgcj4-4.1.2-44.EL4_8.1.i386.rpm
libgcj4-devel-4.1.2-44.EL4_8.1.i386.rpm
libgcj4-src-4.1.2-44.EL4_8.1.i386.rpm
libgcj-devel-3.4.6-11.el4_8.1.i386.rpm
libgfortran-4.1.2-44.EL4_8.1.i386.rpm
libgnat-3.4.6-11.el4_8.1.i386.rpm
libgomp-4.1.2-44.EL4_8.1.i386.rpm
libmudflap-4.1.2-44.EL4_8.1.i386.rpm
libmudflap-devel-4.1.2-44.EL4_8.1.i386.rpm
libobjc-3.4.6-11.el4_8.1.i386.rpm
libstdc++-3.4.6-11.el4_8.1.i386.rpm
libstdc++-devel-3.4.6-11.el4_8.1.i386.rpm
x86_64:
cpp-3.4.6-11.el4_8.1.x86_64.rpm
gcc-3.4.6-11.el4_8.1.x86_64.rpm
gcc4-4.1.2-44.EL4_8.1.x86_64.rpm
gcc4-c++-4.1.2-44.EL4_8.1.x86_64.rpm
gcc4-gfortran-4.1.2-44.EL4_8.1.x86_64.rpm
gcc4-java-4.1.2-44.EL4_8.1.x86_64.rpm
gcc-c++-3.4.6-11.el4_8.1.x86_64.rpm
gcc-g77-3.4.6-11.el4_8.1.x86_64.rpm
gcc-gnat-3.4.6-11.el4_8.1.x86_64.rpm
gcc-java-3.4.6-11.el4_8.1.x86_64.rpm
gcc-objc-3.4.6-11.el4_8.1.x86_64.rpm
libf2c-3.4.6-11.el4_8.1.i386.rpm
libf2c-3.4.6-11.el4_8.1.x86_64.rpm
libgcc-3.4.6-11.el4_8.1.i386.rpm
libgcc-3.4.6-11.el4_8.1.x86_64.rpm
libgcj-3.4.6-11.el4_8.1.i386.rpm
libgcj-3.4.6-11.el4_8.1.x86_64.rpm
libgcj4-4.1.2-44.EL4_8.1.i386.rpm
libgcj4-4.1.2-44.EL4_8.1.x86_64.rpm
libgcj4-devel-4.1.2-44.EL4_8.1.x86_64.rpm
libgcj4-src-4.1.2-44.EL4_8.1.x86_64.rpm
libgcj-devel-3.4.6-11.el4_8.1.x86_64.rpm
libgfortran-4.1.2-44.EL4_8.1.i386.rpm
libgfortran-4.1.2-44.EL4_8.1.x86_64.rpm
libgnat-3.4.6-11.el4_8.1.i386.rpm
libgnat-3.4.6-11.el4_8.1.x86_64.rpm
libgomp-4.1.2-44.EL4_8.1.i386.rpm
libgomp-4.1.2-44.EL4_8.1.x86_64.rpm
libmudflap-4.1.2-44.EL4_8.1.i386.rpm
libmudflap-4.1.2-44.EL4_8.1.x86_64.rpm
libmudflap-devel-4.1.2-44.EL4_8.1.x86_64.rpm
libobjc-3.4.6-11.el4_8.1.i386.rpm
libobjc-3.4.6-11.el4_8.1.x86_64.rpm
libstdc++-3.4.6-11.el4_8.1.i386.rpm
libstdc++-3.4.6-11.el4_8.1.x86_64.rpm
libstdc++-devel-3.4.6-11.el4_8.1.i386.rpm
libstdc++-devel-3.4.6-11.el4_8.1.x86_64.rpm
SL 5.x
SRPMS:
gcc-4.1.2-46.el5_4.2.src.rpm
i386:
cpp-4.1.2-46.el5_4.2.i386.rpm
gcc-4.1.2-46.el5_4.2.i386.rpm
gcc-c++-4.1.2-46.el5_4.2.i386.rpm
gcc-gfortran-4.1.2-46.el5_4.2.i386.rpm
gcc-gnat-4.1.2-46.el5_4.2.i386.rpm
gcc-java-4.1.2-46.el5_4.2.i386.rpm
gcc-objc-4.1.2-46.el5_4.2.i386.rpm
gcc-objc++-4.1.2-46.el5_4.2.i386.rpm
