Fedora Legacy Test Update Notification: glibc

Fri Oct 1 09:11:39 UTC 2004

Please test these packages and report to bugzilla. Note these packages are
for Redhat 7.3.

---------------------------------------------------------------------
Fedora Test Update Notification
FEDORALEGACY-2004-1947
Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1947
2004-10-01
---------------------------------------------------------------------

Name        : glibc
Version     : 2.2.5-44.legacy.2
Summary     : The GNU libc libraries.
Description :
The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.

---------------------------------------------------------------------
Update Information:

A security audit of glibc revealed a flaw in the resolver library which
was originally reported as affecting versions of ISC BIND 4.9. This flaw
also applied to glibc versions before 2.3.2. An attacker who is able to
send DNS responses (perhaps by creating a malicious DNS server) could
remotely exploit this vulnerability to execute arbitrary code or cause a
denial of service. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2002-0029 to this issue.

---------------------------------------------------------------------
Changelog:

* Thu Sep 30 2004 Dominic Hargreaves <dom at earth.li>

- BuildRequires on texinfo, gettext

* Thu Aug 12 2004 Dave Botsch <dwb7 at ccmr.cornell.edu>

- Added legacy keyword
- Fix CAN-2002-0029 (getnetby{name,addr} buffer overflow)
- Uses Michal Jaegermann's rediffed patch from AS2.1

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedoralegacy.org/redhat/

08c9c6aa0cebb8d0ed280dfd3369375bc0fdd0f2  7.3/updates-testing/SRPMS/glibc-2.2.5-44.legacy.2.src.rpm
2abf89e74a49b8dcb5f3f628ea66b18950df3948  7.3/updates-testing/i386/glibc-2.2.5-44.legacy.2.i386.rpm
71341d10531371a5b428ec2c852f1c765d3d9025  7.3/updates-testing/i386/glibc-common-2.2.5-44.legacy.2.i386.rpm
5040054be5f8a5724576134053a70f9d07980f70  7.3/updates-testing/i386/glibc-debug-2.2.5-44.legacy.2.i386.rpm
2c90103b45117d01671ee3f84fdc4ac313eab41b  7.3/updates-testing/i386/glibc-debug-static-2.2.5-44.legacy.2.i386.rpm
0f2743f0034390ca656fb541c5d2af2fa3165cf6  7.3/updates-testing/i386/glibc-devel-2.2.5-44.legacy.2.i386.rpm
07cdc5b3865438f6980607c4dfb3c21b6bbc2d28  7.3/updates-testing/i386/glibc-profile-2.2.5-44.legacy.2.i386.rpm
81f0ed02459debffaadc02214efd0911a05b0028  7.3/updates-testing/i386/glibc-utils-2.2.5-44.legacy.2.i386.rpm
35c609e2d824d67fe7b4f3286fed60f9900f7adb  7.3/updates-testing/i386/nscd-2.2.5-44.legacy.2.i386.rpm

Please note that this update is also available via yum and apt through the 
updates-testing channel.  Many people find this an easier way to apply 
updates.
---------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20041001/5fe007fa/attachment.sig>