You are here
Home > Preporuke > Sigurnosni nedostatak programskih paketa eglibc i glibc

Sigurnosni nedostatak programskih paketa eglibc i glibc

by ncert - 0

==========================================================================
Ubuntu Security Notice USN-2900-1
February 16, 2016

eglibc, glibc vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 15.10
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS

Summary:

GNU C Library could be made to crash or run programs if it received
specially crafted network traffic.

Software Description:
– glibc: GNU C Library
– eglibc: GNU C Library

Details:

It was discovered that the GNU C Library incorrectly handled receiving
responses while performing DNS resolution. A remote attacker could use this
issue to cause the GNU C Library to crash, resulting in a denial of
service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.10:
libc6 2.21-0ubuntu4.1

Ubuntu 14.04 LTS:
libc6 2.19-0ubuntu6.7

Ubuntu 12.04 LTS:
libc6 2.15-0ubuntu10.13

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2900-1
CVE-2015-7547

Package Information:
https://launchpad.net/ubuntu/+source/glibc/2.21-0ubuntu4.1
https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.7
https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.13

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAEBCgAGBQJWw6BBAAoJEGVp2FWnRL6T7gAP/j7ExC0S06Uylke++ux/dvl7
MTiAwiLhDg2lUn8u+HVVuShdGmleseGaJpcd6gIPRjttjImlA+qsO7G6/+BeOfqP
vch/NaPqytn0Lgdc08JPHrVU1Lb05f8GoZ393YmnKhVaoWbEJ8Yz1BW7dL0f5Kbj
MpfJ20j7TbOX+mERhdHEZuanAZ8aSQQtCn8XWr5LWmzx/CFW3z7j60ICclsqgsVa
DzmPhQ9mfhsIyulgvOqyP+/r0m3Dk2JiYXBMyXY23KfUmxdETz44GmF9UKkJOol3
lR/0tFlHXnYzr+9ecikpQNEfSVGxVOgk28AqGVc7S1xMktnq2zV6TZwYQm4vLVtv
Fe2oEjfr7msRwiKO0LKKPnTjB9hoNQ3WWMmifSn4VZOKxS02+5PamnOneZyJZV0O
7yi9rrjkZP0pTf+Dti3o88Z4oy0oKzJ/XoNiZTcGpzAwjq5PttLKXdJAPL4Gy+SI
9h6mr5+//sL+AAD7UYvTy2IFMh7Kefv0iHVEcXdEAjSbq+pf6XLN5QRqJrRcuTOi
t27dpjeU0P4sU1mqkKsqDUBn8sKQh/ufYfyS6ZsJcqXW2otoP1x8+8mybCcydoGo
xC6cyTOrUVuSSm1BU9sBq3D5tda2I0LrRhqt4DpyPU2tH/0S/FQkNWPnFo9GPzkf
SXz5mLPQeQT7uZ23dOHB
=qe3v
—–END PGP SIGNATURE—–

ncert
Top
More in Preporuke
Ranjivosti programske biblioteke eglibc

Otkriveno je nekoliko ranjivosti u programskoj biblioteci eglibc za Debian, od kojih jedna (CVE-2015-7547) ima visoki stupanj rizičnosti. Kritična ranjivost...

Close