You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa glibc

Sigurnosni nedostaci programskog paketa glibc

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:039
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : glibc
Date : February 10, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

A vulnerability has been discovered and corrected in glibc:

Heap-based buffer overflow in the __nss_hostname_digits_dots
function in glibc 2.2, and other 2.x versions before 2.18, allows
context-dependent attackers to execute arbitrary code via vectors
related to the (1) gethostbyname or (2) gethostbyname2 function,
aka GHOST. (CVE-2015-0235)

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
https://rhn.redhat.com/errata/RHSA-2015-0092.html
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
678efef85b85206451ef8927bad808e0 mbs1/x86_64/glibc-2.14.1-12.11.mbs1.x86_64.rpm
46cd508f03e36c1e4f752c317852ec8e mbs1/x86_64/glibc-devel-2.14.1-12.11.mbs1.x86_64.rpm
069302c80e3b79504e2b0eaaa72c2745 mbs1/x86_64/glibc-doc-2.14.1-12.11.mbs1.noarch.rpm
3a841c0295823354655dd3e7734ada0b mbs1/x86_64/glibc-doc-pdf-2.14.1-12.11.mbs1.noarch.rpm
11a672a0b4bae77c7adfa803bea9871f mbs1/x86_64/glibc-i18ndata-2.14.1-12.11.mbs1.x86_64.rpm
d3f113ccec4f18e4bb08c951625e51d7 mbs1/x86_64/glibc-profile-2.14.1-12.11.mbs1.x86_64.rpm
f6d6aa5806dd747e66996ea8cc01c9b4 mbs1/x86_64/glibc-static-devel-2.14.1-12.11.mbs1.x86_64.rpm
98cc6eae0234eeed945712bbc8b2c0ea mbs1/x86_64/glibc-utils-2.14.1-12.11.mbs1.x86_64.rpm
bf6f2fcc3dd21bd8380aac40e91bb802 mbs1/x86_64/nscd-2.14.1-12.11.mbs1.x86_64.rpm
f597e4d6241c76701733d730e84f5714 mbs1/SRPMS/glibc-2.14.1-12.11.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFU2bromqjQ0CJFipgRAmFsAKCQjfZlXUkoM7Vw2lzaEcgdyJncUgCg6ad6
CZAvbkM0GO2ojTqkrf89cyk=
=/OhK
—–END PGP SIGNATURE—–

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa ntp

Otkriveni su sigurnosni nedostaci u programskom paketu ntp za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izvođenje napada uskraćivanja...

Close