2015 m. sausio 29 d., ketvirtadienis

[slackware-security] glibc (SSA:2015-028-01)

[slackware-security]  glibc (SSA:2015-028-01)

New glibc packages are available for Slackware 13.0, 13.1, 13.37, 14.0,
and 14.1 to fix a security issue.


Here are the details from the Slackware 14.1 ChangeLog:
+--------------------------+
patches/packages/glibc-2.17-i486-10_slack14.1.txz:  Rebuilt.
  This update patches a security issue __nss_hostname_digits_dots() function
  of glibc which may be triggered through the gethostbyname*() set of
  functions.  This flaw could allow local or remote attackers to take control
  of a machine running a vulnerable version of glibc.  Thanks to Qualys for
  discovering this issue (also known as the GHOST vulnerability.)
  For more information, see:
    https://www.qualys.com/research/security-advisories/GHOST-CVE-2015-0235.txt
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
  (* Security fix *)
patches/packages/glibc-i18n-2.
17-i486-10_slack14.1.txz:  Rebuilt.
patches/packages/glibc-profile-2.17-i486-10_slack14.1.txz:  Rebuilt.
patches/packages/glibc-solibs-2.17-i486-10_slack14.1.txz:  Rebuilt.
patches/packages/glibc-zoneinfo-2014j-noarch-1.txz:  Upgraded.
  Upgraded to tzcode2014j and tzdata2014j.
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated packages for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-2.9-i486-7_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-i18n-2.9-i486-7_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-profile-2.9-i486-7_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-solibs-2.9-i486-7_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-2.9-x86_64-7_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-i18n-2.9-x86_64-7_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-profile-2.9-x86_64-7_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-solibs-2.9-x86_64-7_slack13.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-2.11.1-i486-9_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-i18n-2.11.1-i486-9_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-profile-2.11.1-i486-9_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-solibs-2.11.1-i486-9_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-2.11.1-x86_64-9_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-i18n-2.11.1-x86_64-9_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-profile-2.11.1-x86_64-9_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-solibs-2.11.1-x86_64-9_slack13.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-2.13-i486-8_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-i18n-2.13-i486-8_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-profile-2.13-i486-8_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-solibs-2.13-i486-8_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-2.13-x86_64-8_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-i18n-2.13-x86_64-8_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-profile-2.13-x86_64-8_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-solibs-2.13-x86_64-8_slack13.37.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-2.15-i486-9_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-i18n-2.15-i486-9_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-profile-2.15-i486-9_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-solibs-2.15-i486-9_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-2.15-x86_64-9_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-i18n-2.15-x86_64-9_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-profile-2.15-x86_64-9_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-solibs-2.15-x86_64-9_slack14.0.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-2.17-i486-10_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-i18n-2.17-i486-10_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-profile-2.17-i486-10_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-solibs-2.17-i486-10_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-2.17-x86_64-10_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-i18n-2.17-x86_64-10_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-profile-2.17-x86_64-10_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-solibs-2.17-x86_64-10_slack14.1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/glibc-zoneinfo-2014j-noarch-1.txz

Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-solibs-2.20-i486-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/glibc-zoneinfo-2014j-noarch-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-2.20-i486-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-i18n-2.20-i486-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/glibc-profile-2.20-i486-2.txz

Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-solibs-2.20-x86_64-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/glibc-zoneinfo-2014j-noarch-1.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-2.20-x86_64-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-i18n-2.20-x86_64-2.txz
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/glibc-profile-2.20-x86_64-2.txz


MD5 signatures:
+-------------+

Slackware 13.0 packages:
41402c65ebdef4b022c799131556ef7e  glibc-2.9-i486-7_slack13.0.txz
7095e3cd743af0179ea14b9bff81e3f4  glibc-i18n-2.9-i486-7_slack13.0.txz
901d50b809ed84837ff45b2ca7838bb3  glibc-profile-2.9-i486-7_slack13.0.txz
421a711b7cf1be2df2421ae5cd50b217  glibc-solibs-2.9-i486-7_slack13.0.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware x86_64 13.0 packages:
d4266628a8db63751f3f55b8bc2e2162  glibc-2.9-x86_64-7_slack13.0.txz
b6161a0e23da771c5c6903605e49e403  glibc-i18n-2.9-x86_64-7_slack13.0.txz
b8026d61e3849cce26539def0b665ca3  glibc-profile-2.9-x86_64-7_slack13.0.txz
1f7f4cf57d44d75d4ef2786152f33403  glibc-solibs-2.9-x86_64-7_slack13.0.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware 13.1 packages:
03e0d0224efe8bc794b5be0454612a1e  glibc-2.11.1-i486-9_slack13.1.txz
fabbdd8d7f14667c7a2dc7ede87b5510  glibc-i18n-2.11.1-i486-9_slack13.1.txz
1c1d86a9dabe329c3d30796188b66ebe  glibc-profile-2.11.1-i486-9_slack13.1.txz
e2ebe08bb02550c69202a6f973ef7e47  glibc-solibs-2.11.1-i486-9_slack13.1.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware x86_64 13.1 packages:
c00de492a4842e3a86101028e8cc03f0  glibc-2.11.1-x86_64-9_slack13.1.txz
9657c55f39b233333e48d08acee9ed78  glibc-i18n-2.11.1-x86_64-9_slack13.1.txz
ada2d7f7b7ffdfd7a4407696ad714e48  glibc-profile-2.11.1-x86_64-9_slack13.1.txz
b3c393e74aafbb5276cea1217dfcd1aa  glibc-solibs-2.11.1-x86_64-9_slack13.1.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware 13.37 packages:
16615e6ef8311b928e3a05e0b7f3e505  glibc-2.13-i486-8_slack13.37.txz
319dfc0cbdaf8410981195fffb1371c6  glibc-i18n-2.13-i486-8_slack13.37.txz
6964339495ab981d17ba27cd5878a400  glibc-profile-2.13-i486-8_slack13.37.txz
1834abd11fab02725e897040bbead56f  glibc-solibs-2.13-i486-8_slack13.37.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware x86_64 13.37 packages:
1753003d261831ac235445e23a9f9870  glibc-2.13-x86_64-8_slack13.37.txz
8aa103984bb2cb293072a022dd9144f2  glibc-i18n-2.13-x86_64-8_slack13.37.txz
a56e90a34eec8f60e265c45d05490a57  glibc-profile-2.13-x86_64-8_slack13.37.txz
c6f684ea049e4091b96d15606eb454d1  glibc-solibs-2.13-x86_64-8_slack13.37.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware 14.0 packages:
a2fadb666bfdf5c7c4c9792cbf34785d  glibc-2.15-i486-9_slack14.0.txz
3b3626f4a170a603af36ca60c7840fa6  glibc-i18n-2.15-i486-9_slack14.0.txz
ad237d138bb874e57c4080071d27e798  glibc-profile-2.15-i486-9_slack14.0.txz
f07d37e52014cec80e43d883eda516ae  glibc-solibs-2.15-i486-9_slack14.0.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware x86_64 14.0 packages:
a5d02d71a230b6daa39d2ebefd8a6548  glibc-2.15-x86_64-9_slack14.0.txz
62c30b615e38ba63cafb8053383eabde  glibc-i18n-2.15-x86_64-9_slack14.0.txz
152d094ab6bc4c7f763dd4ad1a53784c  glibc-profile-2.15-x86_64-9_slack14.0.txz
b256163bb179d1aebfda5f45270a0580  glibc-solibs-2.15-x86_64-9_slack14.0.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware 14.1 packages:
8f2fb91bb39d8a1db3bd6510295e6b1e  glibc-2.17-i486-10_slack14.1.txz
8d179820a827a4dce028b57d3fa39237  glibc-i18n-2.17-i486-10_slack14.1.txz
19a4824c6ff8792a1166a38ceff824e0  glibc-profile-2.17-i486-10_slack14.1.txz
417dede2ae464059002b6fcc2048f942  glibc-solibs-2.17-i486-10_slack14.1.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware x86_64 14.1 packages:
490ce11a13439e30ff312769cc4fabb1  glibc-2.17-x86_64-10_slack14.1.txz
cd145e0d6a12b15d5282d7d1b3de92ed  glibc-i18n-2.17-x86_64-10_slack14.1.txz
93aea777dd41dc1c631dce1cf252bf14  glibc-profile-2.17-x86_64-10_slack14.1.txz
6b759039a5b3f8c88b3753e722ded78e  glibc-solibs-2.17-x86_64-10_slack14.1.txz
61278ba5a904a7474e9b0b64b0daab97  glibc-zoneinfo-2014j-noarch-1.txz

Slackware -current packages:
395d4ad5fb71c4a56a500c3e51d07c8b  a/glibc-solibs-2.20-i486-2.txz
61278ba5a904a7474e9b0b64b0daab97  a/glibc-zoneinfo-2014j-noarch-1.txz
3ca2827446e66d0d2d0e0bc8c55ba1ed  l/glibc-2.20-i486-2.txz
94105b1a10c42ce0995f8ace6b4f06a8  l/glibc-i18n-2.20-i486-2.txz
fcc2ad4f5aad3a7d704d708a170c5351  l/glibc-profile-2.20-i486-2.txz

Slackware x86_64 -current packages:
25129dd9dfed8a8e834c87ba40c1ef17  a/glibc-solibs-2.20-x86_64-2.txz
61278ba5a904a7474e9b0b64b0daab97  a/glibc-zoneinfo-2014j-noarch-1.txz
b8ff5e308769d8e4eddccd9940058d5c  l/glibc-2.20-x86_64-2.txz
8c3db9286aa93346d25ffad38178137b  l/glibc-i18n-2.20-x86_64-2.txz
21f2a62d975b433f570cd5129cdc21fb  l/glibc-profile-2.20-x86_64-2.txz


Installation instructions:
+------------------------+

Upgrade the packages as root:
# upgradepkg glibc-*


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
Pranešimą parašė ties

Komentarų nėra:

Rašyti komentarą

Užsisakykite: Rašyti komentarus (Atom)