|Category:||Red Hat Local Security Checks|
|Title:||RedHat Update for glibc RHSA-2012:1207-01|
|Summary:||The remote host is missing an update for the 'glibc'; package(s) announced via the referenced advisory.|
The remote host is missing an update for the 'glibc'
package(s) announced via the referenced advisory.
The glibc packages provide the standard C and standard math libraries used
by multiple programs on the system. Without these libraries, the Linux
system cannot function properly.
Multiple integer overflow flaws, leading to stack-based buffer overflows,
were found in glibc's functions for converting a string to a numeric
representation (strtod(), strtof(), and strtold()). If an application used
such a function on attacker controlled input, it could cause the
application to crash or, potentially, execute arbitrary code.
This update also fixes the following bug:
* Previously, logic errors in various mathematical functions, including
exp, exp2, expf, exp2f, pow, sin, tan, and rint, caused inconsistent
results when the functions were used with the non-default rounding mode.
This could also cause applications to crash in some cases. With this
update, the functions now give correct results across the four different
rounding modes. (BZ#839411)
All users of glibc are advised to upgrade to these updated packages, which
contain backported patches to correct these issues.
glibc on Red Hat Enterprise Linux (v. 5 server)
Please Install the Updated Packages.
Common Vulnerability Exposure (CVE) ID: CVE-2012-3480|
BugTraq ID: 54982
RedHat Security Advisories: RHSA-2012:1207
RedHat Security Advisories: RHSA-2012:1208
RedHat Security Advisories: RHSA-2012:1262
RedHat Security Advisories: RHSA-2012:1325
|Copyright||Copyright (c) 2012 Greenbone Networks GmbH|
|This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.