---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated glibc packages fix vulnerabilities in RPC XDR decoder
Advisory ID:       RHSA-2002:166-07
Issue date:        2002-08-01
Updated on:        2002-08-12
Product:           Red Hat Linux
Keywords:          sun RPC XDR buffer overflow
Cross references:  
Obsoletes:         RHSA-2002:139
CVE Names:         CAN-2002-0391
---------------------------------------------------------------------

1. Topic:

Updated glibc packages are available to fix a buffer overflow in the XDR
decoder.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, i686, sparc, sparcv9

Red Hat Linux 7.0 - alpha, alphaev6, i386, i686

Red Hat Linux 7.1 - alpha, alphaev6, i386, i686, ia64

Red Hat Linux 7.2 - i386, i686, ia64

Red Hat Linux 7.3 - i386, i686

3. Problem description:

The glibc package contains standard libraries which are used by
multiple programs on the system.  Sun RPC is a remote procedure call
framework which allows clients to invoke procedures in a server process
over a network.  XDR is a mechanism for encoding data structures for use
with RPC.  NFS, NIS, and many other network services are built upon Sun
RPC.  glibc contains an XDR encoder/decoder derived from Sun's RPC
implementation which was recently demonstrated to be vulnerable to a heap
overflow.

An error in the calculation of memory needed for unpacking arrays in the
XDR decoder in glibc 2.2.5 and earlier can result in a heap buffer
overflow.  Depending upon the application, this vulnerability may be
exploitable and lead to arbitrary code execution.  

All users should upgrade to these errata packages which contain patches to
the glibc libraries and therefore are not vulnerable to these issues.

Thanks to Solar Designer for providing patches for this issue

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.0

5. RPMs required:

Red Hat Linux 6.2:

SRPMS: 
 

alpha: 
  
  
  
 

i386: 
  
  
  
 

sparc: 
  
  
  
 

sparcv9: 
 

Red Hat Linux 7.0:

SRPMS: 
 

alpha: 
  
  
  
  
 

alphaev6: 
 

i386: 
  
  
  
  
 

i686: 
 

Red Hat Linux 7.1:

SRPMS: 
 

alpha: 
  
  
  
  
 

alphaev6: 
 

i386: 
  
  
  
  
 

i686: 
 

ia64: 
  
  
  
  
 

Red Hat Linux 7.2:

SRPMS: 
 

i386: 
  
  
  
  
 

i686: 
 

ia64: 
  
  
  
  
 

Red Hat Linux 7.3:

SRPMS: 
 

i386: 
  
  
  
  
  
  
  
 

i686: 
  
 



6. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
902fde40eb756d84154ab7e20627278d 6.2/en/os/SRPMS/glibc-2.1.3-26.src.rpm
4c1a1334bb64e0b8ff8ee98ef437f3fb 6.2/en/os/alpha/glibc-2.1.3-26.alpha.rpm
27a6555f8ea06873f93ffef4cc38078d 6.2/en/os/alpha/glibc-devel-2.1.3-26.alpha.rpm
50230bbda0951a6f221e08a4107fd69c 6.2/en/os/alpha/glibc-profile-2.1.3-26.alpha.rpm
85dc4eddd46e8325901d3f971051184b 6.2/en/os/alpha/nscd-2.1.3-26.alpha.rpm
99c1a729ffb9ce3b317754efa6534cf2 6.2/en/os/i386/glibc-2.1.3-26.i386.rpm
f10040cfae13b8c484353953a6fbd3d4 6.2/en/os/i386/glibc-devel-2.1.3-26.i386.rpm
47b9d894586152080d4cb4ca235ac59b 6.2/en/os/i386/glibc-profile-2.1.3-26.i386.rpm
b4e147b72613425bb3913ab500804ffb 6.2/en/os/i386/nscd-2.1.3-26.i386.rpm
ae42b1cdb4eec6c9b06e1cd9126c3d6c 6.2/en/os/sparc/glibc-2.1.3-26.sparc.rpm
589d5f111617b191d18313c16d8b2476 6.2/en/os/sparc/glibc-devel-2.1.3-26.sparc.rpm
198367455fcc4e60ee01267e8804c66f 6.2/en/os/sparc/glibc-profile-2.1.3-26.sparc.rpm
a4fb24a2479c8359a589f81cd69977c8 6.2/en/os/sparc/nscd-2.1.3-26.sparc.rpm
15164392fd5206f9d431757e56952949 6.2/en/os/sparcv9/glibc-2.1.3-26.sparcv9.rpm
dda9b8c1513a0d8c028145d4807cf060 7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.6.src.rpm
ea0970bfb37241810aa67aaf67619f65 7.0/en/os/alpha/glibc-2.2.4-18.7.0.6.alpha.rpm
ebbfecb12072364cec91e3f2a5f40eab 7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.6.alpha.rpm
dcec7d9ecfc495b10df9cec032b8cd00 7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.6.alpha.rpm
9d859fff6feb3647bd7646c0830ae889 7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.6.alpha.rpm
15c5c4d3e673e85348a1dc888f3ed51d 7.0/en/os/alpha/nscd-2.2.4-18.7.0.6.alpha.rpm
5461890fabd2da122193c270a8ac4d59 7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.6.alphaev6.rpm
05699af0cc5f2b22ae9047b9cab3162a 7.0/en/os/i386/glibc-2.2.4-18.7.0.6.i386.rpm
34d43767ba3af94e3fbd1c54b04e7cbc 7.0/en/os/i386/glibc-common-2.2.4-18.7.0.6.i386.rpm
9f446d3c5f901da653b20db9535b6629 7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.6.i386.rpm
f73d5c9afe51df1c2bb16073b4894d93 7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.6.i386.rpm
7a729f073702e0b7f09177b6883f2153 7.0/en/os/i386/nscd-2.2.4-18.7.0.6.i386.rpm
f34fc0d1eda45d6eeaa4f4ef4a473b62 7.0/en/os/i686/glibc-2.2.4-18.7.0.6.i686.rpm
54a0f0ab5858fc4a2c3aa8ede75cfd2b 7.1/en/os/SRPMS/glibc-2.2.4-29.src.rpm
78f97e6419fa24beeecd0d035c951c8c 7.1/en/os/alpha/glibc-2.2.4-29.alpha.rpm
157ff2a64d725590bb0f489227cb59e0 7.1/en/os/alpha/glibc-common-2.2.4-29.alpha.rpm
9306da2d1bf0fa9387b253f9bed84f55 7.1/en/os/alpha/glibc-devel-2.2.4-29.alpha.rpm
c9a97967eb783ded680e93c9e5481cef 7.1/en/os/alpha/glibc-profile-2.2.4-29.alpha.rpm
bb589a903f6660094f869d68d4cb8e84 7.1/en/os/alpha/nscd-2.2.4-29.alpha.rpm
9265cf46c9c5ac1245e8c89530dcb943 7.1/en/os/alphaev6/glibc-2.2.4-29.alphaev6.rpm
f3d389a4ca38cb96d4a3f7e37c405741 7.1/en/os/i386/glibc-2.2.4-29.i386.rpm
76d59b340658260e4e1a8d1ce057b8b7 7.1/en/os/i386/glibc-common-2.2.4-29.i386.rpm
27ac76715305a224aff00b828f514048 7.1/en/os/i386/glibc-devel-2.2.4-29.i386.rpm
36f4838eb0b0e604207d72b931e6d704 7.1/en/os/i386/glibc-profile-2.2.4-29.i386.rpm
eb564de42736b1c9f67e51616e57371f 7.1/en/os/i386/nscd-2.2.4-29.i386.rpm
5b8d21ae3fb3d46c8f90a2db557c2e52 7.1/en/os/i686/glibc-2.2.4-29.i686.rpm
08ea8d99e1ac9dc564b43f97796f7aba 7.1/en/os/ia64/glibc-2.2.4-29.ia64.rpm
fbb8f1131f892fbb25b173a19237698c 7.1/en/os/ia64/glibc-common-2.2.4-29.ia64.rpm
9b682a108f0cde4c20fe41b90a82f122 7.1/en/os/ia64/glibc-devel-2.2.4-29.ia64.rpm
471b7a20e567eec15bd46c058a637e98 7.1/en/os/ia64/glibc-profile-2.2.4-29.ia64.rpm
db4bb2ce6b3d210b66b2899b9807d7ec 7.1/en/os/ia64/nscd-2.2.4-29.ia64.rpm
54a0f0ab5858fc4a2c3aa8ede75cfd2b 7.2/en/os/SRPMS/glibc-2.2.4-29.src.rpm
f3d389a4ca38cb96d4a3f7e37c405741 7.2/en/os/i386/glibc-2.2.4-29.i386.rpm
76d59b340658260e4e1a8d1ce057b8b7 7.2/en/os/i386/glibc-common-2.2.4-29.i386.rpm
27ac76715305a224aff00b828f514048 7.2/en/os/i386/glibc-devel-2.2.4-29.i386.rpm
36f4838eb0b0e604207d72b931e6d704 7.2/en/os/i386/glibc-profile-2.2.4-29.i386.rpm
eb564de42736b1c9f67e51616e57371f 7.2/en/os/i386/nscd-2.2.4-29.i386.rpm
5b8d21ae3fb3d46c8f90a2db557c2e52 7.2/en/os/i686/glibc-2.2.4-29.i686.rpm
08ea8d99e1ac9dc564b43f97796f7aba 7.2/en/os/ia64/glibc-2.2.4-29.ia64.rpm
fbb8f1131f892fbb25b173a19237698c 7.2/en/os/ia64/glibc-common-2.2.4-29.ia64.rpm
9b682a108f0cde4c20fe41b90a82f122 7.2/en/os/ia64/glibc-devel-2.2.4-29.ia64.rpm
471b7a20e567eec15bd46c058a637e98 7.2/en/os/ia64/glibc-profile-2.2.4-29.ia64.rpm
db4bb2ce6b3d210b66b2899b9807d7ec 7.2/en/os/ia64/nscd-2.2.4-29.ia64.rpm
b6a08de99a9a584962cb49efe831df02 7.3/en/os/SRPMS/glibc-2.2.5-39.src.rpm
2025431dfbb109c0b0c50d825f7fee27 7.3/en/os/i386/glibc-2.2.5-39.i386.rpm
a8c38b4ee8b84964a636d3989f9e10bb 7.3/en/os/i386/glibc-common-2.2.5-39.i386.rpm
bad388217f5aa3528892f7690a9655b9 7.3/en/os/i386/glibc-debug-2.2.5-39.i386.rpm
68ebf1bb3a7993e92aedfea151ef14be 7.3/en/os/i386/glibc-debug-static-2.2.5-39.i386.rpm
d2721bfd9582422283671a10c13f3bd6 7.3/en/os/i386/glibc-devel-2.2.5-39.i386.rpm
e5416c72ed687a9c96d6115c7543477f 7.3/en/os/i386/glibc-profile-2.2.5-39.i386.rpm
f53f1577950d5a9571f63af65f2b0ee9 7.3/en/os/i386/glibc-utils-2.2.5-39.i386.rpm
19b9bb5182518d3bcf9ba8d2a8ee6421 7.3/en/os/i386/nscd-2.2.5-39.i386.rpm
04475ca3f7e3d715bbadba4be684adae 7.3/en/os/i686/glibc-2.2.5-39.i686.rpm
de47bae77ce5763fe0a40d63957abc27 7.3/en/os/i686/glibc-debug-2.2.5-39.i686.rpm


These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
     About

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 


7. References:
 
  
CVE -CVE-2002-0391


Copyright(c) 2000, 2001, 2002 Red Hat, Inc.

RedHat: 'glibc' Buffer overflow vulnerability RHSA-2002:166-07

Updated glibc packages are available to fix a buffer overflow in the XDRdecoder.

Summary



Summary

The glibc package contains standard libraries which are used bymultiple programs on the system. Sun RPC is a remote procedure callframework which allows clients to invoke procedures in a server processover a network. XDR is a mechanism for encoding data structures for usewith RPC. NFS, NIS, and many other network services are built upon SunRPC. glibc contains an XDR encoder/decoder derived from Sun's RPCimplementation which was recently demonstrated to be vulnerable to a heapoverflow.An error in the calculation of memory needed for unpacking arrays in theXDR decoder in glibc 2.2.5 and earlier can result in a heap bufferoverflow. Depending upon the application, this vulnerability may beexploitable and lead to arbitrary code execution. All users should upgrade to these errata packages which contain patches tothe glibc libraries and therefore are not vulnerable to these issues.Thanks to Solar Designer for providing patches for this issue


Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.0
5. RPMs required:
Red Hat Linux 6.2:
SRPMS:

alpha:




i386:




sparc:




sparcv9:

Red Hat Linux 7.0:
SRPMS:

alpha:





alphaev6:

i386:





i686:

Red Hat Linux 7.1:
SRPMS:

alpha:





alphaev6:

i386:





i686:

ia64:





Red Hat Linux 7.2:
SRPMS:

i386:





i686:

ia64:





Red Hat Linux 7.3:
SRPMS:

i386:








i686:




6. Verification:
MD5 sum Package Name 902fde40eb756d84154ab7e20627278d 6.2/en/os/SRPMS/glibc-2.1.3-26.src.rpm 4c1a1334bb64e0b8ff8ee98ef437f3fb 6.2/en/os/alpha/glibc-2.1.3-26.alpha.rpm 27a6555f8ea06873f93ffef4cc38078d 6.2/en/os/alpha/glibc-devel-2.1.3-26.alpha.rpm 50230bbda0951a6f221e08a4107fd69c 6.2/en/os/alpha/glibc-profile-2.1.3-26.alpha.rpm 85dc4eddd46e8325901d3f971051184b 6.2/en/os/alpha/nscd-2.1.3-26.alpha.rpm 99c1a729ffb9ce3b317754efa6534cf2 6.2/en/os/i386/glibc-2.1.3-26.i386.rpm f10040cfae13b8c484353953a6fbd3d4 6.2/en/os/i386/glibc-devel-2.1.3-26.i386.rpm 47b9d894586152080d4cb4ca235ac59b 6.2/en/os/i386/glibc-profile-2.1.3-26.i386.rpm b4e147b72613425bb3913ab500804ffb 6.2/en/os/i386/nscd-2.1.3-26.i386.rpm ae42b1cdb4eec6c9b06e1cd9126c3d6c 6.2/en/os/sparc/glibc-2.1.3-26.sparc.rpm 589d5f111617b191d18313c16d8b2476 6.2/en/os/sparc/glibc-devel-2.1.3-26.sparc.rpm 198367455fcc4e60ee01267e8804c66f 6.2/en/os/sparc/glibc-profile-2.1.3-26.sparc.rpm a4fb24a2479c8359a589f81cd69977c8 6.2/en/os/sparc/nscd-2.1.3-26.sparc.rpm 15164392fd5206f9d431757e56952949 6.2/en/os/sparcv9/glibc-2.1.3-26.sparcv9.rpm dda9b8c1513a0d8c028145d4807cf060 7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.6.src.rpm ea0970bfb37241810aa67aaf67619f65 7.0/en/os/alpha/glibc-2.2.4-18.7.0.6.alpha.rpm ebbfecb12072364cec91e3f2a5f40eab 7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.6.alpha.rpm dcec7d9ecfc495b10df9cec032b8cd00 7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.6.alpha.rpm 9d859fff6feb3647bd7646c0830ae889 7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.6.alpha.rpm 15c5c4d3e673e85348a1dc888f3ed51d 7.0/en/os/alpha/nscd-2.2.4-18.7.0.6.alpha.rpm 5461890fabd2da122193c270a8ac4d59 7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.6.alphaev6.rpm 05699af0cc5f2b22ae9047b9cab3162a 7.0/en/os/i386/glibc-2.2.4-18.7.0.6.i386.rpm 34d43767ba3af94e3fbd1c54b04e7cbc 7.0/en/os/i386/glibc-common-2.2.4-18.7.0.6.i386.rpm 9f446d3c5f901da653b20db9535b6629 7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.6.i386.rpm f73d5c9afe51df1c2bb16073b4894d93 7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.6.i386.rpm 7a729f073702e0b7f09177b6883f2153 7.0/en/os/i386/nscd-2.2.4-18.7.0.6.i386.rpm f34fc0d1eda45d6eeaa4f4ef4a473b62 7.0/en/os/i686/glibc-2.2.4-18.7.0.6.i686.rpm 54a0f0ab5858fc4a2c3aa8ede75cfd2b 7.1/en/os/SRPMS/glibc-2.2.4-29.src.rpm 78f97e6419fa24beeecd0d035c951c8c 7.1/en/os/alpha/glibc-2.2.4-29.alpha.rpm 157ff2a64d725590bb0f489227cb59e0 7.1/en/os/alpha/glibc-common-2.2.4-29.alpha.rpm 9306da2d1bf0fa9387b253f9bed84f55 7.1/en/os/alpha/glibc-devel-2.2.4-29.alpha.rpm c9a97967eb783ded680e93c9e5481cef 7.1/en/os/alpha/glibc-profile-2.2.4-29.alpha.rpm bb589a903f6660094f869d68d4cb8e84 7.1/en/os/alpha/nscd-2.2.4-29.alpha.rpm 9265cf46c9c5ac1245e8c89530dcb943 7.1/en/os/alphaev6/glibc-2.2.4-29.alphaev6.rpm f3d389a4ca38cb96d4a3f7e37c405741 7.1/en/os/i386/glibc-2.2.4-29.i386.rpm 76d59b340658260e4e1a8d1ce057b8b7 7.1/en/os/i386/glibc-common-2.2.4-29.i386.rpm 27ac76715305a224aff00b828f514048 7.1/en/os/i386/glibc-devel-2.2.4-29.i386.rpm 36f4838eb0b0e604207d72b931e6d704 7.1/en/os/i386/glibc-profile-2.2.4-29.i386.rpm eb564de42736b1c9f67e51616e57371f 7.1/en/os/i386/nscd-2.2.4-29.i386.rpm 5b8d21ae3fb3d46c8f90a2db557c2e52 7.1/en/os/i686/glibc-2.2.4-29.i686.rpm 08ea8d99e1ac9dc564b43f97796f7aba 7.1/en/os/ia64/glibc-2.2.4-29.ia64.rpm fbb8f1131f892fbb25b173a19237698c 7.1/en/os/ia64/glibc-common-2.2.4-29.ia64.rpm 9b682a108f0cde4c20fe41b90a82f122 7.1/en/os/ia64/glibc-devel-2.2.4-29.ia64.rpm 471b7a20e567eec15bd46c058a637e98 7.1/en/os/ia64/glibc-profile-2.2.4-29.ia64.rpm db4bb2ce6b3d210b66b2899b9807d7ec 7.1/en/os/ia64/nscd-2.2.4-29.ia64.rpm 54a0f0ab5858fc4a2c3aa8ede75cfd2b 7.2/en/os/SRPMS/glibc-2.2.4-29.src.rpm f3d389a4ca38cb96d4a3f7e37c405741 7.2/en/os/i386/glibc-2.2.4-29.i386.rpm 76d59b340658260e4e1a8d1ce057b8b7 7.2/en/os/i386/glibc-common-2.2.4-29.i386.rpm 27ac76715305a224aff00b828f514048 7.2/en/os/i386/glibc-devel-2.2.4-29.i386.rpm 36f4838eb0b0e604207d72b931e6d704 7.2/en/os/i386/glibc-profile-2.2.4-29.i386.rpm eb564de42736b1c9f67e51616e57371f 7.2/en/os/i386/nscd-2.2.4-29.i386.rpm 5b8d21ae3fb3d46c8f90a2db557c2e52 7.2/en/os/i686/glibc-2.2.4-29.i686.rpm 08ea8d99e1ac9dc564b43f97796f7aba 7.2/en/os/ia64/glibc-2.2.4-29.ia64.rpm fbb8f1131f892fbb25b173a19237698c 7.2/en/os/ia64/glibc-common-2.2.4-29.ia64.rpm 9b682a108f0cde4c20fe41b90a82f122 7.2/en/os/ia64/glibc-devel-2.2.4-29.ia64.rpm 471b7a20e567eec15bd46c058a637e98 7.2/en/os/ia64/glibc-profile-2.2.4-29.ia64.rpm db4bb2ce6b3d210b66b2899b9807d7ec 7.2/en/os/ia64/nscd-2.2.4-29.ia64.rpm b6a08de99a9a584962cb49efe831df02 7.3/en/os/SRPMS/glibc-2.2.5-39.src.rpm 2025431dfbb109c0b0c50d825f7fee27 7.3/en/os/i386/glibc-2.2.5-39.i386.rpm a8c38b4ee8b84964a636d3989f9e10bb 7.3/en/os/i386/glibc-common-2.2.5-39.i386.rpm bad388217f5aa3528892f7690a9655b9 7.3/en/os/i386/glibc-debug-2.2.5-39.i386.rpm 68ebf1bb3a7993e92aedfea151ef14be 7.3/en/os/i386/glibc-debug-static-2.2.5-39.i386.rpm d2721bfd9582422283671a10c13f3bd6 7.3/en/os/i386/glibc-devel-2.2.5-39.i386.rpm e5416c72ed687a9c96d6115c7543477f 7.3/en/os/i386/glibc-profile-2.2.5-39.i386.rpm f53f1577950d5a9571f63af65f2b0ee9 7.3/en/os/i386/glibc-utils-2.2.5-39.i386.rpm 19b9bb5182518d3bcf9ba8d2a8ee6421 7.3/en/os/i386/nscd-2.2.5-39.i386.rpm 04475ca3f7e3d715bbadba4be684adae 7.3/en/os/i686/glibc-2.2.5-39.i686.rpm de47bae77ce5763fe0a40d63957abc27 7.3/en/os/i686/glibc-debug-2.2.5-39.i686.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: About
You can verify each package with the following command: rpm --checksig
If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg

References

CVE -CVE-2002-0391 Copyright(c) 2000, 2001, 2002 Red Hat, Inc.

Package List


Severity
Advisory ID: RHSA-2002:166-07
Issued Date: : 2002-08-01
Updated on: 2002-08-12
Product: Red Hat Linux
Keywords: sun RPC XDR buffer overflow
Cross references:
Obsoletes: RHSA-2002:139
CVE Names: CAN-2002-0391

Topic


Topic

Updated glibc packages are available to fix a buffer overflow in the XDR

decoder.


 

Relevant Releases Architectures

Red Hat Linux 6.2 - alpha, i386, i686, sparc, sparcv9

Red Hat Linux 7.0 - alpha, alphaev6, i386, i686

Red Hat Linux 7.1 - alpha, alphaev6, i386, i686, ia64

Red Hat Linux 7.2 - i386, i686, ia64

Red Hat Linux 7.3 - i386, i686


Bugs Fixed


Related News

4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved