Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Pufferüberlauf in glibc
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in glibc
ID: MDVSA-2015:039
Distribution: Mandriva
Plattformen: Mandriva Business Server 1.0
Datum: Di, 10. Februar 2015, 11:09
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
https://rhn.redhat.com/errata/RHSA-2015-0092.html

Originalnachricht

This is a multi-part message in MIME format...

------------=_1423559017-28859-0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:039
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : glibc
Date : February 10, 2015
Affected: Business Server 1.0
_______________________________________________________________________

Problem Description:

A vulnerability has been discovered and corrected in glibc:

Heap-based buffer overflow in the __nss_hostname_digits_dots
function in glibc 2.2, and other 2.x versions before 2.18, allows
context-dependent attackers to execute arbitrary code via vectors
related to the (1) gethostbyname or (2) gethostbyname2 function,
aka GHOST. (CVE-2015-0235)

The updated packages have been patched to correct this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
https://rhn.redhat.com/errata/RHSA-2015-0092.html
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 1/X86_64:
678efef85b85206451ef8927bad808e0
mbs1/x86_64/glibc-2.14.1-12.11.mbs1.x86_64.rpm
46cd508f03e36c1e4f752c317852ec8e
mbs1/x86_64/glibc-devel-2.14.1-12.11.mbs1.x86_64.rpm
069302c80e3b79504e2b0eaaa72c2745
mbs1/x86_64/glibc-doc-2.14.1-12.11.mbs1.noarch.rpm
3a841c0295823354655dd3e7734ada0b
mbs1/x86_64/glibc-doc-pdf-2.14.1-12.11.mbs1.noarch.rpm
11a672a0b4bae77c7adfa803bea9871f
mbs1/x86_64/glibc-i18ndata-2.14.1-12.11.mbs1.x86_64.rpm
d3f113ccec4f18e4bb08c951625e51d7
mbs1/x86_64/glibc-profile-2.14.1-12.11.mbs1.x86_64.rpm
f6d6aa5806dd747e66996ea8cc01c9b4
mbs1/x86_64/glibc-static-devel-2.14.1-12.11.mbs1.x86_64.rpm
98cc6eae0234eeed945712bbc8b2c0ea
mbs1/x86_64/glibc-utils-2.14.1-12.11.mbs1.x86_64.rpm
bf6f2fcc3dd21bd8380aac40e91bb802
mbs1/x86_64/nscd-2.14.1-12.11.mbs1.x86_64.rpm
f597e4d6241c76701733d730e84f5714 mbs1/SRPMS/glibc-2.14.1-12.11.mbs1.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFU2bromqjQ0CJFipgRAmFsAKCQjfZlXUkoM7Vw2lzaEcgdyJncUgCg6ad6
CZAvbkM0GO2ojTqkrf89cyk=
=/OhK
-----END PGP SIGNATURE-----


------------=_1423559017-28859-0
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1423559017-28859-0--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung