SciLinux: CVE-2015-0235 Critical: glibc SL5.x i386/x86_64
Summary
Critical: glibc security update
Date: Tue, 27 Jan 2015 08:59:04 -0600 Reply-To: Pat RieheckySender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 6x i386, x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to i386: alsa-utils-1.0.22-9.el6_6.i686.rpm dhclient-4.1.1-43.P1.el6_6.1.i686.rpm dhcp-4.1.1-43.P1.el6_6.1.i686.rpm dhcp-common-4.1.1-43.P1.el6_6.1.i686.rpm dhcp-devel-4.1.1-43.P1.el6_6.1.i686.rpm kdebase-workspace-4.3.4-29.el6_6.i686.rpm kdebase-workspace-akonadi-4.3.4-29.el6_6.i686.rpm kdebase-workspace-devel-4.3.4-29.el6_6.i686.rpm kdebase-workspace-libs-4.3.4-29.el6_6.i686.rpm kdebase-workspace-python-applet-4.3.4-29.el6_6.i686.rpm kdebase-workspace-wallpapers-4.3.4-29.el6_6.noarch.rpm kdm-4.3.4-29.el6_6.i686.rpm ksysguardd-4.3.4-29.el6_6.i686.rpm oxygen-cursor-themes-4.3.4-29.el6_6.noarch.rpm x86_64: alsa-utils-1.0.22-9.el6_6.x86_64.rpm dhclient-4.1.1-43.P1.el6_6.1.x86_64.rpm dhcp-4.1.1-43.P1.el6_6.1.x86_64.rpm dhcp-common-4.1.1-43.P1.el6_6.1.x86_64.rpm dhcp-devel-4.1.1-43.P1.el6_6.1.i686.rpm dhcp-devel-4.1.1-43.P1.el6_6.1.x86_64.rpm kdebase-workspace-4.3.4-29.el6_6.x86_64.rpm kdebase-workspace-akonadi-4.3.4-29.el6_6.x86_64.rpm kdebase-workspace-devel-4.3.4-29.el6_6.i686.rpm kdebase-workspace-devel-4.3.4-29.el6_6.x86_64.rpm kdebase-workspace-libs-4.3.4-29.el6_6.i686.rpm kdebase-workspace-libs-4.3.4-29.el6_6.x86_64.rpm kdebase-workspace-python-applet-4.3.4-29.el6_6.x86_64.rpm kdebase-workspace-wallpapers-4.3.4-29.el6_6.noarch.rpm kdm-4.3.4-29.el6_6.x86_64.rpm ksysguardd-4.3.4-29.el6_6.x86_64.rpm oxygen-cursor-themes-4.3.4-29.el6_6.noarch.rpm Date: Tue, 27 Jan 2015 09:29:17 -0600 Reply-To: Pat Riehecky Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: FASTBUGS for SL 7x x86_64 now available MIME-Version: 1.0 The following FASTBUGS have been uploaded to http://ftp.scientificlinux.org/linux/scientific/7x/x86_64/updates/fastbugs/ x86_64: augeas-1.1.0-12.el7_0.1.x86_64.rpm augeas-devel-1.1.0-12.el7_0.1.i686.rpm augeas-devel-1.1.0-12.el7_0.1.x86_64.rpm augeas-libs-1.1.0-12.el7_0.1.i686.rpm augeas-libs-1.1.0-12.el7_0.1.x86_64.rpm pcs-0.9.115-32.el7_0.1.x86_64.rpm Date: Tue, 27 Jan 2015 18:56:40 +0000 Reply-To: scientific-linux-users@listserv.fnal.gov Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Critical: glibc on SL5.x i386/x86_64 MIME-Version: 1.0 Synopsis: Critical: glibc security update Advisory ID: SLSA-2015:0090-1 Issue Date: 2015-01-27 CVE Numbers: CVE-2015-0235 -- A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. (CVE-2015-0235) -- SL5 x86_64 glibc-2.5-123.el5_11.1.i686.rpm glibc-2.5-123.el5_11.1.x86_64.rpm glibc-common-2.5-123.el5_11.1.x86_64.rpm glibc-debuginfo-2.5-123.el5_11.1.i386.rpm glibc-debuginfo-2.5-123.el5_11.1.i686.rpm glibc-debuginfo-2.5-123.el5_11.1.x86_64.rpm glibc-debuginfo-common-2.5-123.el5_11.1.i386.rpm glibc-devel-2.5-123.el5_11.1.i386.rpm glibc-devel-2.5-123.el5_11.1.x86_64.rpm glibc-headers-2.5-123.el5_11.1.x86_64.rpm glibc-utils-2.5-123.el5_11.1.x86_64.rpm nscd-2.5-123.el5_11.1.x86_64.rpm i386 glibc-2.5-123.el5_11.1.i386.rpm glibc-2.5-123.el5_11.1.i686.rpm glibc-common-2.5-123.el5_11.1.i386.rpm glibc-debuginfo-2.5-123.el5_11.1.i386.rpm glibc-debuginfo-2.5-123.el5_11.1.i686.rpm glibc-debuginfo-common-2.5-123.el5_11.1.i386.rpm glibc-devel-2.5-123.el5_11.1.i386.rpm glibc-headers-2.5-123.el5_11.1.i386.rpm glibc-utils-2.5-123.el5_11.1.i386.rpm nscd-2.5-123.el5_11.1.i386.rpm - Scientific Linux Development Team
Critical: glibc security update