---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2003-002
2003-11-12
---------------------------------------------------------------------
Name : glibc
Version : 2.3.2
Release : 101.1
Summary : The GNU libc libraries.
Description :
The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function.
---------------------------------------------------------------------
Update Information:
Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0859 to this issue.
In addition to this this update fixes a couple of bugs.
---------------------------------------------------------------------
* Tue Nov 11 2003 Jakub Jelinek 2.3.2-101.1
- fix getifaddrs (CAN-2003-0859)
- fix ftw fd leak
- fix linuxthreads sigaction (#108634)
- fix glibc 2.0 stdio compatibility
- fix uselocale (LC_GLOBAL_LOCALE)
- speed up stdio locking in non-threaded programs on IA-32
- try to maintain correct order of cleanups between those
registered with __attribute__((cleanup))
and with LinuxThreads style pthread_cleanup_push/pop (#108631)
- fix segfault in regex (#109606)
- fix RE_ICASE multi-byte handling in regex
- fix pthread_exit in libpthread.a (#109790)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
SRPMS/glibc-2.3.2-101.1.src.rpm
md5 sum: 1483328d54230ea11f724b4b021280ae
i386/glibc-2.3.2-101.1.i386.rpm
md5 sum: b0aab097f56a54825ce4112635e2a707
i386/glibc-devel-2.3.2-101.1.i386.rpm
md5 sum: 9e35df2b5b6d07c08f39454416bc3d29
i386/glibc-headers-2.3.2-101.1.i386.rpm
md5 sum: 73f7009a6fdea1351f68c3f586537c8c
i386/glibc-profile-2.3.2-101.1.i386.rpm
md5 sum: 19bc0ab1772dec22b1a2de78d7a629b4
i386/glibc-common-2.3.2-101.1.i386.rpm
md5 sum: bf9b0099d30bd50ffc4df7672e86c3c9
i386/nscd-2.3.2-101.1.i386.rpm
md5 sum: efc6a72b3a31239c62e9b3fd79d020d8
i386/glibc-debug-2.3.2-101.1.i386.rpm
md5 sum: 0f635a429c9d08f68c7522ede4898b66
i386/glibc-utils-2.3.2-101.1.i386.rpm
md5 sum: b6bcbe59119165a0c0dc275cb5770731
i386/debug/glibc-debuginfo-2.3.2-101.1.i386.rpm
md5 sum: 35eb4d756266924111989ed0c803cdf0
i386/debug/glibc-debuginfo-common-2.3.2-101.1.i386.rpm
md5 sum: fd58286e5c4b368af0d8c9b7217c8581
i386/glibc-2.3.2-101.1.i686.rpm
md5 sum: c57c52f91308bf84ec7213264ce47869
i386/nptl-devel-2.3.2-101.1.i686.rpm
md5 sum: 0198a5e9c6ce75008a90068895ef1f7e
i386/debug/glibc-debuginfo-2.3.2-101.1.i686.rpm
md5 sum: 5a922d6518e19878b88612a8a56f6d4c
This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.
Fedora Test Update Notification
FEDORA-2003-002
2003-11-12
---------------------------------------------------------------------
Name : glibc
Version : 2.3.2
Release : 101.1
Summary : The GNU libc libraries.
Description :
The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function.
---------------------------------------------------------------------
Update Information:
Herbert Xu reported that various applications can accept spoofed messages sent on the kernel netlink interface by other users on the local machine. This could lead to a local denial of service attack. The glibc function getifaddrs uses netlink and could therefore be vulnerable to this issue. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0859 to this issue.
In addition to this this update fixes a couple of bugs.
---------------------------------------------------------------------
* Tue Nov 11 2003 Jakub Jelinek 2.3.2-101.1
- fix getifaddrs (CAN-2003-0859)
- fix ftw fd leak
- fix linuxthreads sigaction (#108634)
- fix glibc 2.0 stdio compatibility
- fix uselocale (LC_GLOBAL_LOCALE)
- speed up stdio locking in non-threaded programs on IA-32
- try to maintain correct order of cleanups between those
registered with __attribute__((cleanup))
and with LinuxThreads style pthread_cleanup_push/pop (#108631)
- fix segfault in regex (#109606)
- fix RE_ICASE multi-byte handling in regex
- fix pthread_exit in libpthread.a (#109790)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/
SRPMS/glibc-2.3.2-101.1.src.rpm
md5 sum: 1483328d54230ea11f724b4b021280ae
i386/glibc-2.3.2-101.1.i386.rpm
md5 sum: b0aab097f56a54825ce4112635e2a707
i386/glibc-devel-2.3.2-101.1.i386.rpm
md5 sum: 9e35df2b5b6d07c08f39454416bc3d29
i386/glibc-headers-2.3.2-101.1.i386.rpm
md5 sum: 73f7009a6fdea1351f68c3f586537c8c
i386/glibc-profile-2.3.2-101.1.i386.rpm
md5 sum: 19bc0ab1772dec22b1a2de78d7a629b4
i386/glibc-common-2.3.2-101.1.i386.rpm
md5 sum: bf9b0099d30bd50ffc4df7672e86c3c9
i386/nscd-2.3.2-101.1.i386.rpm
md5 sum: efc6a72b3a31239c62e9b3fd79d020d8
i386/glibc-debug-2.3.2-101.1.i386.rpm
md5 sum: 0f635a429c9d08f68c7522ede4898b66
i386/glibc-utils-2.3.2-101.1.i386.rpm
md5 sum: b6bcbe59119165a0c0dc275cb5770731
i386/debug/glibc-debuginfo-2.3.2-101.1.i386.rpm
md5 sum: 35eb4d756266924111989ed0c803cdf0
i386/debug/glibc-debuginfo-common-2.3.2-101.1.i386.rpm
md5 sum: fd58286e5c4b368af0d8c9b7217c8581
i386/glibc-2.3.2-101.1.i686.rpm
md5 sum: c57c52f91308bf84ec7213264ce47869
i386/nptl-devel-2.3.2-101.1.i686.rpm
md5 sum: 0198a5e9c6ce75008a90068895ef1f7e
i386/debug/glibc-debuginfo-2.3.2-101.1.i686.rpm
md5 sum: 5a922d6518e19878b88612a8a56f6d4c
This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.
