`` 

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated glibc packages fix vulnerabilities in resolver
Advisory ID:       RHSA-2002:139-10
Issue date:        2002-07-11
Updated on:        2002-07-22
Product:           Red Hat Linux
Keywords:          glibc resolver nsswitch strncpy
Cross references:  
Obsoletes:         RHSA-2001:160
CVE Names:         CAN-2002-0684 CAN-2002-0651
---------------------------------------------------------------------

1. Topic:

Updated glibc packages are available to fix two vulnerabilities in the
resolver functions.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, i686, sparc, sparcv9

Red Hat Linux 7.0 - alpha, alphaev6, i386, i686

Red Hat Linux 7.1 - alpha, alphaev6, i386, i686, ia64

Red Hat Linux 7.2 - i386, i686, ia64

Red Hat Linux 7.3 - i386, i686

3. Problem description:

The glibc package contains standard libraries which are used by
multiple programs on the system.

A buffer overflow vulnerability has been found in the way the glibc
resolver handles the resolution of network names and addresses via DNS (as
per Internet RFC 1011).  Version 2.2.5 of glibc and earlier versions are
affected.  A system would be vulnerable to this issue if the
"networks" database in /etc/nsswitch.conf includes the "dns" entry.  By
default, Red Hat Linux ships with "networks" set to "files" and
is therefore not vulnerable to this issue.  (CAN-2002-0684)

A second, related, issue is a bug in the glibc-compat packages,  which
provide compatibility for applications compiled against glibc version
2.0.x.  Applications compiled against this version (such as those
distributed with early Red Hat Linux releases 5.0, 5.1, and 5.2) could also
be vulnerable to this issue.  (CAN-2002-0651)

These errata packages for Red Hat Linux 7.1 and 7.2 on the Itanium
architecture also include a fix for the strncpy implementation in some
boundary cases.

All users should upgrade to these errata packages which contain patches to
the glibc and glibc-compat libraries and therefore are not vulnerable to
these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed  (  for more info):



6. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
 

alpha: 
  
  
  
 

i386: 
  
  
  
 

sparc: 
  
  
  
 

sparcv9: 
 

Red Hat Linux 7.0:

SRPMS: 
 

alpha: 
  
  
  
  
 

alphaev6: 
 

i386: 
  
  
  
  
 

i686: 
 

Red Hat Linux 7.1:

SRPMS: 
 

alpha: 
  
  
  
  
 

alphaev6: 
 

i386: 
  
  
  
  
 

i686: 
 

ia64: 
  
  
  
  
 

Red Hat Linux 7.2:

SRPMS: 
 

i386: 
  
  
  
  
 

i686: 
 

ia64: 
  
  
  
  
 

Red Hat Linux 7.3:

SRPMS: 
 

i386: 
  
  
  
  
  
  
  
 

i686: 
  
 



7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
9a3e1bff97d347d5d0eaa649285a29e7 6.2/en/os/SRPMS/glibc-2.1.3-24.src.rpm
2e3e177fe6e65d26cdbb96588a9a5d7c 6.2/en/os/alpha/glibc-2.1.3-24.alpha.rpm
eeaabcca9198c433f2e5f4a3c37e9f94 6.2/en/os/alpha/glibc-devel-2.1.3-24.alpha.rpm
e471e5eaddb1096c9e0b6b43d2285e6b 6.2/en/os/alpha/glibc-profile-2.1.3-24.alpha.rpm
0d3567e1ad976fb9968f066d76c1713c 6.2/en/os/alpha/nscd-2.1.3-24.alpha.rpm
55c893993fd3101ce3c3847b03a3fbbe 6.2/en/os/i386/glibc-2.1.3-24.i386.rpm
f9484a4634fce16bed9cdaf098cf861f 6.2/en/os/i386/glibc-devel-2.1.3-24.i386.rpm
aed4c48fbc415b8aefe2c20933bbf6b8 6.2/en/os/i386/glibc-profile-2.1.3-24.i386.rpm
07abd4e9d2181f8948af2fe76784b554 6.2/en/os/i386/nscd-2.1.3-24.i386.rpm
eb0c870314704ed3eb95961f4060cc7c 6.2/en/os/sparc/glibc-2.1.3-24.sparc.rpm
01c54853ad6a5083bb23eda3d43b22a5 6.2/en/os/sparc/glibc-devel-2.1.3-24.sparc.rpm
e39a6b9420f251d11cad05032bf0275b 6.2/en/os/sparc/glibc-profile-2.1.3-24.sparc.rpm
decd8617187517c68d7fa0d0438adf12 6.2/en/os/sparc/nscd-2.1.3-24.sparc.rpm
f60261b7b32f5a627267e06306af56f5 6.2/en/os/sparcv9/glibc-2.1.3-24.sparcv9.rpm
5b64505518a0dcc4d6b023f0c7af3960 7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.4.src.rpm
10d795dcdfc8756f03219f116182d702 7.0/en/os/alpha/glibc-2.2.4-18.7.0.4.alpha.rpm
90714b1817aa083dec2e57477043caf6 7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.4.alpha.rpm
0b61592283a9640030c127a5cd124336 7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.4.alpha.rpm
6e5da4f63088606f19777233d68ab296 7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.4.alpha.rpm
739a998a00fc67c4e6a5170e55d17cb5 7.0/en/os/alpha/nscd-2.2.4-18.7.0.4.alpha.rpm
39dc3b3b9a963a3c7348a73c0a2ff7f8 7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.4.alphaev6.rpm
321393b42a53d31f69b6eaffc9f2102a 7.0/en/os/i386/glibc-2.2.4-18.7.0.4.i386.rpm
50afc752fff2c878011119e1b37e8571 7.0/en/os/i386/glibc-common-2.2.4-18.7.0.4.i386.rpm
78ab2c22d7b8612016a89907dcbd0d29 7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.4.i386.rpm
87d4668630cfd074fefd150475f1e5e5 7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.4.i386.rpm
d513dc5efa2d875866ffbdd244a92a67 7.0/en/os/i386/nscd-2.2.4-18.7.0.4.i386.rpm
e35c630998bd879e88f1ab9bb9b74d72 7.0/en/os/i686/glibc-2.2.4-18.7.0.4.i686.rpm
8b5c7cb9220631e68050637383b9c29d 7.1/en/os/SRPMS/glibc-2.2.4-27.src.rpm
d70b222f0e4a3ab20968857c68b683ce 7.1/en/os/alpha/glibc-2.2.4-27.alpha.rpm
8bb579b8a232b90550291904d4078449 7.1/en/os/alpha/glibc-common-2.2.4-27.alpha.rpm
5923ddfbc622ab02ef63a08607c32b00 7.1/en/os/alpha/glibc-devel-2.2.4-27.alpha.rpm
a2701ab8e56f3ed77d62d7de84dd7ce4 7.1/en/os/alpha/glibc-profile-2.2.4-27.alpha.rpm
