Ispravljen propust paketa glibc

Paket glibc imao je sigurnosni nedostatak koji je omogućavao zlonamjernom korisniku uskraćivanje usluge ili izvođenje proizvoljnog programskog koda.

Paket:	glibc 2.x
Operacijski sustavi:	CentOS
Kritičnost:	4.6
Problem:	pogreška u programskoj funkciji
Iskorištavanje:	udaljeno
Posljedica:	proizvoljno izvršavanje programskog koda, uskraćivanje usluga (DoS)
Rješenje:	programska zakrpa proizvođača
CVE:	CVE-2012-3480
Izvorni ID preporuke:	2012:1207
Izvor:	CentOS

Problem:
Problemi su rezultat pogrešaka u funkcijama strtod(), strtof() i strtold().
Posljedica:
Zlonamjerni korisnik mogao je iskoristiti navedene probleme kako bi pokrenuo proizvoljan programski kod ili izveo DoS (eng. Denial of Service) napad.
Rješenje:
Preporuča se primjena izdanih zakrpa.

Izvorni tekst preporuke

[CentOS-announce] CESA-2012:1208 Moderate CentOS 6 glibc Update
CentOS Errata and Security Advisory 2012:1207 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1207.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
0089410150c89fcc8df0305410f9d314fc0c5ba4f13e31f068a17a753c817263  glibc-2.5-81.el5_8.7.i386.rpm
655512907db14ad87c2d009f1d9a903d3cbb26f0d301f60eaf3cfda202aef811  glibc-2.5-81.el5_8.7.i686.rpm
83027498413d8511b2a232acd1c9ddb092405c40676cb070df3c7cd973c9a25f  glibc-common-2.5-81.el5_8.7.i386.rpm
28bffb8ec99f5e68094711fb70ca31b4928304faf6e11c42ee98912f78b81b26  glibc-devel-2.5-81.el5_8.7.i386.rpm
86a8e9e969e2bf49e5e815a80e35ccda8bf75410f092731c6dcff4d711f8a226  glibc-headers-2.5-81.el5_8.7.i386.rpm
00568cd96bb6f52cf67d06c614391f48424e662ef592cd34cb0e24ddf13238fd  glibc-utils-2.5-81.el5_8.7.i386.rpm
e8d4041cc6d171f001336d681269bff838f4f5570e12d9b5cac98b56500f2701  nscd-2.5-81.el5_8.7.i386.rpm

x86_64:
655512907db14ad87c2d009f1d9a903d3cbb26f0d301f60eaf3cfda202aef811  glibc-2.5-81.el5_8.7.i686.rpm
9a635ee5716a4d932dc74f35fd6b9cf47161faebf8826a716aca7a4150e11d3c  glibc-2.5-81.el5_8.7.x86_64.rpm
0c4ddfa688103790743b58d1d246ba4f869bc9b4bd5486895ba4593c550d687b  glibc-common-2.5-81.el5_8.7.x86_64.rpm
28bffb8ec99f5e68094711fb70ca31b4928304faf6e11c42ee98912f78b81b26  glibc-devel-2.5-81.el5_8.7.i386.rpm
0eed5096e58b25e661c00bc4818f8f775c36a375292cb1416dd2531c4d8cfe79  glibc-devel-2.5-81.el5_8.7.x86_64.rpm
7787047fab6d5d2bf8c0eb8c5f660e2098da0ffde362f72c8c91e0e79a68dd07  glibc-headers-2.5-81.el5_8.7.x86_64.rpm
62fd97d0ac2d3ad1b971f5ae11f1b09fab7778b5a456cd72aa376708b6e139d2  glibc-utils-2.5-81.el5_8.7.x86_64.rpm
69e07ed28d0b5ecd76125efa9415d75a6efc77cde26adc13c9f67922153ac2a8  nscd-2.5-81.el5_8.7.x86_64.rpm

Source:
a8d7c2568227eb8d010306055765b7c8beb6da91c7ff610ea016eeeb3821c91c  glibc-2.5-81.el5_8.7.src.rpm


CentOS Errata and Security Advisory 2012:1207 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-1207.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
0089410150c89fcc8df0305410f9d314fc0c5ba4f13e31f068a17a753c817263  glibc-2.5-81.el5_8.7.i386.rpm
655512907db14ad87c2d009f1d9a903d3cbb26f0d301f60eaf3cfda202aef811  glibc-2.5-81.el5_8.7.i686.rpm
83027498413d8511b2a232acd1c9ddb092405c40676cb070df3c7cd973c9a25f  glibc-common-2.5-81.el5_8.7.i386.rpm
28bffb8ec99f5e68094711fb70ca31b4928304faf6e11c42ee98912f78b81b26  glibc-devel-2.5-81.el5_8.7.i386.rpm
86a8e9e969e2bf49e5e815a80e35ccda8bf75410f092731c6dcff4d711f8a226  glibc-headers-2.5-81.el5_8.7.i386.rpm
00568cd96bb6f52cf67d06c614391f48424e662ef592cd34cb0e24ddf13238fd  glibc-utils-2.5-81.el5_8.7.i386.rpm
e8d4041cc6d171f001336d681269bff838f4f5570e12d9b5cac98b56500f2701  nscd-2.5-81.el5_8.7.i386.rpm

x86_64:
655512907db14ad87c2d009f1d9a903d3cbb26f0d301f60eaf3cfda202aef811  glibc-2.5-81.el5_8.7.i686.rpm
9a635ee5716a4d932dc74f35fd6b9cf47161faebf8826a716aca7a4150e11d3c  glibc-2.5-81.el5_8.7.x86_64.rpm
0c4ddfa688103790743b58d1d246ba4f869bc9b4bd5486895ba4593c550d687b  glibc-common-2.5-81.el5_8.7.x86_64.rpm
28bffb8ec99f5e68094711fb70ca31b4928304faf6e11c42ee98912f78b81b26  glibc-devel-2.5-81.el5_8.7.i386.rpm
0eed5096e58b25e661c00bc4818f8f775c36a375292cb1416dd2531c4d8cfe79  glibc-devel-2.5-81.el5_8.7.x86_64.rpm
7787047fab6d5d2bf8c0eb8c5f660e2098da0ffde362f72c8c91e0e79a68dd07  glibc-headers-2.5-81.el5_8.7.x86_64.rpm
62fd97d0ac2d3ad1b971f5ae11f1b09fab7778b5a456cd72aa376708b6e139d2  glibc-utils-2.5-81.el5_8.7.x86_64.rpm
69e07ed28d0b5ecd76125efa9415d75a6efc77cde26adc13c9f67922153ac2a8  nscd-2.5-81.el5_8.7.x86_64.rpm

Source:
a8d7c2568227eb8d010306055765b7c8beb6da91c7ff610ea016eeeb3821c91c  glibc-2.5-81.el5_8.7.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #centos at irc.freenode.net

Ispravljen propust paketa glibc

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti

Ispravljen propust paketa glibc

Tražilica portala

Aktivnosti

O CIS-u

Posljednje sigurnosne preporuke

Posljednje vijesti

Popularni članci

Posljednji dokumenti