Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 524
Alerts This Week
Warning Icon 1 524

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -5 articles for you...
202

openSUSE 15.4/15.5 Advisory 2023:2760-2 Moderate: dns Issues

This update for dnsdist fixes the following issues: update to 1.8.0 Implements dnsdist in SLE15 (jsc#PED-3402). # Security update for dnsdist Announcement ID: SUSE-SU-2023:2760-2 Rating: moderate References: * bsc#1054799 * bsc#1054802 * bsc#1114511 Cross-References: * CVE-2016-7069 * CVE-2017-7557 * CVE-2018-14663 CVSS scores: * CVE-2016-7069 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2017-7557 ( NVD ): 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-14663 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for dnsdist fixes the following issues: * update to 1.8.0 * Implements dnsdist in SLE15 (jsc#PED-3402) * Security fix: fixes a possible record smugging with a crafted DNS query with trailing data (CVE-2018-14663, bsc#1114511) * update to 1.2.0 (bsc#1054799, bsc#1054802) This release also addresses two security issues of low severity, CVE-2016-7069 and CVE-2017-7557. The first issue can lead to a denial of service on 32-bit if a backend sends crafted answers, and the second to an alteration of dnsdist’s ACL if the API is enabled, writable and an authenticated user is tricked into visiting a crafted website. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-2760=1 * openSUSE Leap 15.4 zypper in -tpatch openSUSE-SLE-15.4-2023-2760=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-2760=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libluajit-5_1-2-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * dnsdist-debugsource-1.8.0-150400.9.3.1 * dnsdist-debuginfo-1.8.0-150400.9.3.1 * dnsdist-1.8.0-150400.9.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libluajit-5_1-2-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * dnsdist-debugsource-1.8.0-150400.9.3.1 * luajit-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * luajit-debugsource-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * libluajit-5_1-2-debuginfo-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * dnsdist-debuginfo-1.8.0-150400.9.3.1 * luajit-debuginfo-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * luajit-devel-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * dnsdist-1.8.0-150400.9.3.1 * openSUSE Leap 15.4 (x86_64) * libluajit-5_1-2-32bit-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * libluajit-5_1-2-32bit-debuginfo-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libluajit-5_1-2-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * dnsdist-debugsource-1.8.0-150400.9.3.1 * luajit-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * luajit-debugsource-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * libluajit-5_1-2-debuginfo-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * dnsdist-debuginfo-1.8.0-150400.9.3.1 * luajit-debuginfo-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * luajit-devel-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * dnsdist-1.8.0-150400.9.3.1 * openSUSE Leap 15.5 (x86_64) * libluajit-5_1-2-32bit-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 * libluajit-5_1-2-32bit-debuginfo-2.1.0~beta3+git.1624618403.e9577376-150400.4.2.1 ## References: *https://www.suse.com/security/cve/CVE-2016-7069.html * https://www.suse.com/security/cve/CVE-2017-7557.html * https://www.suse.com/security/cve/CVE-2018-14663.html * https://bugzilla.suse.com/show_bug.cgi?id=1054799 * https://bugzilla.suse.com/show_bug.cgi?id=1054802 * https://bugzilla.suse.com/show_bug.cgi?id=1114511 . Important security notice for dnsdist pertaining to multiple vulnerabilities in openSUSE systems. Urgent measures recommended.. dnsdist Update, openSUSE Advisory, Security Patch. . LinuxSecurity.com Team

