glibc-2.17-105.el7

エラータID: AXSA:2015-569:01

Release date: 
Thursday, November 19, 2015 - 23:18
Subject: 
glibc-2.17-105.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.

Security issues fixed with this release:

CVE-2013-7423
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc
or libc6) before 2.20 does not properly reuse file descriptors, which
allows remote attackers to send DNS queries to unintended locations
via a large number of request that trigger a call to the getaddrinfo
function.
CVE-2015-1472
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka
glibc or libc6) before 2.21 does not properly consider data-type size
during memory allocation, which allows context-dependent attackers to
cause a denial of service (buffer overflow) or possibly have
unspecified other impact via a long line containing wide characters
that are improperly handled in a wscanf call.
CVE-2015-1473
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka
glibc or libc6) before 2.21 does not properly consider data-type size
during a risk-management decision for use of the alloca function,
which might allow context-dependent attackers to cause a denial of
service (segmentation violation) or overwrite memory locations beyond
the stack boundary via a long line containing wide characters that are
improperly handled in a wscanf call.
CVE-2015-1781
Buffer overflow in the gethostbyname_r and other unspecified NSS
functions in the GNU C Library (aka glibc or libc6) before 2.22 allows
context-dependent attackers to cause a denial of service (crash) or
execute arbitrary code via a crafted DNS response, which triggers a
call with a misaligned buffer.

Fixed bugs:

These updated glibc packages also include numerous bug fixes and one enhancement.

Solution: 

Update packages.

CVEs: 
CVE-2013-7423
The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function.
CVE-2015-1472
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call.
CVE-2015-1473
The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during a risk-management decision for use of the alloca function, which might allow context-dependent attackers to cause a denial of service (segmentation violation) or overwrite memory locations beyond the stack boundary via a long line containing wide characters that are improperly handled in a wscanf call.
CVE-2015-1781
Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.
Additional Info: 

N/A

Download: 

SRPMS
  1. glibc-2.17-105.el7.src.rpm
    MD5: 9ed8e42e10dddef06a781c8a9a075b26
    SHA-256: 2086754f65e73d35a4558489012bdf7134752a37920a587fc78baea1eab76ffa
    Size: 23.07 MB

Asianux Server 7 for x86_64
  1. glibc-2.17-105.el7.x86_64.rpm
    MD5: 1e9695518004ec47cfdc8fed585ca44b
    SHA-256: b3f41ce3e1f123d7042cb04f8d73a020b084641a99896a68ad54dfa55359b572
    Size: 3.58 MB
  2. glibc-common-2.17-105.el7.x86_64.rpm
    MD5: a08465d32df1033d418d039ca514e53d
    SHA-256: 920be023b851c40b8f7d01593d2f23d971093941c1075e75a6a5897a60dd7689
    Size: 11.46 MB
  3. glibc-devel-2.17-105.el7.x86_64.rpm
    MD5: 95cde8c60d24b32ca5aed6806529b5dc
    SHA-256: ddd051f2f60abb87334e1b190dcd180e2f8b18d0a32c540cd1097bc98d0cadb6
    Size: 1.05 MB
  4. glibc-headers-2.17-105.el7.x86_64.rpm
    MD5: 9fd6c64d0348c34972264ecb05b58d85
    SHA-256: a247e592e556bd3e4ea10d80582b96bf6ec80005e1ca6f23878a15901aace8b6
    Size: 660.01 kB
  5. glibc-utils-2.17-105.el7.x86_64.rpm
    MD5: e034f5907d17e80d9e23067561c2a4b6
    SHA-256: 6583e7fc9954b56faa7a2b7e98300302d18456032e5a52c66b526d2d33ce1db0
    Size: 200.63 kB
  6. nscd-2.17-105.el7.x86_64.rpm
    MD5: fa012795725d8c625967a079f18dd491
    SHA-256: d95520f3641d176ae1c4d90b05936cb394d403163cef4507c52332db0cc3d1f1
    Size: 259.11 kB
  7. glibc-2.17-105.el7.i686.rpm
    MD5: 6f79e23efd302837a04c022dca80b503
    SHA-256: 5fe1f88e76d211f7fcae5731c84e19cd91e79afa89f78fcb97ec91f7739ed417
    Size: 4.18 MB
  8. glibc-devel-2.17-105.el7.i686.rpm
    MD5: 2e782a6f9fe5c950a3abf3e6c318a2e0
    SHA-256: 002576c200c4208048a342820539088a8313143b3ab4de98e469bb5ce63b772e
    Size: 1.05 MB