01be31be9c13facb3f88b3717c0e3319 7.1/en/os/alpha/nscd-2.2.4-27.alpha.rpm
de454e55e66522bd40739370092422ba 7.1/en/os/alphaev6/glibc-2.2.4-27.alphaev6.rpm
eeafe747b480543489d3d91c496af3bc 7.1/en/os/i386/glibc-2.2.4-27.i386.rpm
b75ad5323c294daf1dc53c8bd74bdae2 7.1/en/os/i386/glibc-common-2.2.4-27.i386.rpm
75ddc348fa944e0df55bb8351a0988e3 7.1/en/os/i386/glibc-devel-2.2.4-27.i386.rpm
915abdc16175ec8ee07adbaf406b563d 7.1/en/os/i386/glibc-profile-2.2.4-27.i386.rpm
8c4b8d913b56910d1eb043cd8fb7dadf 7.1/en/os/i386/nscd-2.2.4-27.i386.rpm
8c33fbd6a3a0e40c22e8892a624bd398 7.1/en/os/i686/glibc-2.2.4-27.i686.rpm
c5a61c4a96e0c89cb94c5755b9d640df 7.1/en/os/ia64/glibc-2.2.4-27.ia64.rpm
2753a1d09ef0294dd611283a6dc01279 7.1/en/os/ia64/glibc-common-2.2.4-27.ia64.rpm
175abe8553824db00c84fd7ba23150d6 7.1/en/os/ia64/glibc-devel-2.2.4-27.ia64.rpm
f3774fb87287ad7cd9e083d062cda348 7.1/en/os/ia64/glibc-profile-2.2.4-27.ia64.rpm
7e7c12abfea5507a0a5cc8744072c747 7.1/en/os/ia64/nscd-2.2.4-27.ia64.rpm
8b5c7cb9220631e68050637383b9c29d 7.2/en/os/SRPMS/glibc-2.2.4-27.src.rpm
eeafe747b480543489d3d91c496af3bc 7.2/en/os/i386/glibc-2.2.4-27.i386.rpm
b75ad5323c294daf1dc53c8bd74bdae2 7.2/en/os/i386/glibc-common-2.2.4-27.i386.rpm
75ddc348fa944e0df55bb8351a0988e3 7.2/en/os/i386/glibc-devel-2.2.4-27.i386.rpm
915abdc16175ec8ee07adbaf406b563d 7.2/en/os/i386/glibc-profile-2.2.4-27.i386.rpm
8c4b8d913b56910d1eb043cd8fb7dadf 7.2/en/os/i386/nscd-2.2.4-27.i386.rpm
8c33fbd6a3a0e40c22e8892a624bd398 7.2/en/os/i686/glibc-2.2.4-27.i686.rpm
c5a61c4a96e0c89cb94c5755b9d640df 7.2/en/os/ia64/glibc-2.2.4-27.ia64.rpm
2753a1d09ef0294dd611283a6dc01279 7.2/en/os/ia64/glibc-common-2.2.4-27.ia64.rpm
175abe8553824db00c84fd7ba23150d6 7.2/en/os/ia64/glibc-devel-2.2.4-27.ia64.rpm
f3774fb87287ad7cd9e083d062cda348 7.2/en/os/ia64/glibc-profile-2.2.4-27.ia64.rpm
7e7c12abfea5507a0a5cc8744072c747 7.2/en/os/ia64/nscd-2.2.4-27.ia64.rpm
9c2d0f4717f4931ff3d233ef44cfa5b1 7.3/en/os/SRPMS/glibc-2.2.5-37.src.rpm
b3e14c27d1f337107662cffe8111ffb4 7.3/en/os/i386/glibc-2.2.5-37.i386.rpm
318a0e614f31b4ea63ea122ffc9b0abc 7.3/en/os/i386/glibc-common-2.2.5-37.i386.rpm
c11c152ffb7b98e3ada86ef89b21060b 7.3/en/os/i386/glibc-debug-2.2.5-37.i386.rpm
8f7403eb789e624a91a5728c752ffb7e 7.3/en/os/i386/glibc-debug-static-2.2.5-37.i386.rpm
1364e6e500af53789f94a845d7201745 7.3/en/os/i386/glibc-devel-2.2.5-37.i386.rpm
977f0364e31ef240375d5dc3abce27c9 7.3/en/os/i386/glibc-profile-2.2.5-37.i386.rpm
702c9e2f376d9d10829961b29d1e3fd3 7.3/en/os/i386/glibc-utils-2.2.5-37.i386.rpm
aa3e2f88f60ca8e8566d45a8e8bf6218 7.3/en/os/i386/nscd-2.2.5-37.i386.rpm
854b21baba0b4b32963bc322fe59ffc2 7.3/en/os/i686/glibc-2.2.5-37.i686.rpm
0d488fae1d4248bbd1727c402143d5f6 7.3/en/os/i686/glibc-debug-2.2.5-37.i686.rpm
 

