Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Pat Riehecky <riehecky-13hema8v3vg <at> public.gmane.org>
Subject: Security ERRATA Moderate: glibc on SL6.x i386/x86_64
Newsgroups: gmane.linux.scientific.errata
Date: Monday 27th August 2012 18:04:15 UTC (over 4 years ago)
Synopsis:          Moderate: glibc security update
Issue Date:        2012-08-27
CVE Numbers:       CVE-2012-3480

The glibc packages provide the standard C and standard math libraries used
by multiple programs on the system. Without these libraries, the Linux
system cannot function properly.

Multiple integer overflow flaws, leading to stack-based buffer overflows,
were found in glibc's functions for converting a string to a numeric
representation (strtod(), strtof(), and strtold()). If an application used
such a function on attacker controlled input, it could cause the
application to crash or, potentially, execute arbitrary code.
(CVE-2012-3480)

All users of glibc are advised to upgrade to these updated packages, which
contain a backported patch to correct these issues.

SL6
   x86_64
     glibc-2.12-1.80.el6_3.5.i686.rpm
     glibc-2.12-1.80.el6_3.5.x86_64.rpm
     glibc-common-2.12-1.80.el6_3.5.x86_64.rpm
     glibc-devel-2.12-1.80.el6_3.5.i686.rpm
     glibc-devel-2.12-1.80.el6_3.5.x86_64.rpm
     glibc-headers-2.12-1.80.el6_3.5.x86_64.rpm
     glibc-utils-2.12-1.80.el6_3.5.x86_64.rpm
     nscd-2.12-1.80.el6_3.5.x86_64.rpm
     glibc-static-2.12-1.80.el6_3.5.i686.rpm
     glibc-static-2.12-1.80.el6_3.5.x86_64.rpm
   i386
     glibc-2.12-1.80.el6_3.5.i686.rpm
     glibc-common-2.12-1.80.el6_3.5.i686.rpm
     glibc-devel-2.12-1.80.el6_3.5.i686.rpm
     glibc-headers-2.12-1.80.el6_3.5.i686.rpm
     glibc-utils-2.12-1.80.el6_3.5.i686.rpm
     nscd-2.12-1.80.el6_3.5.i686.rpm
     glibc-static-2.12-1.80.el6_3.5.i686.rpm

- Scientific Linux Development Team
 
CD: 3ms