[<prev] [next>] [day] [month] [year] [list]
Message-ID: <87tyhfp6fc.fsf@mid.deneb.enyo.de>
Date: Tue, 11 Jan 2011 20:49:11 +0100
From: Florian Weimer <fw@...eb.enyo.de>
To: debian-security-announce@...ts.debian.org
Subject: [SECURITY] [DSA 2122-2] New glibc packages fix
privilege escalation
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -------------------------------------------------------------------------
Debian Security Advisory DSA-2122-2 security@...ian.org
http://www.debian.org/security/ Florian Weimer
January 11, 2011 http://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : glibc
Vulnerability : missing input sanitization
Problem type : local
Debian-specific: no
CVE ID : CVE-2010-3847 CVE-2010-3856
Colin Watson discovered that the update for stable relased in
DSA-2122-1 did not complete address the underlying security issue in
all possible scenarios.
For the stable distribution (lenny), this problem has been fixed in
version 2.7-18lenny7.
For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed soon.
We recommend that you upgrade your glibc packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/
Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJNLLcQAAoJEL97/wQC1SS+WSMH/A6KQXibz6fGS2TfjwjVkYnz
hvnosvc27MJkZCA1t25DuCweeLJXWdgLTu1SloIga5TiA/F09C6TK4ve9inEvlfq
nJ5Ccod6UdPoPAkgYFVMgwV654LBPVhLMy4yWwObI5r75i03XkluMaQYLFazzlu3
PlEdsxSGZ0A2aMiZS7EVW38Xg2HzfPlcseQQ8/v2wnvG34svlviZQiA01OJxEqHc
mhNOCWKyCEskl50qI29/O6BiN0ZrujMkmiIlE4FaUwomHJlxXFlzv93ud/vZkzGY
wyefjykfpWZFiLJ8oW9eA9w0K/0/V+PugB5C7ub2kvMR1FeVfwnO2hcZe4NJSBM=
=h05m
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists