[slackware-security] glibc (SSA:2014-296-01)

[slackware-security]  glibc (SSA:2014-296-01)

New glibc packages are available for Slackware 14.1 and -current to fix
security issues.


Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/glibc-2.17-i486-8_slack14.1.txz:  Rebuilt.
  This update fixes several security issues, and adds an extra security
  hardening patch from Florian Weimer.  Thanks to mancha for help with
  tracking and backporting patches.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4424
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4458
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0475
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040
  (* Security fix *)
patches/packages/glibc-i18n-2.
17-i486-8_slack14.1.txz:  Rebuilt.
patches/packages/glibc-profile-2.17-i486-8_slack14.1.txz:  Rebuilt.
patches/packages/glibc-solibs-2.17-i486-8_slack14.1.txz:  Rebuilt.
patches/packages/glibc-zoneinfo-2014i-noarch-1_slack14.1.txz:  Upgraded.
  Upgraded to tzcode2014i and tzdata2014i.
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-2.17-i486-8_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-i18n-2.17-i486-8_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-profile-2.17-i486-8_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-solibs-2.17-i486-8_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-zoneinfo-2014i-noarch-1_slack14.1.txz

Updated packages for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-2.17-x86_64-8_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-i18n-2.17-x86_64-8_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-profile-2.17-x86_64-8_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-solibs-2.17-x86_64-8_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-zoneinfo-2014i-noarch-1_slack14.1.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-solibs-2.20-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-zoneinfo-2014i-noarch-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-2.20-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-i18n-2.20-i486-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-profile-2.20-i486-1.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-solibs-2.20-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-zoneinfo-2014i-noarch-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-2.20-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-i18n-2.20-x86_64-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-profile-2.20-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 14.1 packages:
8995409d8ed617125649aaab14299f61  glibc-2.17-i486-8_slack14.1.txz
877bba4ad31eb68c7e7cce11f6aafd5b  glibc-i18n-2.17-i486-8_slack14.1.txz
f89a9319a1798771b26488e99f0dd1af  glibc-profile-2.17-i486-8_slack14.1.txz
d1756f2721cbb2955152c46ef5fab72e  glibc-solibs-2.17-i486-8_slack14.1.txz
c7080f6d7f309ba2905dacfa555a8115  glibc-zoneinfo-2014i-noarch-1_slack14.1.txz

Slackware x86_64 14.1 packages:
32904ee5d2a3177d621c4c6f2aa6e67f  glibc-2.17-x86_64-8_slack14.1.txz
1bb4ddd6d4043d632e78dbf3103f2f7c  glibc-i18n-2.17-x86_64-8_slack14.1.txz
e6914d464f57ea493502eea4dd40044a  glibc-profile-2.17-x86_64-8_slack14.1.txz
04562128e188daaad7fdab49756a22f2  glibc-solibs-2.17-x86_64-8_slack14.1.txz
c7080f6d7f309ba2905dacfa555a8115  glibc-zoneinfo-2014i-noarch-1_slack14.1.txz

Slackware -current packages:
f547fe51634c852ae17cb1f6c39203e1  a/glibc-solibs-2.20-i486-1.txz
c7080f6d7f309ba2905dacfa555a8115  a/glibc-zoneinfo-2014i-noarch-1.txz
f9923d8006a3c03520e93608114cb7de  l/glibc-2.20-i486-1.txz
658301364b68e79d53acb607cd399504  l/glibc-i18n-2.20-i486-1.txz
d03947abf3d4be41f7bfb0a71bd29f35  l/glibc-profile-2.20-i486-1.txz

Slackware x86_64 -current packages:
a0f46b305c27dd0c80e65cc77254bdf2  a/glibc-solibs-2.20-x86_64-1.txz
c7080f6d7f309ba2905dacfa555a8115  a/glibc-zoneinfo-2014i-noarch-1.txz
d673acf56308355713ac67ae68e6bd2b  l/glibc-2.20-x86_64-1.txz
410918dc8bf5b7a84d1bed5b6e125ee3  l/glibc-i18n-2.20-x86_64-1.txz
c023f4514cd0a672e4852986c74268e6  l/glibc-profile-2.20-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg glibc-*.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+