[UCI-Linux] bugzilla@redhat.com: [RHSA-2002:197-09] Updated glibc packages fix vulnerabilities in resolver
Mike IGLESIAS
IGLESIAS@uci.edu
Thu, 07 Nov 2002 13:11:41 -0800
THis is an update of a previous patch
------- Forwarded Message
Received: from outgoing.securityfocus.com (outgoing2.securityfocus.com [205.206.231.26])
by draco.acs.uci.edu (8.11.6/8.11.6) with ESMTP id gA7Kg8A22363
for <iglesias@draco.acs.uci.edu>; Thu, 7 Nov 2002 12:42:08 -0800
Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19])
by outgoing.securityfocus.com (Postfix) with QMQP
id 510498F318; Thu, 7 Nov 2002 08:48:38 -0700 (MST)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 13145 invoked from network); 7 Nov 2002 00:28:30 -0000
Message-Id: <200211070058.gA70wMt04304@porkchop.devel.redhat.com>
Mime-version: 1.0
Content-type: text/plain; charset="iso-8859-1"
Subject: [RHSA-2002:197-09] Updated glibc packages fix vulnerabilities in resolver
From: bugzilla@redhat.com
Date: Wed, 6 Nov 2002 19:58 -0500
To: redhat-watch-list@redhat.com, redhat-announce-list@redhat.com
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by draco.acs.uci.edu id gA7Kg8A22363
X-Spam-Status: No, hits=1.9 required=5.0
tests=NO_REAL_NAME,DOUBLE_CAPSWORD,WEIRD_PORT
version=2.31
X-Spam-Level: *
- ---------------------------------------------------------------------
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated glibc packages fix vulnerabilities in resolver
Advisory ID: RHSA-2002:197-09
Issue date: 2002-09-10
Updated on: 2002-11-06
Product: Red Hat Linux
Keywords: glibc resolv DNS
Cross references:
Obsoletes: RHSA-2002:166-07
CVE Names: CAN-2002-1146
- ---------------------------------------------------------------------
1. Topic:
Updated glibc packages are available to fix a buffer overflow in the
resolver.
2. Relevant releases/architectures:
Red Hat Linux 6.2 - alpha, i386, sparc, sparcv9
Red Hat Linux 7.0 - alpha, alphaev6, i386, i686
Red Hat Linux 7.1 - alpha, alphaev6, i386, i686, ia64
Red Hat Linux 7.2 - i386, i686, ia64
Red Hat Linux 7.3 - i386, i686
3. Problem description:
The GNU C library package, glibc, contains standard libraries used by
multiple programs on the system.
A read buffer overflow vulnerability exists in the glibc resolver code in
versions of glibc up to and including 2.2.5. The vulnerability is
triggered by DNS packets larger than 1024 bytes and can cause applications
to crash.
All Red Hat Linux users are advised to upgrade to these errata packages
which contain a patch to correct this vulnerability.
This errata has been updated to work with programs querying DNS from
extremely small stack sizes, such as MySQL.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.
Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):
75128 - MySQL hangs/crashes after glibc upgrade
73694 - forkexec and resulting stack limit differences (pthread vs. no pthread)
6. RPMs required:
Red Hat Linux 6.2:
SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/glibc-2.1.3-28.src.rpm
alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-2.1.3-28.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-devel-2.1.3-28.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/glibc-profile-2.1.3-28.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/nscd-2.1.3-28.alpha.rpm
i386:
ftp://updates.redhat.com/6.2/en/os/i386/glibc-2.1.3-28.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/glibc-devel-2.1.3-28.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/glibc-profile-2.1.3-28.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/nscd-2.1.3-28.i386.rpm
sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-2.1.3-28.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-devel-2.1.3-28.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/glibc-profile-2.1.3-28.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/nscd-2.1.3-28.sparc.rpm
sparcv9:
ftp://updates.redhat.com/6.2/en/os/sparcv9/glibc-2.1.3-28.sparcv9.rpm
Red Hat Linux 7.0:
SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.8.src.rpm
alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-2.2.4-18.7.0.8.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.8.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.8.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.8.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/nscd-2.2.4-18.7.0.8.alpha.rpm
alphaev6:
ftp://updates.redhat.com/7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.8.alphaev6.rpm
i386:
ftp://updates.redhat.com/7.0/en/os/i386/glibc-2.2.4-18.7.0.8.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-common-2.2.4-18.7.0.8.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.8.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.8.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/nscd-2.2.4-18.7.0.8.i386.rpm
i686:
ftp://updates.redhat.com/7.0/en/os/i686/glibc-2.2.4-18.7.0.8.i686.rpm
Red Hat Linux 7.1:
SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/glibc-2.2.4-31.src.rpm
alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-2.2.4-31.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-common-2.2.4-31.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-devel-2.2.4-31.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/glibc-profile-2.2.4-31.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/nscd-2.2.4-31.alpha.rpm
alphaev6:
ftp://updates.redhat.com/7.1/en/os/alphaev6/glibc-2.2.4-31.alphaev6.rpm
i386:
ftp://updates.redhat.com/7.1/en/os/i386/glibc-2.2.4-31.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-common-2.2.4-31.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-devel-2.2.4-31.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/glibc-profile-2.2.4-31.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/nscd-2.2.4-31.i386.rpm
i686:
ftp://updates.redhat.com/7.1/en/os/i686/glibc-2.2.4-31.i686.rpm
ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-2.2.4-31.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-common-2.2.4-31.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-devel-2.2.4-31.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/glibc-profile-2.2.4-31.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/nscd-2.2.4-31.ia64.rpm
Red Hat Linux 7.2:
SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/glibc-2.2.4-31.src.rpm
i386:
ftp://updates.redhat.com/7.2/en/os/i386/glibc-2.2.4-31.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-common-2.2.4-31.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-devel-2.2.4-31.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/glibc-profile-2.2.4-31.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/nscd-2.2.4-31.i386.rpm
i686:
ftp://updates.redhat.com/7.2/en/os/i686/glibc-2.2.4-31.i686.rpm
ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-2.2.4-31.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-common-2.2.4-31.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-devel-2.2.4-31.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/glibc-profile-2.2.4-31.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/nscd-2.2.4-31.ia64.rpm
Red Hat Linux 7.3:
SRPMS:
ftp://updates.redhat.com/7.3/en/os/SRPMS/glibc-2.2.5-42.src.rpm
i386:
ftp://updates.redhat.com/7.3/en/os/i386/glibc-2.2.5-42.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-common-2.2.5-42.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-debug-2.2.5-42.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-debug-static-2.2.5-42.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-devel-2.2.5-42.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-profile-2.2.5-42.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/glibc-utils-2.2.5-42.i386.rpm
ftp://updates.redhat.com/7.3/en/os/i386/nscd-2.2.5-42.i386.rpm
i686:
ftp://updates.redhat.com/7.3/en/os/i686/glibc-2.2.5-42.i686.rpm
ftp://updates.redhat.com/7.3/en/os/i686/glibc-debug-2.2.5-42.i686.rpm
7. Verification:
MD5 sum Package Name
- --------------------------------------------------------------------------
42a492e324a0cc4f20b69d90e17a72be 6.2/en/os/SRPMS/glibc-2.1.3-28.src.rpm
e0a2f8aad3c4a1a98f6f298bbfff3a23 6.2/en/os/alpha/glibc-2.1.3-28.alpha.rpm
0b85f0e0b3138ecdf01cd0bcbf18f15d 6.2/en/os/alpha/glibc-devel-2.1.3-28.alpha.rpm
e9c22cf335364a26b397769540abbbaf 6.2/en/os/alpha/glibc-profile-2.1.3-28.alpha.rpm
c03a7ec95d367074bb511407323b0225 6.2/en/os/alpha/nscd-2.1.3-28.alpha.rpm
60dd8a722a6356a303da8e9f7b9d69ed 6.2/en/os/i386/glibc-2.1.3-28.i386.rpm
6c18ceb25365761f1b9c8f0a0080e696 6.2/en/os/i386/glibc-devel-2.1.3-28.i386.rpm
ba1a8c76d4f7caa53a4a7dc62e840ad2 6.2/en/os/i386/glibc-profile-2.1.3-28.i386.rpm
7e322c41b89b4a769393c5f11024c959 6.2/en/os/i386/nscd-2.1.3-28.i386.rpm
7418ba95b213cd7fcf19fc09cf76605f 6.2/en/os/sparc/glibc-2.1.3-28.sparc.rpm
01b589a9b3a4e09ea988ece90a2296c6 6.2/en/os/sparc/glibc-devel-2.1.3-28.sparc.rpm
2a0c90b3b5722da24a618e1ce2bfe2df 6.2/en/os/sparc/glibc-profile-2.1.3-28.sparc.rpm
8b8a85fa1a19766491740a221d6e1bc5 6.2/en/os/sparc/nscd-2.1.3-28.sparc.rpm
efc4db25f9fe9b5fa7e9f96c85100ac0 6.2/en/os/sparcv9/glibc-2.1.3-28.sparcv9.rpm
aff33cd665fae333c81ea6d563590f44 7.0/en/os/SRPMS/glibc-2.2.4-18.7.0.8.src.rpm
78ca07577d9d808c26d78ef14b0a55aa 7.0/en/os/alpha/glibc-2.2.4-18.7.0.8.alpha.rpm
3bba5726623b9c032fe1428d9d6a7629 7.0/en/os/alpha/glibc-common-2.2.4-18.7.0.8.alpha.rpm
61e72d9da7224e9dd524822e91c87277 7.0/en/os/alpha/glibc-devel-2.2.4-18.7.0.8.alpha.rpm
4144c1872eb0972a40871255ea89c635 7.0/en/os/alpha/glibc-profile-2.2.4-18.7.0.8.alpha.rpm
e14c1bc6749a3c9bdef02e17372d41ad 7.0/en/os/alpha/nscd-2.2.4-18.7.0.8.alpha.rpm
94f6353c050fa59f290923abc646b3d2 7.0/en/os/alphaev6/glibc-2.2.4-18.7.0.8.alphaev6.rpm
ea58433070049d671f3b5f4e203d9338 7.0/en/os/i386/glibc-2.2.4-18.7.0.8.i386.rpm
4a58431cdb351e4e3deec2114f67b028 7.0/en/os/i386/glibc-common-2.2.4-18.7.0.8.i386.rpm
3e349a1f71ef0c48000ea5583631dc20 7.0/en/os/i386/glibc-devel-2.2.4-18.7.0.8.i386.rpm
001f8fa9f9c8bca35d0f0af49a48569d 7.0/en/os/i386/glibc-profile-2.2.4-18.7.0.8.i386.rpm
0fe541f7666962bc2026277d15f19686 7.0/en/os/i386/nscd-2.2.4-18.7.0.8.i386.rpm
d7659100582f611de380e8c447d511cb 7.0/en/os/i686/glibc-2.2.4-18.7.0.8.i686.rpm
93f5da8fdaea659c7052cd981034f000 7.1/en/os/SRPMS/glibc-2.2.4-31.src.rpm
7e914fcb9302c7e0cc0586e2ef9d96f3 7.1/en/os/alpha/glibc-2.2.4-31.alpha.rpm
c8c0cd28dd1dbfb96f3e720116e1f9c5 7.1/en/os/alpha/glibc-common-2.2.4-31.alpha.rpm
1f5c23f0951e575f9085a82686feb741 7.1/en/os/alpha/glibc-devel-2.2.4-31.alpha.rpm
8562e79e28ae22409ea6df96b47aa8c7 7.1/en/os/alpha/glibc-profile-2.2.4-31.alpha.rpm
a49cca3797b8f418169a96c8ecf5ff97 7.1/en/os/alpha/nscd-2.2.4-31.alpha.rpm
4d1edebe2f7428b37b19b3ef94d39aca 7.1/en/os/alphaev6/glibc-2.2.4-31.alphaev6.rpm
ed5a12d2eba916b92a58d8538216d2fe 7.1/en/os/i386/glibc-2.2.4-31.i386.rpm
7e45b087c1772f1dd45fc42b20b62309 7.1/en/os/i386/glibc-common-2.2.4-31.i386.rpm
25b4435bc74e97e7a64c48c3e352c562 7.1/en/os/i386/glibc-devel-2.2.4-31.i386.rpm
acddc14c428cedbba3b91b5e478b762e 7.1/en/os/i386/glibc-profile-2.2.4-31.i386.rpm
e6be96e0b11915217dcaedcf4db6e9ed 7.1/en/os/i386/nscd-2.2.4-31.i386.rpm
0ec3f0c56dca284b671ef5662e04cd35 7.1/en/os/i686/glibc-2.2.4-31.i686.rpm
a83b3035a19f0ce800894ccf0dcceb24 7.1/en/os/ia64/glibc-2.2.4-31.ia64.rpm
7f1bda1e43db315c9298ba59ba676940 7.1/en/os/ia64/glibc-common-2.2.4-31.ia64.rpm
be62314ba425a28cbe82c032ed71376b 7.1/en/os/ia64/glibc-devel-2.2.4-31.ia64.rpm
d031b71272bf6ba6376ef35fa85dfbc5 7.1/en/os/ia64/glibc-profile-2.2.4-31.ia64.rpm
db1adfb98f185007ca3af87334e86ce1 7.1/en/os/ia64/nscd-2.2.4-31.ia64.rpm
93f5da8fdaea659c7052cd981034f000 7.2/en/os/SRPMS/glibc-2.2.4-31.src.rpm
ed5a12d2eba916b92a58d8538216d2fe 7.2/en/os/i386/glibc-2.2.4-31.i386.rpm
7e45b087c1772f1dd45fc42b20b62309 7.2/en/os/i386/glibc-common-2.2.4-31.i386.rpm
25b4435bc74e97e7a64c48c3e352c562 7.2/en/os/i386/glibc-devel-2.2.4-31.i386.rpm
acddc14c428cedbba3b91b5e478b762e 7.2/en/os/i386/glibc-profile-2.2.4-31.i386.rpm
e6be96e0b11915217dcaedcf4db6e9ed 7.2/en/os/i386/nscd-2.2.4-31.i386.rpm
0ec3f0c56dca284b671ef5662e04cd35 7.2/en/os/i686/glibc-2.2.4-31.i686.rpm
a83b3035a19f0ce800894ccf0dcceb24 7.2/en/os/ia64/glibc-2.2.4-31.ia64.rpm
7f1bda1e43db315c9298ba59ba676940 7.2/en/os/ia64/glibc-common-2.2.4-31.ia64.rpm
be62314ba425a28cbe82c032ed71376b 7.2/en/os/ia64/glibc-devel-2.2.4-31.ia64.rpm
d031b71272bf6ba6376ef35fa85dfbc5 7.2/en/os/ia64/glibc-profile-2.2.4-31.ia64.rpm
db1adfb98f185007ca3af87334e86ce1 7.2/en/os/ia64/nscd-2.2.4-31.ia64.rpm
6265863572fb3e7a1b486eca6596592f 7.3/en/os/SRPMS/glibc-2.2.5-42.src.rpm
4750678e10a0aefab9430fe2a5712fdc 7.3/en/os/i386/glibc-2.2.5-42.i386.rpm
8bd67044b7e03f7f289fdf79bc7319f3 7.3/en/os/i386/glibc-common-2.2.5-42.i386.rpm
5a6657acde4fa1898d0bb99dc3ec8490 7.3/en/os/i386/glibc-debug-2.2.5-42.i386.rpm
85d826d4a5bcb1b32b37dddcbd41aa91 7.3/en/os/i386/glibc-debug-static-2.2.5-42.i386.rpm
a7aacd713dac9b63bcb9f2ff3cac5661 7.3/en/os/i386/glibc-devel-2.2.5-42.i386.rpm
ab5f10edc78d202d94c11b3d5fcf6503 7.3/en/os/i386/glibc-profile-2.2.5-42.i386.rpm
2c86e5649ce5497316a524a47297e3b7 7.3/en/os/i386/glibc-utils-2.2.5-42.i386.rpm
a50db12732df7218df84db14d56731a3 7.3/en/os/i386/nscd-2.2.5-42.i386.rpm
af653b45403a81d59fca747f6af03b1f 7.3/en/os/i686/glibc-2.2.5-42.i686.rpm
335b38bdca65cf56dd0fd80fbad84510 7.3/en/os/i686/glibc-debug-2.2.5-42.i686.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key
is available at:
http://www.redhat.com/about/contact/pgpkey.html
You can verify each package with the following command:
rpm --checksig -v <filename>
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
md5sum <filename>
8. References:
http://www.kb.cert.org/vuls/id/738331
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1146
Copyright(c) 2000, 2001, 2002 Red Hat, Inc.
------- End of Forwarded Message