lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1P9y5R-0002MQ-5s@titan.mandriva.com>
Date: Sun, 24 Oct 2010 12:46:00 +0200
From: security@...driva.com
To: full-disclosure@...ts.grok.org.uk
Subject: [ MDVSA-2010:212 ] glibc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:212
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : glibc
 Date    : October 24, 2010
 Affected: 2009.0, 2009.1, 2010.0, 2010.1, Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability in the GNU C library (glibc) was discovered which
 could escalate the privilegies for local users (CVE-2010-3856).
 
 Packages for 2009.0 are provided as of the Extended Maintenance
 Program. Please visit this link to learn more:
 http://store.mandriva.com/product_info.php?cPath=149&products_id=490
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.0:
 a2ee03ac0924c44c810d083662a97de8  2009.0/i586/glibc-2.8-1.20080520.5.7mnb2.i586.rpm
 a8a1c842e5e2d0133ef8c63b5f7f28f2  2009.0/i586/glibc-devel-2.8-1.20080520.5.7mnb2.i586.rpm
 97e1265c6a220df77c7fbc82f6af6411  2009.0/i586/glibc-doc-2.8-1.20080520.5.7mnb2.i586.rpm
 a058e4a88e8254c99081c59ab8dd78f0  2009.0/i586/glibc-doc-pdf-2.8-1.20080520.5.7mnb2.i586.rpm
 b4d6ab07d4c746f2efcc74d836042256  2009.0/i586/glibc-i18ndata-2.8-1.20080520.5.7mnb2.i586.rpm
 0f99ed3aefdeb272c6a57be92e67b4dd  2009.0/i586/glibc-profile-2.8-1.20080520.5.7mnb2.i586.rpm
 313f76c1ac601bf29a15cec76fe4184d  2009.0/i586/glibc-static-devel-2.8-1.20080520.5.7mnb2.i586.rpm
 c778c2132821d1ec58a426af876bf132  2009.0/i586/glibc-utils-2.8-1.20080520.5.7mnb2.i586.rpm
 c6fde01aa255f822d2d95a2f51d7fd81  2009.0/i586/nscd-2.8-1.20080520.5.7mnb2.i586.rpm 
 ad4a9d7e7726b08a1b652d3c04f1a89c  2009.0/SRPMS/glibc-2.8-1.20080520.5.7mnb2.src.rpm

 Mandriva Linux 2009.0/X86_64:
 d76d8b72db1f8786e21cb5f59e6cce00  2009.0/x86_64/glibc-2.8-1.20080520.5.7mnb2.x86_64.rpm
 4950b32b5ce4442ef435169ba910c7dd  2009.0/x86_64/glibc-devel-2.8-1.20080520.5.7mnb2.x86_64.rpm
 63262a38695cb9e5b6399619b2ef1df0  2009.0/x86_64/glibc-doc-2.8-1.20080520.5.7mnb2.x86_64.rpm
 99554007d43ea6ee4725b1c7745f333d  2009.0/x86_64/glibc-doc-pdf-2.8-1.20080520.5.7mnb2.x86_64.rpm
 5d36614adab5b84cd0df2ad8fb9c8c0d  2009.0/x86_64/glibc-i18ndata-2.8-1.20080520.5.7mnb2.x86_64.rpm
 1835fb265a5217f3cd4859935375d382  2009.0/x86_64/glibc-profile-2.8-1.20080520.5.7mnb2.x86_64.rpm
 c90410d40a815d21a70f269148e82902  2009.0/x86_64/glibc-static-devel-2.8-1.20080520.5.7mnb2.x86_64.rpm
 b8f304c7513105758add95000aab554a  2009.0/x86_64/glibc-utils-2.8-1.20080520.5.7mnb2.x86_64.rpm
 8ef1151024c5a100fb644f26619542fc  2009.0/x86_64/nscd-2.8-1.20080520.5.7mnb2.x86_64.rpm 
 ad4a9d7e7726b08a1b652d3c04f1a89c  2009.0/SRPMS/glibc-2.8-1.20080520.5.7mnb2.src.rpm

 Mandriva Linux 2009.1:
 b6540023f3b57941d981bc64410e9eb8  2009.1/i586/glibc-2.9-0.20081113.5.3mnb2.i586.rpm
 c360be4bbc1cb261f02f9386560d7a4c  2009.1/i586/glibc-devel-2.9-0.20081113.5.3mnb2.i586.rpm
 1dd4b37aeea6eb8b06a6334819675116  2009.1/i586/glibc-doc-2.9-0.20081113.5.3mnb2.i586.rpm
 2fbddc7221a412acff0f18655b12f515  2009.1/i586/glibc-doc-pdf-2.9-0.20081113.5.3mnb2.i586.rpm
 f6fc0a2d8d3c113da6aa5315bada1b73  2009.1/i586/glibc-i18ndata-2.9-0.20081113.5.3mnb2.i586.rpm
 7f2a1220dc376d12616bc90e33ee1a64  2009.1/i586/glibc-profile-2.9-0.20081113.5.3mnb2.i586.rpm
 fc81985f6f8f6ea4f93422c16c4941f6  2009.1/i586/glibc-static-devel-2.9-0.20081113.5.3mnb2.i586.rpm
 63039fc05f259bd923df449dc0617e8f  2009.1/i586/glibc-utils-2.9-0.20081113.5.3mnb2.i586.rpm
 1085c015259d7d7d6d79c92e4add2a00  2009.1/i586/nscd-2.9-0.20081113.5.3mnb2.i586.rpm 
 6bf81dd6d4891801d9c680d462ad1200  2009.1/SRPMS/glibc-2.9-0.20081113.5.3mnb2.src.rpm

 Mandriva Linux 2009.1/X86_64:
 ed1e0b0f9485fff4f1963df1747881eb  2009.1/x86_64/glibc-2.9-0.20081113.5.3mnb2.x86_64.rpm
 d4fee6708b7ccb8c0833c7f7d7aff86d  2009.1/x86_64/glibc-devel-2.9-0.20081113.5.3mnb2.x86_64.rpm
 6abea6d85672cdadeffa0c65ab1b637d  2009.1/x86_64/glibc-doc-2.9-0.20081113.5.3mnb2.x86_64.rpm
 5cb9af7ce950fc3d39155da3f4ac4e7a  2009.1/x86_64/glibc-doc-pdf-2.9-0.20081113.5.3mnb2.x86_64.rpm
 cc475683225258957642d9131cb9339f  2009.1/x86_64/glibc-i18ndata-2.9-0.20081113.5.3mnb2.x86_64.rpm
 abf433bdbb2d3b997490884912dde631  2009.1/x86_64/glibc-profile-2.9-0.20081113.5.3mnb2.x86_64.rpm
 8f34aaebb609f4b0a7dcd3a060fed541  2009.1/x86_64/glibc-static-devel-2.9-0.20081113.5.3mnb2.x86_64.rpm
 8d73c57e541469a56028ef3c982d3ae3  2009.1/x86_64/glibc-utils-2.9-0.20081113.5.3mnb2.x86_64.rpm
 d94964f62b56a38653e8eb873b670839  2009.1/x86_64/nscd-2.9-0.20081113.5.3mnb2.x86_64.rpm 
 6bf81dd6d4891801d9c680d462ad1200  2009.1/SRPMS/glibc-2.9-0.20081113.5.3mnb2.src.rpm

 Mandriva Linux 2010.0:
 4414fd3f5453c5c0a622041d8dd4387d  2010.0/i586/glibc-2.10.1-6.7mnb2.i586.rpm
 007709c8ebb909a2ffbf3c99760bb07b  2010.0/i586/glibc-devel-2.10.1-6.7mnb2.i586.rpm
 7739823ed6ea206a100c69a0dc3ffa45  2010.0/i586/glibc-doc-2.10.1-6.7mnb2.i586.rpm
 6d25b91cdd15da9bb497c93d62303a62  2010.0/i586/glibc-doc-pdf-2.10.1-6.7mnb2.i586.rpm
 7b03588e5c1210d13dcc1314dfa0babc  2010.0/i586/glibc-i18ndata-2.10.1-6.7mnb2.i586.rpm
 327c8b50ed380186387bcb088d4722f0  2010.0/i586/glibc-profile-2.10.1-6.7mnb2.i586.rpm
 2b75375e54f049e7bf0e0c769da55a7d  2010.0/i586/glibc-static-devel-2.10.1-6.7mnb2.i586.rpm
 418061b0fe53e5537b0ba598cb28f424  2010.0/i586/glibc-utils-2.10.1-6.7mnb2.i586.rpm
 c4c3b4c9968aeee0966a41be312608d1  2010.0/i586/nscd-2.10.1-6.7mnb2.i586.rpm 
 033b539e4fa738f633ac36791eb97d7e  2010.0/SRPMS/glibc-2.10.1-6.7mnb2.src.rpm

