Date:         Tue, 27 Jan 2015 08:59:04 -0600
Reply-To:     Pat Riehecky 
Sender:       Security Errata for Scientific Linux
              
From:         Pat Riehecky 
Subject:      FASTBUGS for SL 6x i386, x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to



i386:
alsa-utils-1.0.22-9.el6_6.i686.rpm
dhclient-4.1.1-43.P1.el6_6.1.i686.rpm
dhcp-4.1.1-43.P1.el6_6.1.i686.rpm
dhcp-common-4.1.1-43.P1.el6_6.1.i686.rpm
dhcp-devel-4.1.1-43.P1.el6_6.1.i686.rpm
kdebase-workspace-4.3.4-29.el6_6.i686.rpm
kdebase-workspace-akonadi-4.3.4-29.el6_6.i686.rpm
kdebase-workspace-devel-4.3.4-29.el6_6.i686.rpm
kdebase-workspace-libs-4.3.4-29.el6_6.i686.rpm
kdebase-workspace-python-applet-4.3.4-29.el6_6.i686.rpm
kdebase-workspace-wallpapers-4.3.4-29.el6_6.noarch.rpm
kdm-4.3.4-29.el6_6.i686.rpm
ksysguardd-4.3.4-29.el6_6.i686.rpm
oxygen-cursor-themes-4.3.4-29.el6_6.noarch.rpm

x86_64:
alsa-utils-1.0.22-9.el6_6.x86_64.rpm
dhclient-4.1.1-43.P1.el6_6.1.x86_64.rpm
dhcp-4.1.1-43.P1.el6_6.1.x86_64.rpm
dhcp-common-4.1.1-43.P1.el6_6.1.x86_64.rpm
dhcp-devel-4.1.1-43.P1.el6_6.1.i686.rpm
dhcp-devel-4.1.1-43.P1.el6_6.1.x86_64.rpm
kdebase-workspace-4.3.4-29.el6_6.x86_64.rpm
kdebase-workspace-akonadi-4.3.4-29.el6_6.x86_64.rpm
kdebase-workspace-devel-4.3.4-29.el6_6.i686.rpm
kdebase-workspace-devel-4.3.4-29.el6_6.x86_64.rpm
kdebase-workspace-libs-4.3.4-29.el6_6.i686.rpm
kdebase-workspace-libs-4.3.4-29.el6_6.x86_64.rpm
kdebase-workspace-python-applet-4.3.4-29.el6_6.x86_64.rpm
kdebase-workspace-wallpapers-4.3.4-29.el6_6.noarch.rpm
kdm-4.3.4-29.el6_6.x86_64.rpm
ksysguardd-4.3.4-29.el6_6.x86_64.rpm
oxygen-cursor-themes-4.3.4-29.el6_6.noarch.rpm
Date:         Tue, 27 Jan 2015 09:29:17 -0600
Reply-To:     Pat Riehecky 
Sender:       Security Errata for Scientific Linux
              
From:         Pat Riehecky 
Subject:      FASTBUGS for SL 7x x86_64 now available
MIME-Version: 1.0

The following FASTBUGS have been uploaded to

http://ftp.scientificlinux.org/linux/scientific/7x/x86_64/updates/fastbugs/


x86_64:
augeas-1.1.0-12.el7_0.1.x86_64.rpm
augeas-devel-1.1.0-12.el7_0.1.i686.rpm
augeas-devel-1.1.0-12.el7_0.1.x86_64.rpm
augeas-libs-1.1.0-12.el7_0.1.i686.rpm
augeas-libs-1.1.0-12.el7_0.1.x86_64.rpm
pcs-0.9.115-32.el7_0.1.x86_64.rpm
Date:         Tue, 27 Jan 2015 18:56:40 +0000
Reply-To:     scientific-linux-users@listserv.fnal.gov
Sender:       Security Errata for Scientific Linux
              
From:         Pat Riehecky 
Subject:      Security ERRATA Critical: glibc on SL5.x i386/x86_64
MIME-Version: 1.0

Synopsis:          Critical: glibc security update
Advisory ID:       SLSA-2015:0090-1
Issue Date:        2015-01-27
CVE Numbers:       CVE-2015-0235
--

A heap-based buffer overflow was found in glibc's
__nss_hostname_digits_dots() function, which is used by the
gethostbyname() and gethostbyname2() glibc function calls. A remote
attacker able to make an application call either of these functions could
use this flaw to execute arbitrary code with the permissions of the user
running the application. (CVE-2015-0235)
--

SL5
  x86_64
    glibc-2.5-123.el5_11.1.i686.rpm
    glibc-2.5-123.el5_11.1.x86_64.rpm
    glibc-common-2.5-123.el5_11.1.x86_64.rpm
    glibc-debuginfo-2.5-123.el5_11.1.i386.rpm
    glibc-debuginfo-2.5-123.el5_11.1.i686.rpm
    glibc-debuginfo-2.5-123.el5_11.1.x86_64.rpm
    glibc-debuginfo-common-2.5-123.el5_11.1.i386.rpm
    glibc-devel-2.5-123.el5_11.1.i386.rpm
    glibc-devel-2.5-123.el5_11.1.x86_64.rpm
    glibc-headers-2.5-123.el5_11.1.x86_64.rpm
    glibc-utils-2.5-123.el5_11.1.x86_64.rpm
    nscd-2.5-123.el5_11.1.x86_64.rpm
  i386
    glibc-2.5-123.el5_11.1.i386.rpm
    glibc-2.5-123.el5_11.1.i686.rpm
    glibc-common-2.5-123.el5_11.1.i386.rpm
    glibc-debuginfo-2.5-123.el5_11.1.i386.rpm
    glibc-debuginfo-2.5-123.el5_11.1.i686.rpm
    glibc-debuginfo-common-2.5-123.el5_11.1.i386.rpm
    glibc-devel-2.5-123.el5_11.1.i386.rpm
    glibc-headers-2.5-123.el5_11.1.i386.rpm
    glibc-utils-2.5-123.el5_11.1.i386.rpm
    nscd-2.5-123.el5_11.1.i386.rpm

- Scientific Linux Development Team

SciLinux: CVE-2015-0235 Critical: glibc SL5.x i386/x86_64

Critical: glibc security update

Summary

Critical: glibc security update



Security Fixes

Severity
Advisory ID: SLSA-2015:0090-1
Issued Date: : 2015-01-27
CVE Numbers: CVE-2015-0235
A heap-based buffer overflow was found in glibc's

Related News