libgcc-4.1.2-46.el5_4.2.i386.rpm
libgcj-4.1.2-46.el5_4.2.i386.rpm
libgcj-devel-4.1.2-46.el5_4.2.i386.rpm
libgcj-src-4.1.2-46.el5_4.2.i386.rpm
libgfortran-4.1.2-46.el5_4.2.i386.rpm
libgnat-4.1.2-46.el5_4.2.i386.rpm
libmudflap-4.1.2-46.el5_4.2.i386.rpm
libmudflap-devel-4.1.2-46.el5_4.2.i386.rpm
libobjc-4.1.2-46.el5_4.2.i386.rpm
libstdc++-4.1.2-46.el5_4.2.i386.rpm
libstdc++-devel-4.1.2-46.el5_4.2.i386.rpm
Dependancies for SL 5.0, 5.1, 5.2 and 5.3:
gcc44-4.4.0-6.el5.i386.rpm
gcc44-c++-4.4.0-6.el5.i386.rpm
gcc44-gfortran-4.4.0-6.el5.i386.rpm
libgfortran44-4.4.0-6.el5.i386.rpm
libgomp-4.4.0-6.el5.i386.rpm
libstdc++44-devel-4.4.0-6.el5.i386.rpm
x86_64:
cpp-4.1.2-46.el5_4.2.x86_64.rpm
gcc-4.1.2-46.el5_4.2.x86_64.rpm
gcc-c++-4.1.2-46.el5_4.2.x86_64.rpm
gcc-gfortran-4.1.2-46.el5_4.2.x86_64.rpm
gcc-gnat-4.1.2-46.el5_4.2.x86_64.rpm
gcc-java-4.1.2-46.el5_4.2.x86_64.rpm
gcc-objc-4.1.2-46.el5_4.2.x86_64.rpm
gcc-objc++-4.1.2-46.el5_4.2.x86_64.rpm
libgcc-4.1.2-46.el5_4.2.i386.rpm
libgcc-4.1.2-46.el5_4.2.x86_64.rpm
libgcj-4.1.2-46.el5_4.2.i386.rpm
libgcj-4.1.2-46.el5_4.2.x86_64.rpm
libgcj-devel-4.1.2-46.el5_4.2.i386.rpm
libgcj-devel-4.1.2-46.el5_4.2.x86_64.rpm
libgcj-src-4.1.2-46.el5_4.2.x86_64.rpm
libgfortran-4.1.2-46.el5_4.2.i386.rpm
libgfortran-4.1.2-46.el5_4.2.x86_64.rpm
libgnat-4.1.2-46.el5_4.2.i386.rpm
libgnat-4.1.2-46.el5_4.2.x86_64.rpm
libmudflap-4.1.2-46.el5_4.2.i386.rpm
libmudflap-4.1.2-46.el5_4.2.x86_64.rpm
libmudflap-devel-4.1.2-46.el5_4.2.i386.rpm
libmudflap-devel-4.1.2-46.el5_4.2.x86_64.rpm
libobjc-4.1.2-46.el5_4.2.i386.rpm
libobjc-4.1.2-46.el5_4.2.x86_64.rpm
libstdc++-4.1.2-46.el5_4.2.i386.rpm
libstdc++-4.1.2-46.el5_4.2.x86_64.rpm
libstdc++-devel-4.1.2-46.el5_4.2.i386.rpm
libstdc++-devel-4.1.2-46.el5_4.2.x86_64.rpm
Dependancies for SL 5.0, 5.1, 5.2 and 5.3:
gcc44-4.4.0-6.el5.x86_64.rpm
gcc44-c++-4.4.0-6.el5.x86_64.rpm
gcc44-gfortran-4.4.0-6.el5.x86_64.rpm
libgfortran44-4.4.0-6.el5.i386.rpm
libgfortran44-4.4.0-6.el5.x86_64.rpm
libgomp-4.4.0-6.el5.i386.rpm
libgomp-4.4.0-6.el5.x86_64.rpm
libstdc++44-devel-4.4.0-6.el5.i386.rpm
libstdc++44-devel-4.4.0-6.el5.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|