 Mandriva Linux 2010.0/X86_64:
 360cff2b9681cc028a91602f807244b4  2010.0/x86_64/glibc-2.10.1-6.7mnb2.x86_64.rpm
 d7ffd0ac5f4c840c3166b7fa707a35ec  2010.0/x86_64/glibc-devel-2.10.1-6.7mnb2.x86_64.rpm
 6cb4a74e38229e628f240c535b68ccf9  2010.0/x86_64/glibc-doc-2.10.1-6.7mnb2.x86_64.rpm
 519a2dfbebbb6badde5561918ca83a32  2010.0/x86_64/glibc-doc-pdf-2.10.1-6.7mnb2.x86_64.rpm
 e38d9a284d10acbf3189468d29fe6a33  2010.0/x86_64/glibc-i18ndata-2.10.1-6.7mnb2.x86_64.rpm
 cbe0d12e4f0db9faa68ef88027b096ef  2010.0/x86_64/glibc-profile-2.10.1-6.7mnb2.x86_64.rpm
 e569e2c577805a3582d1047f43d25460  2010.0/x86_64/glibc-static-devel-2.10.1-6.7mnb2.x86_64.rpm
 16ae8cb911a7be2959a0af7e7e799661  2010.0/x86_64/glibc-utils-2.10.1-6.7mnb2.x86_64.rpm
 f8c0adc585d148d5478f008ca270ec4d  2010.0/x86_64/nscd-2.10.1-6.7mnb2.x86_64.rpm 
 033b539e4fa738f633ac36791eb97d7e  2010.0/SRPMS/glibc-2.10.1-6.7mnb2.src.rpm

 Mandriva Linux 2010.1:
 2440ac21cbcae4610dbd52cdfbdbfa50  2010.1/i586/glibc-2.11.1-8.2mnb2.i586.rpm
 6f93f56c9350d979e922cd367e724088  2010.1/i586/glibc-devel-2.11.1-8.2mnb2.i586.rpm
 6112f6e7bd2f39daab4f508ce918c4c3  2010.1/i586/glibc-doc-2.11.1-8.2mnb2.i586.rpm
 d46f2a7c2edeb62e46dcd9bd96713f97  2010.1/i586/glibc-doc-pdf-2.11.1-8.2mnb2.i586.rpm
 6b364c8ee5541d3541c66f8232ef508c  2010.1/i586/glibc-i18ndata-2.11.1-8.2mnb2.i586.rpm
 dabacee26d90e1603413370bd5a0b31e  2010.1/i586/glibc-profile-2.11.1-8.2mnb2.i586.rpm
 587c7a7681dd2c670c9f0e5946c11254  2010.1/i586/glibc-static-devel-2.11.1-8.2mnb2.i586.rpm
 81b66ec63b52083db24fa3013c4d7402  2010.1/i586/glibc-utils-2.11.1-8.2mnb2.i586.rpm
 40053327f4a0f2d25bb7af3a67a19e07  2010.1/i586/nscd-2.11.1-8.2mnb2.i586.rpm 
 64d9ecd7ac0258c451874441dc51fcfa  2010.1/SRPMS/glibc-2.11.1-8.2mnb2.src.rpm

 Mandriva Linux 2010.1/X86_64:
 869bcf92e6e553a15ea2d0ccd347b04b  2010.1/x86_64/glibc-2.11.1-8.2mnb2.x86_64.rpm
 fb582ad728802ddf23e6aece2c3efd82  2010.1/x86_64/glibc-devel-2.11.1-8.2mnb2.x86_64.rpm
 fbbec6d51f6c9f37ea9095c1e7970ed3  2010.1/x86_64/glibc-doc-2.11.1-8.2mnb2.x86_64.rpm
 c268c26784648c1899e64ecb5668d222  2010.1/x86_64/glibc-doc-pdf-2.11.1-8.2mnb2.x86_64.rpm
 e53a3c4d13967696dd2c8165fc06e13c  2010.1/x86_64/glibc-i18ndata-2.11.1-8.2mnb2.x86_64.rpm
 441eea1bdf6df5e2e62afb60c8fc0dcd  2010.1/x86_64/glibc-profile-2.11.1-8.2mnb2.x86_64.rpm
 bff71b40403b765948a87c27fe786ad2  2010.1/x86_64/glibc-static-devel-2.11.1-8.2mnb2.x86_64.rpm
 d322236f5d2e998e34ad48aa181cefb0  2010.1/x86_64/glibc-utils-2.11.1-8.2mnb2.x86_64.rpm
 09190df3c70b830e813815361307aecc  2010.1/x86_64/nscd-2.11.1-8.2mnb2.x86_64.rpm 
 64d9ecd7ac0258c451874441dc51fcfa  2010.1/SRPMS/glibc-2.11.1-8.2mnb2.src.rpm

 Mandriva Enterprise Server 5:
 204f18b5cd689161c3024e8e0677fb8c  mes5/i586/glibc-2.8-1.20080520.5.7mnb2.i586.rpm
 2c56c83e1d2026d47e1139268c15ca30  mes5/i586/glibc-devel-2.8-1.20080520.5.7mnb2.i586.rpm
 d161df53c274c0b705500e2330b8d74d  mes5/i586/glibc-doc-2.8-1.20080520.5.7mnb2.i586.rpm
 3915bc7141bdfba84d40842256484de7  mes5/i586/glibc-doc-pdf-2.8-1.20080520.5.7mnb2.i586.rpm
 5455bcab125540e5fc0ea0460870c954  mes5/i586/glibc-i18ndata-2.8-1.20080520.5.7mnb2.i586.rpm
 d71582421b7cabca4bc2d1c8940d62af  mes5/i586/glibc-profile-2.8-1.20080520.5.7mnb2.i586.rpm
 327d7d960a73d748f5292f5f16c3c59c  mes5/i586/glibc-static-devel-2.8-1.20080520.5.7mnb2.i586.rpm
 01faeef7242b9dd8cc484128f2bc4337  mes5/i586/glibc-utils-2.8-1.20080520.5.7mnb2.i586.rpm
 d23c54d5c73f1f44d50baf3873f3b6f8  mes5/i586/nscd-2.8-1.20080520.5.7mnb2.i586.rpm 
 d5c1d301d379bf286848f9ac541dd6e4  mes5/SRPMS/glibc-2.8-1.20080520.5.7mnb2.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 8bb454ac78787cbacb20b9a55c1329ff  mes5/x86_64/glibc-2.8-1.20080520.5.7mnb2.x86_64.rpm
 85fcdcd1e15e65eee194bab2fbe4cf78  mes5/x86_64/glibc-devel-2.8-1.20080520.5.7mnb2.x86_64.rpm
 6b4abc5acee3c08a90047e47ff4475ca  mes5/x86_64/glibc-doc-2.8-1.20080520.5.7mnb2.x86_64.rpm
 d1093bde442d3bdec354601821380d6f  mes5/x86_64/glibc-doc-pdf-2.8-1.20080520.5.7mnb2.x86_64.rpm
 2964e81ce79c4c78b2fdbd0bab16acfc  mes5/x86_64/glibc-i18ndata-2.8-1.20080520.5.7mnb2.x86_64.rpm
 29817a5e3e5eb723719668bd822e6927  mes5/x86_64/glibc-profile-2.8-1.20080520.5.7mnb2.x86_64.rpm
 bdcbaa4b6a7027f0661177bb59bd70b2  mes5/x86_64/glibc-static-devel-2.8-1.20080520.5.7mnb2.x86_64.rpm
 a268941cf5f14037e5051796c8d5b3c0  mes5/x86_64/glibc-utils-2.8-1.20080520.5.7mnb2.x86_64.rpm
 317a9268ea301eb4f148df2b9566ee3d  mes5/x86_64/nscd-2.8-1.20080520.5.7mnb2.x86_64.rpm 
 d5c1d301d379bf286848f9ac541dd6e4  mes5/SRPMS/glibc-2.8-1.20080520.5.7mnb2.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMw93NmqjQ0CJFipgRAmq9AKCXxAg2xT85eY0IBojESy+ADOEALQCfROJt
Yy3uWjzVODB1+mGgrP3N3Cc=
=TZOg
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