Linux Today: Linux News On Internet Time.

More on LinuxToday

Trustix Secure Linux Advisor: glibc

Dec 21, 2001, 06:58 (0 Talkback[s])

WEBINAR: On-demand Event

Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >

From:   Trustix Secure Linux Advisor 
Subject:        TSLSA-2001-0029 - glibc
Date:   20 Dec 2001 15:19:48 +0100      

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2001-0029

Package name:      glibc
Severity:          Buffer overflow
Date:              2001-12-19
Affected versions: TSL 1.01, 1.1, 1.2, 1.5

- --------------------------------------------------------------------------

Problem description:
  There is a problem in the glob(3) function of the Glibc library which
  allows for exploitation of programs that pass user supplied input
  directly to it.

  We recommend that all systems with this package installed are upgraded.

  All TSL updates are available from

Automatic updates:
  Users of the SWUP tool, can enjoy having updates automatically
  installed using 'swup --upgrade'.

  Get SWUP from:

  Check out our mailing lists:

  This advisory along with all TSL packages are signed with the TSL sign key.
  This key available from:

  The advisory itself is available from the errata pages at and
  or directly at

MD5sums of the packages:
- --------------------------------------------------------------------------
b09da93d8c0aaa3ea05f96eac0670f4b  ./1.5/SRPMS/glibc-2.1.3-16tr.src.rpm
066333d08effaf470bd34d7eed678bc0  ./1.5/RPMS/glibc-profile-2.1.3-16tr.i586.rpm
9978d2532b03f429b7d60608d7998416  ./1.5/RPMS/glibc-devel-2.1.3-16tr.i586.rpm
24bfe2e19232744126c321534a120aa5  ./1.5/RPMS/glibc-2.1.3-16tr.i586.rpm
b09da93d8c0aaa3ea05f96eac0670f4b  ./1.2/SRPMS/glibc-2.1.3-16tr.src.rpm
e1b3655cb6f93f5c9e20a233f3872a1e  ./1.2/RPMS/glibc-profile-2.1.3-16tr.i586.rpm
91ab7db274ed981e88c75f76debb8a97  ./1.2/RPMS/glibc-devel-2.1.3-16tr.i586.rpm
152ebaee28c79a11205e80f2dd7335cd  ./1.2/RPMS/glibc-2.1.3-16tr.i586.rpm
b09da93d8c0aaa3ea05f96eac0670f4b  ./1.1/SRPMS/glibc-2.1.3-16tr.src.rpm
185918341e54d62746496b46abfc87b2  ./1.1/RPMS/glibc-profile-2.1.3-16tr.i586.rpm
4e4c5f29e794e040eb55ad04c20d7d63  ./1.1/RPMS/glibc-devel-2.1.3-16tr.i586.rpm
9f3bddc70339a87f5f47bf8ac04ef253  ./1.1/RPMS/glibc-2.1.3-16tr.i586.rpm
- --------------------------------------------------------------------------

Trustix Security Team