Описание
ELSA-2015-0863: glibc security and bug fix update (MODERATE)
[2.12-1.149.7]
- Fix invalid file descriptor reuse while sending DNS query (#1207995, CVE-2013-7423).
- Fix buffer overflow in gethostbyname_r with misaligned buffer (#1209375, CVE-2015-1781).
[2.12-1.149.6]
- Enhance nscd to detect any configuration file changes (#1194149).
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
glibc
2.12-1.149.el6_6.7
glibc-common
2.12-1.149.el6_6.7
glibc-devel
2.12-1.149.el6_6.7
glibc-headers
2.12-1.149.el6_6.7
glibc-static
2.12-1.149.el6_6.7
glibc-utils
2.12-1.149.el6_6.7
nscd
2.12-1.149.el6_6.7
Oracle Linux i686
glibc
2.12-1.149.el6_6.7
glibc-common
2.12-1.149.el6_6.7
glibc-devel
2.12-1.149.el6_6.7
glibc-headers
2.12-1.149.el6_6.7
glibc-static
2.12-1.149.el6_6.7
glibc-utils
2.12-1.149.el6_6.7
nscd
2.12-1.149.el6_6.7
Связанные CVE
Связанные уязвимости
ELSA-2015-2199: glibc security, bug fix, and enhancement update (MODERATE)
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
Buffer overflow in the gethostbyname_r and other unspecified NSS funct ...