ELSA-2012-1098

Опубликовано: 18 июл. 2012

Источник: oracle-oval

Платформа: Oracle Linux 6

Описание

ELSA-2012-1098: glibc security and bug fix update (MODERATE)

[2.12-1.80.el6_3.3]

Fix incorrect/corrupt patchfile for 833716. Did not affect generated code, but tests were missing (#833716).

[2.12-1.80.el6_3.2]

Fix regression after patch for BZ804630 (#837026).

[2.12-1.80.el6_3.1]

Fixes an unbound alloca and related problems. (#833716)

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

glibc

2.12-1.80.el6_3.3

glibc-common

2.12-1.80.el6_3.3

glibc-devel

2.12-1.80.el6_3.3

glibc-headers

2.12-1.80.el6_3.3

glibc-static

2.12-1.80.el6_3.3

glibc-utils

2.12-1.80.el6_3.3

nscd

2.12-1.80.el6_3.3

Oracle Linux i686

glibc

2.12-1.80.el6_3.3

glibc-common

2.12-1.80.el6_3.3

glibc-devel

2.12-1.80.el6_3.3

glibc-headers

2.12-1.80.el6_3.3

glibc-static

2.12-1.80.el6_3.3

glibc-utils

2.12-1.80.el6_3.3

nscd

2.12-1.80.el6_3.3

Связанные CVE

CVE-2012-3404

CVE-2012-3406

CVE-2012-3405

Ссылки на источники

Связанные уязвимости

SUSE-SU-2015:0551-1

suse-cvrf

почти 12 лет назад

Security update for glibc

CVE-2012-3404

ubuntu

больше 11 лет назад

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Library (aka glibc) 2.12 and other versions does not properly calculate a buffer length, which allows context-dependent attackers to bypass the FORTIFY_SOURCE format-string protection mechanism and cause a denial of service (stack corruption and crash) via a format string that uses positional parameters and many format specifiers.

CVE-2012-3404

redhat

около 13 лет назад

CVE-2012-3404

nvd

больше 11 лет назад

CVE-2012-3404

debian

больше 11 лет назад

The vfprintf function in stdio-common/vfprintf.c in libc in GNU C Libr ...