exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Slackware Security Advisory - glibc Updates

Slackware Security Advisory - glibc Updates
Posted Feb 13, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New glibc packages are available for Slackware 13.1, 13.37, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2009-5029
SHA-256 | 324ce26decb8d41cdd4235e0b46d83973c6dffa1a1d9e6d628218c5bfedf43a5

Slackware Security Advisory - glibc Updates

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security] glibc (SSA:2012-041-03)

New glibc packages are available for Slackware 13.1, 13.37, and -current to
fix a security issue.


Here are the details from the Slackware 13.37 ChangeLog:
+--------------------------+
patches/packages/glibc-2.13-i486-5_slack13.37.txz: Rebuilt.
Patched an overflow in tzfile. This was evidently first reported in
2009, but is only now getting around to being patched. To exploit it,
one must be able to write beneath /usr/share/zoneinfo, which is usually
not possible for a normal user, but may be in the case where they are
chroot()ed to a directory that they own.
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-5029
(* Security fix *)
patches/packages/glibc-i18n-2.13-i486-5_slack13.37.txz: Rebuilt.
patches/packages/glibc-profile-2.13-i486-5_slack13.37.txz: Rebuilt.
(* Security fix *)
patches/packages/glibc-solibs-2.13-i486-5_slack13.37.txz: Rebuilt.
(* Security fix *)
patches/packages/glibc-zoneinfo-2.13-noarch-5_slack13.37.txz: Rebuilt.
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.


Updated packages for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-2.11.1-i486-6_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-i18n-2.11.1-i486-6_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-profile-2.11.1-i486-6_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-solibs-2.11.1-i486-6_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-zoneinfo-2.11.1-noarch-6_slack13.1.txz

Updated packages for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-2.11.1-x86_64-6_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-i18n-2.11.1-x86_64-6_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-profile-2.11.1-x86_64-6_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-solibs-2.11.1-x86_64-6_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-zoneinfo-2.11.1-noarch-6_slack13.1.txz

Updated packages for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-2.13-i486-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-i18n-2.13-i486-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-profile-2.13-i486-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-solibs-2.13-i486-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-zoneinfo-2.13-noarch-5_slack13.37.txz

Updated packages for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-2.13-x86_64-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-i18n-2.13-x86_64-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-profile-2.13-x86_64-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-solibs-2.13-x86_64-5_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-zoneinfo-2.13-noarch-5_slack13.37.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-solibs-2.14.1-i486-4.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-zoneinfo-2011i_2011n-noarch-4.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-2.14.1-i486-4.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-i18n-2.14.1-i486-4.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-profile-2.14.1-i486-4.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-solibs-2.14.1-x86_64-4.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-zoneinfo-2011i_2011n-noarch-4.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-2.14.1-x86_64-4.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-i18n-2.14.1-x86_64-4.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-profile-2.14.1-x86_64-4.txz


MD5 signatures:
+-------------+

Slackware 13.1 packages:
c7f0d5af7b32d6259272956bf1621ce0 glibc-2.11.1-i486-6_slack13.1.txz
d80c53f769a30b407e303eb440e326e3 glibc-i18n-2.11.1-i486-6_slack13.1.txz
6b9eb872a8368a13d71cecf8e031d2be glibc-profile-2.11.1-i486-6_slack13.1.txz
ba34c30c27d42c61190979884e8b8697 glibc-solibs-2.11.1-i486-6_slack13.1.txz
74afbffcfb20ac6235945930a8a0ac57 glibc-zoneinfo-2.11.1-noarch-6_slack13.1.txz

Slackware x86_64 13.1 packages:
a9bfcb4a0fde94a9355ecce905bb3ba4 glibc-2.11.1-x86_64-6_slack13.1.txz
6f7df8a5ac48f364fff364f679430ea5 glibc-i18n-2.11.1-x86_64-6_slack13.1.txz
1590ae7b50153b2d28489b9192126120 glibc-profile-2.11.1-x86_64-6_slack13.1.txz
067bcd52acc3552bf2a77126fd12605e glibc-solibs-2.11.1-x86_64-6_slack13.1.txz
ce56ec387a50c00425d4dcf88ba71ee2 glibc-zoneinfo-2.11.1-noarch-6_slack13.1.txz

Slackware 13.37 packages:
dacaa396b83346f0313e85356ba496ad glibc-2.13-i486-5_slack13.37.txz
e6238c92c6a97a56274d91e342e2ef07 glibc-i18n-2.13-i486-5_slack13.37.txz
aca444c2c834c1bbbb1fdcd08f381f5d glibc-profile-2.13-i486-5_slack13.37.txz
04db99e0770b06af713322daa35f9463 glibc-solibs-2.13-i486-5_slack13.37.txz
fe22b8ba56e8a14d025943d6a53f0a22 glibc-zoneinfo-2.13-noarch-5_slack13.37.txz

Slackware x86_64 13.37 packages:
ab90f9581621a4b9e1f41fdd1c583a25 glibc-2.13-x86_64-5_slack13.37.txz
d82fef5b1e734c9fd9aee358139dccaa glibc-i18n-2.13-x86_64-5_slack13.37.txz
f26848e2ef7a2ed367a73fded8d51e2a glibc-profile-2.13-x86_64-5_slack13.37.txz
1f4b8e716764c98c7c261fb7d7c19557 glibc-solibs-2.13-x86_64-5_slack13.37.txz
553c32ce3937c8700dde84bad4b5467c glibc-zoneinfo-2.13-noarch-5_slack13.37.txz

Slackware -current packages:
cc98a5b0a120a3350b17d087af3a2163 a/glibc-solibs-2.14.1-i486-4.txz
b549864a76c55b71f385eaf9077cf6ac a/glibc-zoneinfo-2011i_2011n-noarch-4.txz
8522cbc56aec9af6c9c8e58fb5ee71c4 l/glibc-2.14.1-i486-4.txz
98561de06536ce17b221774f39316933 l/glibc-i18n-2.14.1-i486-4.txz
8a7ac4e4796eaefc6447222f7ce6eedf l/glibc-profile-2.14.1-i486-4.txz

Slackware x86_64 -current packages:
83121e8a4e8e46d2faa58221382f914c a/glibc-solibs-2.14.1-x86_64-4.txz
8245bc6fb5e59fa905df708391bd3f89 a/glibc-zoneinfo-2011i_2011n-noarch-4.txz
ca3c22ff543e900bfd4516ba4af7cf34 l/glibc-2.14.1-x86_64-4.txz
e2650c24a1a69138f544e98d8653f2a9 l/glibc-i18n-2.14.1-x86_64-4.txz
23c2f013552e8a0561168897866fcb53 l/glibc-profile-2.14.1-x86_64-4.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg glibc-2.13-i486-5_slack13.37.txz glibc-i18n-2.13-i486-5_slack13.37.txz glibc-profile-2.13-i486-5_slack13.37.txz glibc-solibs-2.13-i486-5_slack13.37.txz glibc-zoneinfo-2.13-noarch-5_slack13.37.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list: |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message: |
| |
| unsubscribe slackware-security |
| |
| You will get a confirmation message back containing instructions to |
| complete the process. Please do not reply to this email address. |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk81Vd0ACgkQakRjwEAQIjPtSQCdGQYC3dBwmp2R1+2HSrDvA3Lb
2P0AoIl58u7f8OON1Fbcz6E52VdgrcnD
=0Hae
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close