Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in GNU C library
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in GNU C library
ID: FEDORA-2016-0480defc94
Distribution: Fedora
Plattformen: Fedora 22
Datum: Mi, 17. Februar 2016, 14:32
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1781
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8777
Applikationen: GNU C library

Originalnachricht

 
Name        : glibc
Product     : Fedora 22
Version     : 2.21
Release     : 11.fc22
URL         : http://www.gnu.org/software/glibc/
Summary     : The GNU libc libraries
Description :
The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.

-------------------------------------------------------------------------------
-
Update Information:

This updates addresses a critical security vulnerability in the DNS resolver
related to `AF_UNSPEC` queries with `getaddrinfo` (CVE-2015-7547). It also
includes security fixes for CVE-2015-8777 and CVE-2015-1781. It improves
`malloc` scalability for applications which start and terminate many threads.
The output of `locale -a` is now ASCII-only (previously, it contained
 ISO-8859-1
characters).
-------------------------------------------------------------------------------
-
References:

  [ 1 ] Bug #1199525 - CVE-2015-1781 glibc: buffer overflow in
 gethostbyname_r() and related functions with misaligned buffer
        https://bugzilla.redhat.com/show_bug.cgi?id=1199525
  [ 2 ] Bug #1260581 - CVE-2015-8777 glibc: LD_POINTER_GUARD in the environment
 is not sanitized
        https://bugzilla.redhat.com/show_bug.cgi?id=1260581
  [ 3 ] Bug #1293532 - CVE-2015-7547 glibc: getaddrinfo stack-based buffer
 overflow
        https://bugzilla.redhat.com/show_bug.cgi?id=1293532
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update glibc' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung