==========================================================================
Ubuntu Security Notice USN-2900-1
February 16, 2016
eglibc, glibc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 15.10
– Ubuntu 14.04 LTS
– Ubuntu 12.04 LTS
Summary:
GNU C Library could be made to crash or run programs if it received
specially crafted network traffic.
Software Description:
– glibc: GNU C Library
– eglibc: GNU C Library
Details:
It was discovered that the GNU C Library incorrectly handled receiving
responses while performing DNS resolution. A remote attacker could use this
issue to cause the GNU C Library to crash, resulting in a denial of
service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 15.10:
libc6 2.21-0ubuntu4.1
Ubuntu 14.04 LTS:
libc6 2.19-0ubuntu6.7
Ubuntu 12.04 LTS:
libc6 2.15-0ubuntu10.13
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2900-1
CVE-2015-7547
Package Information:
https://launchpad.net/ubuntu/+source/glibc/2.21-0ubuntu4.1
https://launchpad.net/ubuntu/+source/eglibc/2.19-0ubuntu6.7
https://launchpad.net/ubuntu/+source/eglibc/2.15-0ubuntu10.13
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2
iQIcBAEBCgAGBQJWw6BBAAoJEGVp2FWnRL6T7gAP/j7ExC0S06Uylke++ux/dvl7
MTiAwiLhDg2lUn8u+HVVuShdGmleseGaJpcd6gIPRjttjImlA+qsO7G6/+BeOfqP
vch/NaPqytn0Lgdc08JPHrVU1Lb05f8GoZ393YmnKhVaoWbEJ8Yz1BW7dL0f5Kbj
MpfJ20j7TbOX+mERhdHEZuanAZ8aSQQtCn8XWr5LWmzx/CFW3z7j60ICclsqgsVa
DzmPhQ9mfhsIyulgvOqyP+/r0m3Dk2JiYXBMyXY23KfUmxdETz44GmF9UKkJOol3
lR/0tFlHXnYzr+9ecikpQNEfSVGxVOgk28AqGVc7S1xMktnq2zV6TZwYQm4vLVtv
Fe2oEjfr7msRwiKO0LKKPnTjB9hoNQ3WWMmifSn4VZOKxS02+5PamnOneZyJZV0O
7yi9rrjkZP0pTf+Dti3o88Z4oy0oKzJ/XoNiZTcGpzAwjq5PttLKXdJAPL4Gy+SI
9h6mr5+//sL+AAD7UYvTy2IFMh7Kefv0iHVEcXdEAjSbq+pf6XLN5QRqJrRcuTOi
t27dpjeU0P4sU1mqkKsqDUBn8sKQh/ufYfyS6ZsJcqXW2otoP1x8+8mybCcydoGo
xC6cyTOrUVuSSm1BU9sBq3D5tda2I0LrRhqt4DpyPU2tH/0S/FQkNWPnFo9GPzkf
SXz5mLPQeQT7uZ23dOHB
=qe3v
—–END PGP SIGNATURE—–
—