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
     About

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

8. References:
 
2002 CERT Advisories 
CVE -CVE-2002-0684 
CVE -CVE-2002-0651



Copyright(c) 2000, 2001, 2002 Red Hat, Inc.



_______________________________________________
Red Hat-watch-list mailing list
To unsubscribe, visit: https://listman.RedHat.com/mailman/listinfo/RedHat-watch-list
``

RedHat: 'glibc' Buffer overflow vulnerability

Updated glibc packages are available to fix two vulnerabilities in theresolver functions

Summary



Summary

The glibc package contains standard libraries which are used bymultiple programs on the system.A buffer overflow vulnerability has been found in the way the glibcresolver handles the resolution of network names and addresses via DNS (asper Internet RFC 1011). Version 2.2.5 of glibc and earlier versions areaffected. A system would be vulnerable to this issue if the"networks" database in /etc/nsswitch.conf includes the "dns" entry. Bydefault, Red Hat Linux ships with "networks" set to "files" andis therefore not vulnerable to this issue. (CAN-2002-0684)A second, related, issue is a bug in the glibc-compat packages, whichprovide compatibility for applications compiled against glibc version2.0.x. Applications compiled against this version (such as thosedistributed with early Red Hat Linux releases 5.0, 5.1, and 5.2) could alsobe vulnerable to this issue. (CAN-2002-0651)These errata packages for Red Hat Linux 7.1 and 7.2 on the Itaniumarchitecture also include a fix for the strncpy implementation in someboundary cases.All users should upgrade to these errata packages which contain patches tothe glibc and glibc-compat libraries and therefore are not vulnerable tothese issues.


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
5. Bug IDs fixed ( for more info):


6. RPMs required:
Red Hat Linux 6.2:
SRPMS:

alpha:




i386:




sparc:




sparcv9:

Red Hat Linux 7.0:
SRPMS:

alpha:





alphaev6:

i386:





i686:

Red Hat Linux 7.1:
SRPMS:

alpha:





alphaev6:

i386:





i686:

ia64:





Red Hat Linux 7.2:
SRPMS:

i386:





i686:

ia64:





Red Hat Linux 7.3:
SRPMS:

i386:








i686:




7. Verification:
MD5 sum Package Name 9a3e1bff97d347d5d0eaa649285a29e7 6.2/en/os/SRPMS/glibc-2.1.3-24.src.rpm 2e3e177fe6e65d26cdbb96588a9a5d7c 6.2/en/os/alpha/glibc-2.1.3-24.alpha.rpm eeaabcca9198c433f2e5f4a3c37e9f94 6.2/en/os/alpha/glibc-devel-2.1.3-24.alpha.rpm e471e5eaddb1096c9e0b6b43d2285e6b 6.2/en/os/alpha/glibc-profile-2.1.3-24.alpha.rpm 0d3567e1ad976fb9968f066d76c1713c 6.2/en/os/alpha/nscd-2.1.3-24.alpha.rpm 55c893993fd3101ce3c3847b03a3fbbe 6.2/en/os/i386/glibc-2.1.3-24.i386.rpm f9484a4634fce16bed9cdaf098cf861f 6.2/en/os/i386/glibc-devel-2.1.3-24.i386.rpm aed4c48fbc415b8aefe2c20933bbf6b8 6.2/en/os/i386/glibc-profile-2.1.3-24.i386.rpm 07abd4e9d2181f8948af2fe76784b554 6.2/en/os/i386/nscd-2.1.3-24.i386.rpm eb0c870314704ed3eb95961f4060cc7c 6.2/en/os/sparc/glibc-2.1.3-24.sparc.rpm 01c54853ad6a5083bb23eda3d43b22a5 6.2/en/os/sparc/glibc-devel-2.1.3-24.sparc.rpm e39a6b9420f251d11cad05032bf0275b 6.2/en/os/sparc/glibc-profile-2.1.3-24.sparc.rpm decd8617187517c68d7fa0d0438adf12 6.2/en/os/sparc/nscd-2.1.3-24.sparc.rpm f60261b7b32f5a627267e06306af56f5 6.2/en/os/sparcv9/glibc-2.1.3-24.sparcv9.rpm 5b64505518a0dcc4d6b023f0c7af3960 7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.4.src.rpm 10d795dcdfc8756f03219f116182d702 7.0/en/os/alpha/glibc-2.2.4-18.7.0.4.alpha.rpm 90714b1817aa083dec2e57477043caf6 7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.4.alpha.rpm 0b61592283a9640030c127a5cd124336 7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.4.alpha.rpm 6e5da4f63088606f19777233d68ab296 7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.4.alpha.rpm 739a998a00fc67c4e6a5170e55d17cb5 7.0/en/os/alpha/nscd-2.2.4-18.7.0.4.alpha.rpm 39dc3b3b9a963a3c7348a73c0a2ff7f8 7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.4.alphaev6.rpm 321393b42a53d31f69b6eaffc9f2102a 7.0/en/os/i386/glibc-2.2.4-18.7.0.4.i386.rpm 50afc752fff2c878011119e1b37e8571 7.0/en/os/i386/glibc-common-2.2.4-18.7.0.4.i386.rpm 78ab2c22d7b8612016a89907dcbd0d29 7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.4.i386.rpm 87d4668630cfd074fefd150475f1e5e5 7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.4.i386.rpm d513dc5efa2d875866ffbdd244a92a67 7.0/en/os/i386/nscd-2.2.4-18.7.0.4.i386.rpm e35c630998bd879e88f1ab9bb9b74d72 7.0/en/os/i686/glibc-2.2.4-18.7.0.4.i686.rpm 8b5c7cb9220631e68050637383b9c29d 7.1/en/os/SRPMS/glibc-2.2.4-27.src.rpm d70b222f0e4a3ab20968857c68b683ce 7.1/en/os/alpha/glibc-2.2.4-27.alpha.rpm 8bb579b8a232b90550291904d4078449 7.1/en/os/alpha/glibc-common-2.2.4-27.alpha.rpm 5923ddfbc622ab02ef63a08607c32b00 7.1/en/os/alpha/glibc-devel-2.2.4-27.alpha.rpm a2701ab8e56f3ed77d62d7de84dd7ce4 7.1/en/os/alpha/glibc-profile-2.2.4-27.alpha.rpm 01be31be9c13facb3f88b3717c0e3319 7.1/en/os/alpha/nscd-2.2.4-27.alpha.rpm de454e55e66522bd40739370092422ba 7.1/en/os/alphaev6/glibc-2.2.4-27.alphaev6.rpm eeafe747b480543489d3d91c496af3bc 7.1/en/os/i386/glibc-2.2.4-27.i386.rpm b75ad5323c294daf1dc53c8bd74bdae2 7.1/en/os/i386/glibc-common-2.2.4-27.i386.rpm 75ddc348fa944e0df55bb8351a0988e3 7.1/en/os/i386/glibc-devel-2.2.4-27.i386.rpm 915abdc16175ec8ee07adbaf406b563d 7.1/en/os/i386/glibc-profile-2.2.4-27.i386.rpm 8c4b8d913b56910d1eb043cd8fb7dadf 7.1/en/os/i386/nscd-2.2.4-27.i386.rpm 8c33fbd6a3a0e40c22e8892a624bd398 7.1/en/os/i686/glibc-2.2.4-27.i686.rpm c5a61c4a96e0c89cb94c5755b9d640df 7.1/en/os/ia64/glibc-2.2.4-27.ia64.rpm 2753a1d09ef0294dd611283a6dc01279 7.1/en/os/ia64/glibc-common-2.2.4-27.ia64.rpm 175abe8553824db00c84fd7ba23150d6 7.1/en/os/ia64/glibc-devel-2.2.4-27.ia64.rpm f3774fb87287ad7cd9e083d062cda348 7.1/en/os/ia64/glibc-profile-2.2.4-27.ia64.rpm 7e7c12abfea5507a0a5cc8744072c747 7.1/en/os/ia64/nscd-2.2.4-27.ia64.rpm 8b5c7cb9220631e68050637383b9c29d 7.2/en/os/SRPMS/glibc-2.2.4-27.src.rpm eeafe747b480543489d3d91c496af3bc 7.2/en/os/i386/glibc-2.2.4-27.i386.rpm b75ad5323c294daf1dc53c8bd74bdae2 7.2/en/os/i386/glibc-common-2.2.4-27.i386.rpm 75ddc348fa944e0df55bb8351a0988e3 7.2/en/os/i386/glibc-devel-2.2.4-27.i386.rpm 915abdc16175ec8ee07adbaf406b563d 7.2/en/os/i386/glibc-profile-2.2.4-27.i386.rpm 8c4b8d913b56910d1eb043cd8fb7dadf 7.2/en/os/i386/nscd-2.2.4-27.i386.rpm 8c33fbd6a3a0e40c22e8892a624bd398 7.2/en/os/i686/glibc-2.2.4-27.i686.rpm c5a61c4a96e0c89cb94c5755b9d640df 7.2/en/os/ia64/glibc-2.2.4-27.ia64.rpm 2753a1d09ef0294dd611283a6dc01279 7.2/en/os/ia64/glibc-common-2.2.4-27.ia64.rpm 175abe8553824db00c84fd7ba23150d6 7.2/en/os/ia64/glibc-devel-2.2.4-27.ia64.rpm f3774fb87287ad7cd9e083d062cda348 7.2/en/os/ia64/glibc-profile-2.2.4-27.ia64.rpm 7e7c12abfea5507a0a5cc8744072c747 7.2/en/os/ia64/nscd-2.2.4-27.ia64.rpm 9c2d0f4717f4931ff3d233ef44cfa5b1 7.3/en/os/SRPMS/glibc-2.2.5-37.src.rpm b3e14c27d1f337107662cffe8111ffb4 7.3/en/os/i386/glibc-2.2.5-37.i386.rpm 318a0e614f31b4ea63ea122ffc9b0abc 7.3/en/os/i386/glibc-common-2.2.5-37.i386.rpm c11c152ffb7b98e3ada86ef89b21060b 7.3/en/os/i386/glibc-debug-2.2.5-37.i386.rpm 8f7403eb789e624a91a5728c752ffb7e 7.3/en/os/i386/glibc-debug-static-2.2.5-37.i386.rpm 1364e6e500af53789f94a845d7201745 7.3/en/os/i386/glibc-devel-2.2.5-37.i386.rpm 977f0364e31ef240375d5dc3abce27c9 7.3/en/os/i386/glibc-profile-2.2.5-37.i386.rpm 702c9e2f376d9d10829961b29d1e3fd3 7.3/en/os/i386/glibc-utils-2.2.5-37.i386.rpm aa3e2f88f60ca8e8566d45a8e8bf6218 7.3/en/os/i386/nscd-2.2.5-37.i386.rpm 854b21baba0b4b32963bc322fe59ffc2 7.3/en/os/i686/glibc-2.2.5-37.i686.rpm 0d488fae1d4248bbd1727c402143d5f6 7.3/en/os/i686/glibc-debug-2.2.5-37.i686.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About
You can verify each package with the following command: rpm --checksig
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

References

2002 CERT Advisories CVE -CVE-2002-0684 CVE -CVE-2002-0651 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. _______________________________________________ Red Hat-watch-list mailing list To unsubscribe, visit: https://listman.RedHat.com/mailman/listinfo/RedHat-watch-list ``

Package List


Severity
Advisory ID: RHSA-2002:139-10
Issued Date: : 2002-07-11
Updated on: 2002-07-22
Product: Red Hat Linux
Keywords: glibc resolver nsswitch strncpy
Cross references:
Obsoletes: RHSA-2001:160
CVE Names: CAN-2002-0684 CAN-2002-0651

Topic


Topic

Updated glibc packages are available to fix two vulnerabilities in the

resolver functions.


 

Relevant Releases Architectures

Red Hat Linux 6.2 - alpha, i386, i686, sparc, sparcv9

Red Hat Linux 7.0 - alpha, alphaev6, i386, i686

Red Hat Linux 7.1 - alpha, alphaev6, i386, i686, ia64

Red Hat Linux 7.2 - i386, i686, ia64

Red Hat Linux 7.3 - i386, i686


Bugs Fixed


Related News

4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved