Synopsis: Important: glibc security update Advisory ID: SLSA-2014:1110-1 Issue Date: 2014-08-29 CVE Numbers: CVE-2014-0475 CVE-2014-5119 -- An off-by-one heap-based buffer overflow flaw was found in glibc's internal __gconv_translit_find() function. An attacker able to make an application call the iconv_open() function with a specially crafted argument could possibly use this flaw to execute arbitrary code with the privileges of that application. (CVE-2014-5119) A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value (for example, specified in an LC_* environment variable) could possibly use this flaw to execute arbitrary code with the privileges of that application. (CVE-2014-0475) -- SL5 x86_64 glibc-2.5-118.el5_10.3.i686.rpm glibc-2.5-118.el5_10.3.x86_64.rpm glibc-common-2.5-118.el5_10.3.x86_64.rpm glibc-debuginfo-2.5-118.el5_10.3.i386.rpm glibc-debuginfo-2.5-118.el5_10.3.i686.rpm glibc-debuginfo-2.5-118.el5_10.3.x86_64.rpm glibc-debuginfo-common-2.5-118.el5_10.3.i386.rpm glibc-devel-2.5-118.el5_10.3.i386.rpm glibc-devel-2.5-118.el5_10.3.x86_64.rpm glibc-headers-2.5-118.el5_10.3.x86_64.rpm glibc-utils-2.5-118.el5_10.3.x86_64.rpm nscd-2.5-118.el5_10.3.x86_64.rpm i386 glibc-2.5-118.el5_10.3.i386.rpm glibc-2.5-118.el5_10.3.i686.rpm glibc-common-2.5-118.el5_10.3.i386.rpm glibc-debuginfo-2.5-118.el5_10.3.i386.rpm glibc-debuginfo-2.5-118.el5_10.3.i686.rpm glibc-debuginfo-common-2.5-118.el5_10.3.i386.rpm glibc-devel-2.5-118.el5_10.3.i386.rpm glibc-headers-2.5-118.el5_10.3.i386.rpm glibc-utils-2.5-118.el5_10.3.i386.rpm nscd-2.5-118.el5_10.3.i386.rpm SL6 x86_64 glibc-2.12-1.132.el6_5.4.i686.rpm glibc-2.12-1.132.el6_5.4.x86_64.rpm glibc-common-2.12-1.132.el6_5.4.x86_64.rpm glibc-debuginfo-2.12-1.132.el6_5.4.i686.rpm glibc-debuginfo-2.12-1.132.el6_5.4.x86_64.rpm glibc-debuginfo-common-2.12-1.132.el6_5.4.i686.rpm glibc-debuginfo-common-2.12-1.132.el6_5.4.x86_64.rpm glibc-devel-2.12-1.132.el6_5.4.i686.rpm glibc-devel-2.12-1.132.el6_5.4.x86_64.rpm glibc-headers-2.12-1.132.el6_5.4.x86_64.rpm glibc-utils-2.12-1.132.el6_5.4.x86_64.rpm nscd-2.12-1.132.el6_5.4.x86_64.rpm glibc-static-2.12-1.132.el6_5.4.i686.rpm glibc-static-2.12-1.132.el6_5.4.x86_64.rpm i386 glibc-2.12-1.132.el6_5.4.i686.rpm glibc-common-2.12-1.132.el6_5.4.i686.rpm glibc-debuginfo-2.12-1.132.el6_5.4.i686.rpm glibc-debuginfo-common-2.12-1.132.el6_5.4.i686.rpm glibc-devel-2.12-1.132.el6_5.4.i686.rpm glibc-headers-2.12-1.132.el6_5.4.i686.rpm glibc-utils-2.12-1.132.el6_5.4.i686.rpm nscd-2.12-1.132.el6_5.4.i686.rpm glibc-static-2.12-1.132.el6_5.4.i686.rpm - Scientific Linux Development Team