Calendar%202 Feb 27, 2024 OpenSUSE
98

Red Hat RHSA-2021:0401-01 Important: DNS Exploits and Buffer Overflow

An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat Virtualization Host security bug fix and enhancement update [ovirt-4.4.4] Advisory ID: RHSA-2021:0401-01 Product: Red Hat Virtualization Advisory URL: https://access.redhat.com/errata/RHSA-2021:0401 Issue date: 2021-02-03 CVE Names: CVE-2020-25684 CVE-2020-25685 CVE-2020-25686 CVE-2021-3156 ==================================================================== 1. Summary: An update for imgbased, redhat-release-virtualization-host, and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: RHEL 8-based RHEV-H for RHEV 4 (build requirements) - noarch, x86_64 Red Hat Virtualization 4 Hypervisor for RHEL 8 - noarch, x86_64 Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch 3. Description: The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Security Fix(es): * sudo:Heap buffer overflow in argument parsing (CVE-2021-3156) * dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25684) * dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker (CVE-2020-25685) * dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker (CVE-2020-25686) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Previously, the Red Hat Virtualization Host (RHV-H) repository (rhvh-4-for-rhel-8-x86_64-rpms) did not include the libsmbclient package, which is a dependency for the sssd-ad package. Consequently, the sssd-ad package failed to install. With this update, the libsmbclient is now in the RHV-H repository, and sssd-ad now installs on RHV-H. (BZ#1868967) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/2974891 After installing this update, the smb service will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 1850939 - Hosted engine deployment does not properly show iSCSI LUN errors1868967 - sssd-ad installation fails on RHV-H 4.4 due to missing libsmbclient from samba package in rhvh-4-for-rhel-8-x86_64-rpms channel 1889686 - CVE-2020-25684 dnsmasq: loose address/port check in reply_query() makes forging replies easier for an off-path attacker 1889688 - CVE-2020-25685 dnsmasq: loose query name check in reply_query() makes forging replies easier for an off-path attacker 1890125 - CVE-2020-25686 dnsmasq: multiple queries forwarded for the same name makes forging replies easier for an off-path attacker 1902315 - Rebase RHV-H 4.4 to RHV 4.4.4 1902646 - ssh connection fails due to overly permissive openssh.config file permissions 1909644 - HE deploy failedwith "Failed to download metadata for repo 'rhel-8-for-x86_64-baseos-beta-rpms': Cannot download repomd.xml 1917684 - CVE-2021-3156 sudo: Heap buffer overflow in argument parsing 1921553 - RHVH upgrade to the latest 4.4.4-1 build will fail due to FileNotFoundError 1923126 - Hosted Engine setup fails on storage selection - Retrieval of iSCSI targets failed. 6. Package List: Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts: Source: cockpit-ovirt-0.14.17-1.el8ev.src.rpm noarch: cockpit-ovirt-dashboard-0.14.17-1.el8ev.noarch.rpm Red Hat Virtualization 4 Hypervisor for RHEL8: Source: redhat-virtualization-host-4.4.4-20210201.0.el8_3.src.rpm samba-4.12.3-12.el8.3.src.rpm sssd-2.3.0-9.el8.src.rpm noarch: python3-sssdconfig-2.3.0-9.el8.noarch.rpm redhat-virtualization-host-image-update-4.4.4-20210201.0.el8_3.noarch.rpm x86_64: libipa_hbac-2.3.0-9.el8.x86_64.rpm libipa_hbac-debuginfo-2.3.0-9.el8.x86_64.rpm libsmbclient-4.12.3-12.el8.3.x86_64.rpm libsmbclient-debuginfo-4.12.3-12.el8.3.x86_64.rpm libsss_autofs-2.3.0-9.el8.x86_64.rpm libsss_autofs-debuginfo-2.3.0-9.el8.x86_64.rpm libsss_certmap-2.3.0-9.el8.x86_64.rpm libsss_certmap-debuginfo-2.3.0-9.el8.x86_64.rpm libsss_idmap-2.3.0-9.el8.x86_64.rpm libsss_idmap-debuginfo-2.3.0-9.el8.x86_64.rpm libsss_nss_idmap-2.3.0-9.el8.x86_64.rpm libsss_nss_idmap-debuginfo-2.3.0-9.el8.x86_64.rpm libsss_nss_idmap-devel-2.3.0-9.el8.x86_64.rpm libsss_simpleifp-2.3.0-9.el8.x86_64.rpm libsss_simpleifp-debuginfo-2.3.0-9.el8.x86_64.rpm libsss_sudo-2.3.0-9.el8.x86_64.rpm libsss_sudo-debuginfo-2.3.0-9.el8.x86_64.rpm python3-libipa_hbac-2.3.0-9.el8.x86_64.rpm python3-libipa_hbac-debuginfo-2.3.0-9.el8.x86_64.rpm python3-libsss_nss_idmap-2.3.0-9.el8.x86_64.rpm python3-libsss_nss_idmap-debuginfo-2.3.0-9.el8.x86_64.rpm python3-sss-2.3.0-9.el8.x86_64.rpm python3-sss-debuginfo-2.3.0-9.el8.x86_64.rpm python3-sss-murmur-2.3.0-9.el8.x86_64.rpm python3-sss-murmur-debuginfo-2.3.0-9.el8.x86_64.rpm samba-debuginfo-4.12.3-12.el8.3.x86_64.rpm samba-debugsource-4.12.3-12.el8.3.x86_64.rpm sssd-2.3.0-9.el8.x86_64.rpm sssd-ad-2.3.0-9.el8.x86_64.rpm sssd-ad-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-client-2.3.0-9.el8.x86_64.rpm sssd-client-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-common-2.3.0-9.el8.x86_64.rpm sssd-common-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-common-pac-2.3.0-9.el8.x86_64.rpm sssd-common-pac-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-dbus-2.3.0-9.el8.x86_64.rpm sssd-dbus-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-debugsource-2.3.0-9.el8.x86_64.rpm sssd-ipa-2.3.0-9.el8.x86_64.rpm sssd-ipa-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-kcm-2.3.0-9.el8.x86_64.rpm sssd-kcm-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-krb5-2.3.0-9.el8.x86_64.rpm sssd-krb5-common-2.3.0-9.el8.x86_64.rpm sssd-krb5-common-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-krb5-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-ldap-2.3.0-9.el8.x86_64.rpm sssd-ldap-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-libwbclient-2.3.0-9.el8.x86_64.rpm sssd-libwbclient-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-nfs-idmap-2.3.0-9.el8.x86_64.rpm sssd-nfs-idmap-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-polkit-rules-2.3.0-9.el8.x86_64.rpm sssd-proxy-2.3.0-9.el8.x86_64.rpm sssd-proxy-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-tools-2.3.0-9.el8.x86_64.rpm sssd-tools-debuginfo-2.3.0-9.el8.x86_64.rpm sssd-winbind-idmap-2.3.0-9.el8.x86_64.rpm sssd-winbind-idmap-debuginfo-2.3.0-9.el8.x86_64.rpm RHEL 8-based RHEV-H for RHEV 4 (build requirements): Source: imgbased-1.2.16-0.1.el8ev.src.rpm redhat-release-virtualization-host-4.4.4-1.el8ev.src.rpm noarch: imgbased-1.2.16-0.1.el8ev.noarch.rpm python3-imgbased-1.2.16-0.1.el8ev.noarch.rpm redhat-virtualization-host-image-update-placeholder-4.4.4-1.el8ev.noarch.rpm x86_64: redhat-release-virtualization-host-4.4.4-1.el8ev.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-25684 https://access.redhat.com/security/cve/CVE-2020-25685 https://access.redhat.com/security/cve/CVE-2020-25686 https://access.redhat.com/security/cve/CVE-2021-3156 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/security/vulnerabilities/RHSB-2021-001 https://access.redhat.com/security/vulnerabilities/RHSB-2021-002 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYBrMFtzjgjWX9erEAQhLyg//QeuuLd9ARm9ImsGVCZQZmnSnwoeLU5q4 nYjZRw5CLGOuw23qJv17Dj658650+v90lD4JWKUPlSbCnubhmct+WvlbDUG9XX0X gjrtn4cEmFRz3dMEbMr1kWLtGuzRIR63l6yM+H/5Ucw5Q0AqzddYgGi6kcY2ec4I yC2ebejLzBcmRSlObitcgUc2kuLICYFQHCgW0P4dvukE3+B9Ga1l81G3rTtM5H/4 UkpUxoQLXxSMLAyx/3IB0rElvsGCZVqLKSCgUZysgBi+RN1DtyFzF4+Eplc2LGKq yMVI5hPioccorQk1X0102gi0H8yJhVeakn9KEVr4iX+ZrMYhNcMOSAr+mZlKZqjx TwHxyyyUKCekfMWM83dyLRQb18hh32FZCftAsRmKNTIJQ+g5u2nT8dKkaFkWU0NI +LgtMMtLeulg/40fObOuqdXQVp3lLVPLvhyUityGP4PPRrkXCaG3dJDGNIFJ96eU clx9EOpdtDDThmi3IHnN92vnYxcI+j14PY6822ho0LlGCIL9ORyiYVpFbK+yMR6+ UpMPXE0HPrfipVTkR2kDQilcwJTELiJYTqB1tsm/4C3ODt336zPDdcdRvpxGYX8j aNN1pf5K3tT5nN3ry0J7EvzB8cjT0tQTJWri/L4GywZlRRg58q7bqZbRDrzBwzNi md9bPrmC2GU=Sqsc -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Important revision for Red Hat Virtualization Host tackling memory corruption and DNS query concerns for RHEL 8.. Red Hat Virtualization Security, RHEL Update, Virtualization Host Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Feb 03, 2021 Important Red Hat
197

Debian 7: DLA-1025-1 Critical: Bind9 TSIG Authentication Issues

CVE-2017-3142 An attacker who is able to send and receive messages to an authoritative . Hash: SHA512 Package : bind9 Version : 1:9.8.4.dfsg.P1-6+nmu2+deb7u17 CVE ID : CVE-2017-3142 CVE-2017-3143 CVE-2017-3142 An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name may be able to circumvent TSIG authentication of AXFR requests via a carefully constructed request packet. A server that relies solely on TSIG keys for protection with no other ACL protection could be manipulated into: - providing an AXFR of a zone to an unauthorized recipient - accepting bogus NOTIFY packets CVE-2017-3143 An attacker who is able to send and receive messages to an authoritative DNS server and who has knowledge of a valid TSIG key name for the zone and service being targeted may be able to manipulate BIND into accepting an unauthorized dynamic update. For Debian 7 "Wheezy", these problems have been fixed in version 1:9.8.4.dfsg.P1-6+nmu2+deb7u17. We recommend that you upgrade your bind9 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS . Significant resolution problems in domain name system administration addressed in Debian Long Term Support. Ensure protection from TSIG threats.. bind9 security, Debian LTS advisory, DNS authentication, system updates. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 13, 2017 Critical Debian LTS
98

Red Hat: RHSA-2015-0863-01 Moderate: glibc Buffer Overflow Issues

Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: glibc security and bug fix update Advisory ID: RHSA-2015:0863-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2015:0863.html Issue date: 2015-04-21 CVE Names: CVE-2013-7423 CVE-2015-1781 ==================================================================== 1. Summary: Updated glibc packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. A buffer overflow flaw wasfound in the way glibc's gethostbyname_r() and other related functions computed the size of a buffer when passed a misaligned buffer as input. An attacker able to make an application call any of these functions with a misaligned buffer could use this flaw to crash the application or, potentially, execute arbitrary code with the permissions of the user running the application. (CVE-2015-1781) It was discovered that, under certain circumstances, glibc's getaddrinfo() function would send DNS queries to random file descriptors. An attacker could potentially use this flaw to send DNS queries to unintended recipients, resulting in information disclosure or data loss due to the application encountering corrupted data. (CVE-2013-7423) The CVE-2015-1781 issue was discovered by Arjun Shankar of Red Hat. This update also fixes the following bug: * Previously, the nscd daemon did not properly reload modified data when the user edited monitored nscd configuration files. As a consequence, nscd returned stale data to system processes. This update adds a system of inotify-based monitoring and stat-based backup monitoring for nscd configuration files. As a result, nscd now detects changes to its configuration files and reloads the data properly, which prevents it from returning stale data. (BZ#1194149) All glibc users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1187109 - CVE-2013-7423 glibc: getaddrinfo() writes DNS queries to random file descriptors under high load 1199525 - CVE-2015-1781 glibc: buffer overflow in gethostbyname_r() and related functions with misaligned buffer 6. Package List: Red Hat Enterprise Linux Desktop (v.6): Source: glibc-2.12-1.149.el6_6.7.src.rpm i386: glibc-2.12-1.149.el6_6.7.i686.rpm glibc-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-devel-2.12-1.149.el6_6.7.i686.rpm glibc-headers-2.12-1.149.el6_6.7.i686.rpm glibc-utils-2.12-1.149.el6_6.7.i686.rpm nscd-2.12-1.149.el6_6.7.i686.rpm x86_64: glibc-2.12-1.149.el6_6.7.i686.rpm glibc-2.12-1.149.el6_6.7.x86_64.rpm glibc-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-devel-2.12-1.149.el6_6.7.i686.rpm glibc-devel-2.12-1.149.el6_6.7.x86_64.rpm glibc-headers-2.12-1.149.el6_6.7.x86_64.rpm glibc-utils-2.12-1.149.el6_6.7.x86_64.rpm nscd-2.12-1.149.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-static-2.12-1.149.el6_6.7.i686.rpm x86_64: glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-static-2.12-1.149.el6_6.7.i686.rpm glibc-static-2.12-1.149.el6_6.7.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: glibc-2.12-1.149.el6_6.7.src.rpm x86_64: glibc-2.12-1.149.el6_6.7.i686.rpm glibc-2.12-1.149.el6_6.7.x86_64.rpm glibc-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-devel-2.12-1.149.el6_6.7.i686.rpm glibc-devel-2.12-1.149.el6_6.7.x86_64.rpm glibc-headers-2.12-1.149.el6_6.7.x86_64.rpm glibc-utils-2.12-1.149.el6_6.7.x86_64.rpm nscd-2.12-1.149.el6_6.7.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v.6): x86_64: glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-static-2.12-1.149.el6_6.7.i686.rpm glibc-static-2.12-1.149.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: glibc-2.12-1.149.el6_6.7.src.rpm i386: glibc-2.12-1.149.el6_6.7.i686.rpm glibc-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-devel-2.12-1.149.el6_6.7.i686.rpm glibc-headers-2.12-1.149.el6_6.7.i686.rpm glibc-utils-2.12-1.149.el6_6.7.i686.rpm nscd-2.12-1.149.el6_6.7.i686.rpm ppc64: glibc-2.12-1.149.el6_6.7.ppc.rpm glibc-2.12-1.149.el6_6.7.ppc64.rpm glibc-common-2.12-1.149.el6_6.7.ppc64.rpm glibc-debuginfo-2.12-1.149.el6_6.7.ppc.rpm glibc-debuginfo-2.12-1.149.el6_6.7.ppc64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.ppc.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.ppc64.rpm glibc-devel-2.12-1.149.el6_6.7.ppc.rpm glibc-devel-2.12-1.149.el6_6.7.ppc64.rpm glibc-headers-2.12-1.149.el6_6.7.ppc64.rpm glibc-utils-2.12-1.149.el6_6.7.ppc64.rpm nscd-2.12-1.149.el6_6.7.ppc64.rpm s390x: glibc-2.12-1.149.el6_6.7.s390.rpm glibc-2.12-1.149.el6_6.7.s390x.rpm glibc-common-2.12-1.149.el6_6.7.s390x.rpm glibc-debuginfo-2.12-1.149.el6_6.7.s390.rpm glibc-debuginfo-2.12-1.149.el6_6.7.s390x.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.s390.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.s390x.rpm glibc-devel-2.12-1.149.el6_6.7.s390.rpm glibc-devel-2.12-1.149.el6_6.7.s390x.rpm glibc-headers-2.12-1.149.el6_6.7.s390x.rpm glibc-utils-2.12-1.149.el6_6.7.s390x.rpm nscd-2.12-1.149.el6_6.7.s390x.rpm x86_64: glibc-2.12-1.149.el6_6.7.i686.rpm glibc-2.12-1.149.el6_6.7.x86_64.rpm glibc-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-devel-2.12-1.149.el6_6.7.i686.rpm glibc-devel-2.12-1.149.el6_6.7.x86_64.rpm glibc-headers-2.12-1.149.el6_6.7.x86_64.rpm glibc-utils-2.12-1.149.el6_6.7.x86_64.rpm nscd-2.12-1.149.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.6): i386: glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-static-2.12-1.149.el6_6.7.i686.rpm ppc64: glibc-debuginfo-2.12-1.149.el6_6.7.ppc.rpm glibc-debuginfo-2.12-1.149.el6_6.7.ppc64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.ppc.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.ppc64.rpm glibc-static-2.12-1.149.el6_6.7.ppc.rpm glibc-static-2.12-1.149.el6_6.7.ppc64.rpm s390x: glibc-debuginfo-2.12-1.149.el6_6.7.s390.rpm glibc-debuginfo-2.12-1.149.el6_6.7.s390x.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.s390.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.s390x.rpm glibc-static-2.12-1.149.el6_6.7.s390.rpm glibc-static-2.12-1.149.el6_6.7.s390x.rpm x86_64: glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-static-2.12-1.149.el6_6.7.i686.rpm glibc-static-2.12-1.149.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: glibc-2.12-1.149.el6_6.7.src.rpm i386: glibc-2.12-1.149.el6_6.7.i686.rpm glibc-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-devel-2.12-1.149.el6_6.7.i686.rpm glibc-headers-2.12-1.149.el6_6.7.i686.rpm glibc-utils-2.12-1.149.el6_6.7.i686.rpm nscd-2.12-1.149.el6_6.7.i686.rpm x86_64: glibc-2.12-1.149.el6_6.7.i686.rpm glibc-2.12-1.149.el6_6.7.x86_64.rpm glibc-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-devel-2.12-1.149.el6_6.7.i686.rpm glibc-devel-2.12-1.149.el6_6.7.x86_64.rpm glibc-headers-2.12-1.149.el6_6.7.x86_64.rpm glibc-utils-2.12-1.149.el6_6.7.x86_64.rpm nscd-2.12-1.149.el6_6.7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v.6): i386: glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-static-2.12-1.149.el6_6.7.i686.rpm x86_64: glibc-debuginfo-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-2.12-1.149.el6_6.7.x86_64.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.i686.rpm glibc-debuginfo-common-2.12-1.149.el6_6.7.x86_64.rpm glibc-static-2.12-1.149.el6_6.7.i686.rpm glibc-static-2.12-1.149.el6_6.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2013-7423 https://access.redhat.com/security/cve/CVE-2015-1781 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2015 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFVNjZcXlSAg2UNWIIRAh/vAJ9G7IfTpj10LLreiOJXlgHOKyyxUQCbB8c+ EUh5mWbL+UqNLADhrfGmOYk=+85j -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A security update with moderate severity released to tackle glibc vulnerabilities and address bugs for users of Red Hat systems.. glibc Update, Red Hat Security, Bug Fixes, Threat Mitigation. . LinuxSecurity.com Team

Calendar%202 Apr 21, 2015 Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200