glibc-2.17-292.el7
エラータID: AXSA:2019-4313:05
リリース日:
2019/09/19 Thursday - 10:58
題名:
glibc-2.17-292.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- glibcには、getaddrinfo関数に空白や任意の文字列が続く IPv4アドレスのパース
に成功してしまうため、アプリケーションに誤って正しい文字列だと想定させてし
まう脆弱性があります。(CVE-2016-10739)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-10739
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.
追加情報:
N/A
ダウンロード:
SRPMS
- glibc-2.17-292.el7.src.rpm
MD5: d69440d1aa1c02159a2268515ba1cfdc
SHA-256: ed98276c4e56afb7ec55c4d1110505cb2bb9aac9bdd122701995040a5e210fa2
Size: 25.13 MB
Asianux Server 7 for x86_64
- glibc-2.17-292.el7.x86_64.rpm
MD5: 5c542bd9807be8a4c558cad8b13637af
SHA-256: 7f09786f9fb357af232fb36521f5edda73a2a8ce914a1d1cd702012f20a12462
Size: 3.63 MB - glibc-common-2.17-292.el7.x86_64.rpm
MD5: 91d00691d69b5b6b8d5b8888b0f56bf8
SHA-256: ee52fff7b56444fc23b2ff7c0030d560e01f8c371e304ed7619ff6bb17ef3cd9
Size: 11.49 MB - glibc-devel-2.17-292.el7.x86_64.rpm
MD5: 63c23f15a661753095ee0c573fbbc65d
SHA-256: fff916b9dfbb86067f7234e9b2354e73ea86eff104b2a1a7e021dc5b2bd9ea68
Size: 1.07 MB - glibc-headers-2.17-292.el7.x86_64.rpm
MD5: 4fcbaa6c99211a8a30af50201eb458ec
SHA-256: 17f414068c29a63b3fb7e5dfaf8bfa17d368e37606e4f6f8b6b876741e15405d
Size: 685.93 kB - glibc-utils-2.17-292.el7.x86_64.rpm
MD5: db110d5ad96da2117c8199c99d9fe85b
SHA-256: 05752b989881021e653ab6550eb088b8d828e1b7abbef0b1105b7d02986e2f2c
Size: 224.50 kB - nscd-2.17-292.el7.x86_64.rpm
MD5: 2829e1ddd377991cd5585d37b29101e7
SHA-256: c3f8345a7fd95d6be68a4b79f32485df9c0b04247a6852170133914888d52130
Size: 283.96 kB - glibc-2.17-292.el7.i686.rpm
MD5: 332af8946e83df232e1315a3de413c85
SHA-256: e135424010159489023598d8ce2cd9ad1ae68a40d2f4dcce3abb0ce6ec6307ee
Size: 4.25 MB - glibc-devel-2.17-292.el7.i686.rpm
MD5: cf5af6db605c772572f0c73d7578b02d
SHA-256: e9ff855bac34a6722ae3dc35d4d1163af0f93a4f52e1fd65f46e2704b8fe6049
Size: 1.07 MB
English