LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

January 2015

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS January 2015

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Security ERRATA Critical: glibc on SL6.x, SL7.x i386/x86_64
From:	Phil Wyett <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Wed, 28 Jan 2015 15:14:46 +0000
Content-Type:	multipart/signed
Parts/Attachments:	text/plain (2459 bytes) , signature.asc (851 bytes)

On Tue, 2015-01-27 at 21:16 +0000, Pat Riehecky wrote:
> Synopsis:          Critical: glibc security update
> Advisory ID:       SLSA-2015:0092-1
> Issue Date:        2015-01-27
> CVE Numbers:       CVE-2015-0235
> --
> 
> A heap-based buffer overflow was found in glibc's
> __nss_hostname_digits_dots() function, which is used by the
> gethostbyname() and gethostbyname2() glibc function calls. A remote
> attacker able to make an application call either of these functions could
> use this flaw to execute arbitrary code with the permissions of the user
> running the application. (CVE-2015-0235)
> --
> 
> SL6
>   x86_64
>     glibc-2.12-1.149.el6_6.5.i686.rpm
>     glibc-2.12-1.149.el6_6.5.x86_64.rpm
>     glibc-common-2.12-1.149.el6_6.5.x86_64.rpm
>     glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm
>     glibc-debuginfo-2.12-1.149.el6_6.5.x86_64.rpm
>     glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm
>     glibc-debuginfo-common-2.12-1.149.el6_6.5.x86_64.rpm
>     glibc-devel-2.12-1.149.el6_6.5.i686.rpm
>     glibc-devel-2.12-1.149.el6_6.5.x86_64.rpm
>     glibc-headers-2.12-1.149.el6_6.5.x86_64.rpm
>     glibc-utils-2.12-1.149.el6_6.5.x86_64.rpm
>     nscd-2.12-1.149.el6_6.5.x86_64.rpm
>     glibc-static-2.12-1.149.el6_6.5.i686.rpm
>     glibc-static-2.12-1.149.el6_6.5.x86_64.rpm
>   i386
>     glibc-2.12-1.149.el6_6.5.i686.rpm
>     glibc-common-2.12-1.149.el6_6.5.i686.rpm
>     glibc-debuginfo-2.12-1.149.el6_6.5.i686.rpm
>     glibc-debuginfo-common-2.12-1.149.el6_6.5.i686.rpm
>     glibc-devel-2.12-1.149.el6_6.5.i686.rpm
>     glibc-headers-2.12-1.149.el6_6.5.i686.rpm
>     glibc-utils-2.12-1.149.el6_6.5.i686.rpm
>     nscd-2.12-1.149.el6_6.5.i686.rpm
>     glibc-static-2.12-1.149.el6_6.5.i686.rpm
> SL7
>   x86_64
>     glibc-2.17-55.el7_0.5.i686.rpm
>     glibc-2.17-55.el7_0.5.x86_64.rpm
>     glibc-common-2.17-55.el7_0.5.x86_64.rpm
>     glibc-debuginfo-2.17-55.el7_0.5.i686.rpm
>     glibc-debuginfo-2.17-55.el7_0.5.x86_64.rpm
>     glibc-debuginfo-common-2.17-55.el7_0.5.i686.rpm
>     glibc-debuginfo-common-2.17-55.el7_0.5.x86_64.rpm
>     glibc-devel-2.17-55.el7_0.5.i686.rpm
>     glibc-devel-2.17-55.el7_0.5.x86_64.rpm
>     glibc-headers-2.17-55.el7_0.5.x86_64.rpm
>     glibc-utils-2.17-55.el7_0.5.x86_64.rpm
>     nscd-2.17-55.el7_0.5.x86_64.rpm
>     glibc-static-2.17-55.el7_0.5.i686.rpm
>     glibc-static-2.17-55.el7_0.5.x86_64.rpm
> 
> - Scientific Linux Development Team

Hi all,

The debuginfo rpm files for this update do not seem to have hit server.

Regards

Phil

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV