English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 150599 CVE descriptions
and 73533 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2002-0067

Package name:      glibc
Summary:           Remote exploit
Date:              2002-08-13
Affected versions: TSL 1.1, 1.2, 1.5

- --------------------------------------------------------------------------

Problem description:
  This package fixes the following problems:
  * Overflow in bind derived resolver library.
  * Integer overslow in the Sun RPC library.
  * Integer overflow in the malloc parts.
  * Reduce linebuflen in parallel to bumping up the buffer pointer.

Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All TSL updates are available from
  <URI:http://www.trustix.net/pub/Trustix/updates/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/updates/>


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.

  Get SWUP from:
  <URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/>


Public testing:
  These packages have been available for public testing for some time.
  If you want to contribute by testing the various packages in the
  testing tree, please feel free to share your findings on the
  tsl-discuss mailinglist.
  The testing tree is located at
  <URI:http://www.trustix.net/pub/Trustix/testing/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/testing/>
  

Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.net/support/>


Verification:
  This advisory along with all TSL packages are signed with the TSL sign key.
  This key is available from:
  <URI:http://www.trustix.net/TSL-GPG-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.net/errata/trustix-1.2/> and
  <URI:http://www.trustix.net/errata/trustix-1.5/>
  or directly at
  <URI:http://www.trustix.net/errata/misc/2002/TSL-2002-0067-glibc.asc.txt>


MD5sums of the packages:
- --------------------------------------------------------------------------
583c421c5d44cf737ba0c7939d43cf24  ./1.5/SRPMS/glibc-2.1.3-20tr.src.rpm
944dbba29045a2584d8e371d515b2da9  ./1.5/RPMS/nscd-2.1.3-20tr.i586.rpm
45e423f78594fe4e3cfc393db6121fc6  ./1.5/RPMS/glibc-profile-2.1.3-20tr.i586.rpm
90379ed7616003ee6fd2f74128cb921c  ./1.5/RPMS/glibc-devel-2.1.3-20tr.i586.rpm
9cf54622330e596389a58bf6ae559a7e  ./1.5/RPMS/glibc-2.1.3-20tr.i586.rpm
583c421c5d44cf737ba0c7939d43cf24  ./1.2/SRPMS/glibc-2.1.3-20tr.src.rpm
fb93bc0c5495342c653814dfef9e29cf  ./1.2/RPMS/nscd-2.1.3-20tr.i586.rpm
9486f5b03c8253ca16ca570d991d20d7  ./1.2/RPMS/glibc-profile-2.1.3-20tr.i586.rpm
fd345d086ed1640a93c506f8a9dee2d1  ./1.2/RPMS/glibc-devel-2.1.3-20tr.i586.rpm
2942b22c04e070607ad97c60f9a688e5  ./1.2/RPMS/glibc-2.1.3-20tr.i586.rpm
583c421c5d44cf737ba0c7939d43cf24  ./1.1/SRPMS/glibc-2.1.3-20tr.src.rpm
4d725de24d3e26abeff43b38695d35e7  ./1.1/RPMS/nscd-2.1.3-20tr.i586.rpm
4229dcff907663b584924906f2e578a2  ./1.1/RPMS/glibc-profile-2.1.3-20tr.i586.rpm
886cf4f2e6c90efa00b4d79a852b42d2  ./1.1/RPMS/glibc-devel-2.1.3-20tr.i586.rpm
4376b2025fac945d8e27e64b41278313  ./1.1/RPMS/glibc-2.1.3-20tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9Wh2+wRTcg4BxxS0RAtIPAJ4r9GnZUQP9PDHq6HZz8DStkhbBeQCeOxAp
cbigkxoWMHp16JVBZ00Ufq8=
=PuA+
-----END PGP SIGNATURE-----

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Developer APIs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe

© 1998-2019 E-Soft Inc. All rights reserved.