glibc-2.5-81.7.0.1.AXS3
エラータID: AXSA:2012-928:05
リリース日:
2012/09/26 Wednesday - 12:13
題名:
glibc-2.5-81.7.0.1.AXS3
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Bug Fix]
- 非デフォルトの丸めモードでいくつかの数学関数 (exp、exp2、expf、exp2f、pow、sin、tan、rint) が使用されるとき、数学関数の論理エラーがアプリケーションをクラッシュさせる可能性のある問題を修正しました。
[Security Fix]
- GNU C Library の stdlib の (1) strtod、(2) strtof、(3) strtold、(4) strtod_l、またはその他の不特定の "related 関数" には、整数オーバーフローの脆弱性が存在します。(CVE-2012-3480)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2012-3480
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
Multiple integer overflows in the (1) strtod, (2) strtof, (3) strtold, (4) strtod_l, and other unspecified "related functions" in stdlib in GNU C Library (aka glibc or libc6) 2.16 allow local users to cause a denial of service (application crash) and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow.
追加情報:
N/A
ダウンロード:
SRPMS
- glibc-2.5-81.7.0.1.AXS3.src.rpm
MD5: 6b7a7cfdae4fa0cdbcfd8ce91d703381
SHA-256: 2dd4940afcaef327e6acaec0cd34569628277602425cf9d47d33ec3dde88b9c4
Size: 15.85 MB
Asianux Server 3 for x86
- glibc-2.5-81.7.0.1.AXS3.i386.rpm
MD5: 1210d9bf28b84f7b1f9e9d1b6bc02784
SHA-256: 8704d3b8a2d79b23f3c5125654c28993c50603ced96c6355e849855e1eb60e45
Size: 4.51 MB - glibc-2.5-81.7.0.1.AXS3.i686.rpm
MD5: df517898b653939734fe81cdfbc4e731
SHA-256: 61e462379e881bfc0d201a3501099375c06e46026631cca58b5f893cf6088ebd
Size: 5.38 MB - glibc-common-2.5-81.7.0.1.AXS3.i386.rpm
MD5: 7ad1dd62a3d7863283c93006a9a8267e
SHA-256: f218fa571440530b93e451ea1396f8691e7902589ac0b897d2ce04b8c45f0d1b
Size: 16.82 MB - glibc-devel-2.5-81.7.0.1.AXS3.i386.rpm
MD5: e3b4f8b08649f9cfc0b76c313c9771f9
SHA-256: a89f2ab0ba224ed9533b3ddd7cf4707853283668ab8904a48d6bde2d4055f831
Size: 2.06 MB - glibc-headers-2.5-81.7.0.1.AXS3.i386.rpm
MD5: 074e20f4f4cfff327a6cfdc09d50d42e
SHA-256: 62baaa8a030bcc1409f36307c815829aa7f231a9a0096b56a28391a4ed6a487e
Size: 617.61 kB - glibc-utils-2.5-81.7.0.1.AXS3.i386.rpm
MD5: daaf0031fd5f49b1cbe748b6ad17bf2b
SHA-256: aa73ecec01120ff8829229563bcf5e498eca8dd27ec58285cf7816dd29ed300a
Size: 136.59 kB - nscd-2.5-81.7.0.1.AXS3.i386.rpm
MD5: 7ac2aead9d9177ebe1419276de26175c
SHA-256: 164b06b7aeee72172c237939215917bc4779e75b54660af24c414c4526acd545
Size: 173.07 kB
Asianux Server 3 for x86_64
- glibc-2.5-81.7.0.1.AXS3.x86_64.rpm
MD5: 619699cb476a39c3852c18d29cad13d9
SHA-256: d5298cb22720c7150457508afcba02d98cf955834b4f2044fd80e09766e79069
Size: 4.78 MB - glibc-common-2.5-81.7.0.1.AXS3.x86_64.rpm
MD5: c55d2d01944bb01794d4a6cfce80deae
SHA-256: 814c72ac84d8775a1dc3e053a8c4768f9d050be95c596acef29714a605099155
Size: 16.84 MB - glibc-devel-2.5-81.7.0.1.AXS3.x86_64.rpm
MD5: 8ebe19f8ce804508a7d1a40a2da71d6e
SHA-256: 216452662335309401b023138f4f291322228ab20c26f8558578dd724e81220e
Size: 2.42 MB - glibc-headers-2.5-81.7.0.1.AXS3.x86_64.rpm
MD5: 3ca105effc916af9e07341ada64446de
SHA-256: 20f43cffed3b49dc6c3307025b35419029aeb3601964b6a20bb8230e34872cf4
Size: 608.05 kB - glibc-utils-2.5-81.7.0.1.AXS3.x86_64.rpm
MD5: 8051335f867d32e36bf5e73819361a41
SHA-256: 13538d1dce1c8ae68da957ebe973e0102976fa8f8250d35b57a22a1fa4a8bf64
Size: 135.15 kB - nscd-2.5-81.7.0.1.AXS3.x86_64.rpm
MD5: b2fd27f2d09d1c0b017a8b10403536d3
SHA-256: 4099243660e98e387ec275786e9c40548d362fc7777a868a8f810c01400f2294
Size: 173.12 kB