Tri nedostatka programske biblioteke glibc

U radu programske biblioteke glibc ispravljena su tri sigurnosna nedostatka. Zlonamjerni korisnik može iskoristiti spomenute ranjivosti za zaobilaženje FORTIFY_SOURCE ograničenja te pokretanje proizvoljnog programskog koda.

Paket:	glibc 2.x
Operacijski sustavi:	CentOS
Kritičnost:	5
Problem:	pogreška u programskoj komponenti
Iskorištavanje:	udaljeno
Posljedica:	proizvoljno izvršavanje programskog koda, zaobilaženje postavljenih ograničenja
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2012-3404, CVE-2012-3405, CVE-2012-3406
Izvorni ID preporuke:	2012:1098
Izvor:	CentOS

Problem:
Propusti su posljedica višestrukih pogrešaka u radu komponente zadužene za formatirani ispis.
Posljedica:
Propuste je moguće iskoristiti za zabilaženje FORTIFY_SOURCE ograničenja te izvršavanje zlonamjernog programskog koda.
Rješenje:
Korisnicima se savjetuje prelazak na ispravljenu inačicu.

Izvorni tekst preporuke

CentOS Errata and Security Advisory 2012:1098 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1098.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 


i386:
5ecb8730a89f8a31d7a0de1ca92d7c008a67f17b3be5b28c7ff11b1cf3e8e183 
glibc-2.12-1.80.el6_3.3.i686.rpm
d83a8345da6c7d2d625c500a1ce26729e49d495fc4da3d5a534c35beb94fa749 
glibc-common-2.12-1.80.el6_3.3.i686.rpm
72f83ac32fa958d5be1b11b2f23d5994b79c4cf64f4f15742e35428d564798ce 
glibc-devel-2.12-1.80.el6_3.3.i686.rpm
e012d2d4576506ec42f0d7aea0d5f5912fea1ffb81218bed0413598e9783acf8 
glibc-headers-2.12-1.80.el6_3.3.i686.rpm
dba2226d155ea686cdabc840bcc93c219504e2b80d3cd9405ea5fca9823c5aa5 
glibc-static-2.12-1.80.el6_3.3.i686.rpm
8dc1b0647bd6c0cd92b4c136561b20977c0bc1dbb295376d6928ddd3a82ac3b0 
glibc-utils-2.12-1.80.el6_3.3.i686.rpm
c679b59bade826b99f2ffd5499e38142b32c2edceb4d6cbfe0cf9ddf36b35133 
nscd-2.12-1.80.el6_3.3.i686.rpm

x86_64:
5ecb8730a89f8a31d7a0de1ca92d7c008a67f17b3be5b28c7ff11b1cf3e8e183 
glibc-2.12-1.80.el6_3.3.i686.rpm
a7d9ae901bd801b528af0320f9252822a06071b3653332a92129e4f6c2ebf236 
glibc-2.12-1.80.el6_3.3.x86_64.rpm
565095f4f280bb5b013e5360bac8e3607b8a8bce0aefa06706d01a1c06a59a7f 
glibc-common-2.12-1.80.el6_3.3.x86_64.rpm
72f83ac32fa958d5be1b11b2f23d5994b79c4cf64f4f15742e35428d564798ce 
glibc-devel-2.12-1.80.el6_3.3.i686.rpm
351691cd5a08d50c08641a37562b87da5fa4481230a2bba8a59149799ee7c2f6 
glibc-devel-2.12-1.80.el6_3.3.x86_64.rpm
1767ce64d9a8a5dd019d6d13b97c1ec63dc94ba8a1942fec0960f4a175a4b621 
glibc-headers-2.12-1.80.el6_3.3.x86_64.rpm
dba2226d155ea686cdabc840bcc93c219504e2b80d3cd9405ea5fca9823c5aa5 
glibc-static-2.12-1.80.el6_3.3.i686.rpm
e6d9f5b207bc344cf411d708072bdcad752aa4b57f4184572fe9874053425a72 
glibc-static-2.12-1.80.el6_3.3.x86_64.rpm
8e3ff7745f878497c4014f40fcb6d9f675e8433d86e42ec818f394e7563ecc9a 
glibc-utils-2.12-1.80.el6_3.3.x86_64.rpm
f9632f771548ce75de771ddfb262bff57020ff69a3e498d2ea3bbbbd9b753954 
nscd-2.12-1.80.el6_3.3.x86_64.rpm

Source:
63c8df7afd004eb18c9aae048011ba7267e072a47bff7df9a42e35b0f1638369 
glibc-2.12-1.80.el6_3.3.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.

_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce



CentOS Errata and Security Advisory 2012:1097 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1097.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
7028c5d98d4a4b2e385f7e93e0e4fb7c31ea34ee141d3bcb7c12bb10dc401eb4 
glibc-2.5-81.el5_8.4.i386.rpm
29387e61f18ef4468a07e81ae0bcb403023046a8d4311ab69a0f2a6094977a7d 
glibc-2.5-81.el5_8.4.i686.rpm
917150f30ae4f272dbd5c51fb375ea95e08a5aa1460bf0ae9c0ad59695625383 
glibc-common-2.5-81.el5_8.4.i386.rpm
a7a8bf6b7f847cb710526a6fa8514cf436493ca6a3910e5938e28ff1ad92d10c 
glibc-devel-2.5-81.el5_8.4.i386.rpm
6cc967abb594c2ed16cde21dde758a59e74a047431d89f40fe03b7ac587af046 
glibc-headers-2.5-81.el5_8.4.i386.rpm
5c22b70a778fea141166d2db9fd379367ce7f1bc4bf2f0a05009b8aae8efdc06 
glibc-utils-2.5-81.el5_8.4.i386.rpm
9f09e344d83b39df824e755d9fe3966d44d5dc37db845822b2bf6f91eb528cda 
nscd-2.5-81.el5_8.4.i386.rpm

x86_64:
29387e61f18ef4468a07e81ae0bcb403023046a8d4311ab69a0f2a6094977a7d 
glibc-2.5-81.el5_8.4.i686.rpm
c03ea2db5b4c8eec8711222b0b0d479d46d62b6e342271e4d3f8f7a93ed1ac00 
glibc-2.5-81.el5_8.4.x86_64.rpm
c2ec2303da1d06efbf80cac24ec641a07f082a64c9de8aaa20280eb82905f3c2 
glibc-common-2.5-81.el5_8.4.x86_64.rpm
a7a8bf6b7f847cb710526a6fa8514cf436493ca6a3910e5938e28ff1ad92d10c 
glibc-devel-2.5-81.el5_8.4.i386.rpm
de2cab6d05be8d217bf82e8f9a242c593dfa460bbe5316a95862fd6c91b404d0 
glibc-devel-2.5-81.el5_8.4.x86_64.rpm
22d777420cc4868bdec669c5fa18009b68d93c060ce8c4e918d7dabc6092a821 
glibc-headers-2.5-81.el5_8.4.x86_64.rpm
e27cfef0d57e7b4aad53fd89ed2e936035ddbc68827137c53bd285ae6bdf2896 
glibc-utils-2.5-81.el5_8.4.x86_64.rpm
e76a2baa0524a73d1bac2eab8bfbabee57ffd0e9b45eb8e4f1a5018515d4fefa 
nscd-2.5-81.el5_8.4.x86_64.rpm

Source:
a04a5b87fa5b1668206ed190d1b57946dbcd00dc159d4b62d5eff8c16dfd6193 
glibc-2.5-81.el5_8.4.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.

_______________________________________________
CentOS-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
http://lists.centos.org/mailman/listinfo/centos-announce

Tri nedostatka programske biblioteke glibc

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Tri nedostatka programske biblioteke glibc

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti