-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:207 http://www.mandriva.com/security/ _______________________________________________________________________ Package : glibc Date : October 20, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability in the GNU C library (glibc) was discovered which could escalate the privilegies for local users (CVE-2010-3847). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3847 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: a4d39a7e052d7566860a9808fb6facab 2009.0/i586/glibc-2.8-1.20080520.5.6mnb2.i586.rpm 421c40e60cdc3165836015e4e653abac 2009.0/i586/glibc-devel-2.8-1.20080520.5.6mnb2.i586.rpm 5036dcf4cb2a3af14c25a8ce599f3f45 2009.0/i586/glibc-doc-2.8-1.20080520.5.6mnb2.i586.rpm ef7e05f7049a35724dddf4efab8eaaa3 2009.0/i586/glibc-doc-pdf-2.8-1.20080520.5.6mnb2.i586.rpm 199d92c40f9af82609de470d29ceec0f 2009.0/i586/glibc-i18ndata-2.8-1.20080520.5.6mnb2.i586.rpm d1214e310c9a6e793128b52023613020 2009.0/i586/glibc-profile-2.8-1.20080520.5.6mnb2.i586.rpm b1f0d1ebb0cec942d9aaab22aa06bd9c 2009.0/i586/glibc-static-devel-2.8-1.20080520.5.6mnb2.i586.rpm 3b58fc6a26b3ced44437bf52d8b9d94e 2009.0/i586/glibc-utils-2.8-1.20080520.5.6mnb2.i586.rpm b4e29fcc306460dbe823b5572fca514c 2009.0/i586/nscd-2.8-1.20080520.5.6mnb2.i586.rpm 92ae0463a364c2e884d1078a3aa8b51f 2009.0/SRPMS/glibc-2.8-1.20080520.5.6mnb2.src.rpm Mandriva Linux 2009.0/X86_64: 8b5c248f35ce51d3997dd74399ba40ef 2009.0/x86_64/glibc-2.8-1.20080520.5.6mnb2.x86_64.rpm 02dba59fe2f1a2914be5eedda88a256b 2009.0/x86_64/glibc-devel-2.8-1.20080520.5.6mnb2.x86_64.rpm fd8854aa8d8f8b76d19c67d8a6f6a250 2009.0/x86_64/glibc-doc-2.8-1.20080520.5.6mnb2.x86_64.rpm 788a765c6da4f18a134213f9258735a2 2009.0/x86_64/glibc-doc-pdf-2.8-1.20080520.5.6mnb2.x86_64.rpm c47d540f6693aef1081b09891ae63273 2009.0/x86_64/glibc-i18ndata-2.8-1.20080520.5.6mnb2.x86_64.rpm d321cd114f1faa16609d7ac4af328ced 2009.0/x86_64/glibc-profile-2.8-1.20080520.5.6mnb2.x86_64.rpm ab7b888f9511ee837c841bc7fbc1309d 2009.0/x86_64/glibc-static-devel-2.8-1.20080520.5.6mnb2.x86_64.rpm 0b954036474de55d963cc61244775917 2009.0/x86_64/glibc-utils-2.8-1.20080520.5.6mnb2.x86_64.rpm 612d080403a930053d551f3f830cee70 2009.0/x86_64/nscd-2.8-1.20080520.5.6mnb2.x86_64.rpm 92ae0463a364c2e884d1078a3aa8b51f 2009.0/SRPMS/glibc-2.8-1.20080520.5.6mnb2.src.rpm Mandriva Linux 2009.1: 802b179f33340868821e566a89f3d8f1 2009.1/i586/glibc-2.9-0.20081113.5.2mnb2.i586.rpm aa1a0d9970fc4a76bf00d046d60a92a8 2009.1/i586/glibc-devel-2.9-0.20081113.5.2mnb2.i586.rpm b14abc9b6dff62c2a57928b3e3c000d7 2009.1/i586/glibc-doc-2.9-0.20081113.5.2mnb2.i586.rpm 4c9c422b2630e439acb71d27a48d0e34 2009.1/i586/glibc-doc-pdf-2.9-0.20081113.5.2mnb2.i586.rpm 888038824df50ba3139faf675b8515a6 2009.1/i586/glibc-i18ndata-2.9-0.20081113.5.2mnb2.i586.rpm 81d79610e6a14f031208583388182a5c 2009.1/i586/glibc-profile-2.9-0.20081113.5.2mnb2.i586.rpm 7ead9afd350537a5871b64477e5195b2 2009.1/i586/glibc-static-devel-2.9-0.20081113.5.2mnb2.i586.rpm 6a5d441c7cecee9d8e57f422d01875f8 2009.1/i586/glibc-utils-2.9-0.20081113.5.2mnb2.i586.rpm ea0ffbc86572d3074d402fb4a027a657 2009.1/i586/nscd-2.9-0.20081113.5.2mnb2.i586.rpm f277c949afca2e6ce6943c08e9daab2b 2009.1/SRPMS/glibc-2.9-0.20081113.5.2mnb2.src.rpm Mandriva Linux 2009.1/X86_64: 8666721c947b268a6de330ffcf956750 2009.1/x86_64/glibc-2.9-0.20081113.5.2mnb2.x86_64.rpm 29efb1f632936e0ddc2749ecf3303557 2009.1/x86_64/glibc-devel-2.9-0.20081113.5.2mnb2.x86_64.rpm 6476c89e1b2026f733a6931ac839af72 2009.1/x86_64/glibc-doc-2.9-0.20081113.5.2mnb2.x86_64.rpm 74b0fae9bad6d648e129414f2ba60067 2009.1/x86_64/glibc-doc-pdf-2.9-0.20081113.5.2mnb2.x86_64.rpm cf76a25b44f53560934b96bb397ddd06 2009.1/x86_64/glibc-i18ndata-2.9-0.20081113.5.2mnb2.x86_64.rpm a50708ae5dbce5f10b0d637df9f14072 2009.1/x86_64/glibc-profile-2.9-0.20081113.5.2mnb2.x86_64.rpm 519b1421644223a8fef671eaab928846 2009.1/x86_64/glibc-static-devel-2.9-0.20081113.5.2mnb2.x86_64.rpm 74427b0af1a1b68f3003b521a53d7d51 2009.1/x86_64/glibc-utils-2.9-0.20081113.5.2mnb2.x86_64.rpm 70f861cce4aa8674285b02dcfbc15296 2009.1/x86_64/nscd-2.9-0.20081113.5.2mnb2.x86_64.rpm f277c949afca2e6ce6943c08e9daab2b 2009.1/SRPMS/glibc-2.9-0.20081113.5.2mnb2.src.rpm Mandriva Linux 2010.0: 55f570c3ad78d91959c0797cf9f19493 2010.0/i586/glibc-2.10.1-6.6mnb2.i586.rpm 461d5c034443c9e055c7ab99acea0aaa 2010.0/i586/glibc-devel-2.10.1-6.6mnb2.i586.rpm 8bee7f5af50405191389f368db096361 2010.0/i586/glibc-doc-2.10.1-6.6mnb2.i586.rpm 4aeaad1db7b9bf1b6efaf32ead79eaed 2010.0/i586/glibc-doc-pdf-2.10.1-6.6mnb2.i586.rpm 87dddaf9c0324d953b630b2c2b869593 2010.0/i586/glibc-i18ndata-2.10.1-6.6mnb2.i586.rpm 791ccd2ed7358373129d0c3cf7512df6 2010.0/i586/glibc-profile-2.10.1-6.6mnb2.i586.rpm 585b5447d279babdf3b0cf7df8dff737 2010.0/i586/glibc-static-devel-2.10.1-6.6mnb2.i586.rpm 99edf4391f194b028f44ea096ced58f9 2010.0/i586/glibc-utils-2.10.1-6.6mnb2.i586.rpm 7d94e43fdf817318a436a05e692fe864 2010.0/i586/nscd-2.10.1-6.6mnb2.i586.rpm f1a977e3df8485f503e7d38c46c3f7cf 2010.0/SRPMS/glibc-2.10.1-6.6mnb2.src.rpm Mandriva Linux 2010.0/X86_64: 2cb370c961161662eb5fa27581a928ff 2010.0/x86_64/glibc-2.10.1-6.6mnb2.x86_64.rpm 72713d1524c4c9dfae85f8da527ab455 2010.0/x86_64/glibc-devel-2.10.1-6.6mnb2.x86_64.rpm 59d3b16e5d59efa6420504b6dc3d53f5 2010.0/x86_64/glibc-doc-2.10.1-6.6mnb2.x86_64.rpm a167dd710a5e7c8508f1c3267f60d969 2010.0/x86_64/glibc-doc-pdf-2.10.1-6.6mnb2.x86_64.rpm 2ff60593413b03bfb020aa4887c2827d 2010.0/x86_64/glibc-i18ndata-2.10.1-6.6mnb2.x86_64.rpm 4944728921be7872ce99f9aee774584a 2010.0/x86_64/glibc-profile-2.10.1-6.6mnb2.x86_64.rpm 26fedcc6e0748793084851039dea8ce2 2010.0/x86_64/glibc-static-devel-2.10.1-6.6mnb2.x86_64.rpm ec059b86df9b2b7bd96ee33efa8143c9 2010.0/x86_64/glibc-utils-2.10.1-6.6mnb2.x86_64.rpm 3a130d199bb74a3b4319bbfc4c662e5e 2010.0/x86_64/nscd-2.10.1-6.6mnb2.x86_64.rpm f1a977e3df8485f503e7d38c46c3f7cf 2010.0/SRPMS/glibc-2.10.1-6.6mnb2.src.rpm Mandriva Linux 2010.1: 9e6756f39308cb82721af9a393ad3f01 2010.1/i586/glibc-2.11.1-8.1mnb2.i586.rpm 8ff5760768bcbc3c81bec33630a67dce 2010.1/i586/glibc-devel-2.11.1-8.1mnb2.i586.rpm 012a57ec04d79c9c7256d8f745a184cb 2010.1/i586/glibc-doc-2.11.1-8.1mnb2.i586.rpm 5b0c4083b0b54c18fd57eee6c439ab87 2010.1/i586/glibc-doc-pdf-2.11.1-8.1mnb2.i586.rpm 9c58502b4b44006bb9dd53e494997752 2010.1/i586/glibc-i18ndata-2.11.1-8.1mnb2.i586.rpm 600e1e8c29eefda204819b116aab3909 2010.1/i586/glibc-profile-2.11.1-8.1mnb2.i586.rpm 0151ba3a9db9d74a1f5ab4acba3bdffd 2010.1/i586/glibc-static-devel-2.11.1-8.1mnb2.i586.rpm e03bd5ee69c0c27e7e55f03e757ad240 2010.1/i586/glibc-utils-2.11.1-8.1mnb2.i586.rpm 38d9f77971ae3e663d4177939cf3e26c 2010.1/i586/nscd-2.11.1-8.1mnb2.i586.rpm 3f6685b949eb1b75efe40e4c492da5b2 2010.1/SRPMS/glibc-2.11.1-8.1mnb2.src.rpm Mandriva Linux 2010.1/X86_64: 3fb2d4ba03ea05fbf383bce9c918fb9f 2010.1/x86_64/glibc-2.11.1-8.1mnb2.x86_64.rpm fd6760dcfd7d0415db153b1a20efe7cd 2010.1/x86_64/glibc-devel-2.11.1-8.1mnb2.x86_64.rpm 53f3fc371b761c4dae5eb9f4c3312f0a 2010.1/x86_64/glibc-doc-2.11.1-8.1mnb2.x86_64.rpm dc53a7ea64a488adb7dd1bd337dda835 2010.1/x86_64/glibc-doc-pdf-2.11.1-8.1mnb2.x86_64.rpm 676de3350ca910a2d23bae0e6498d3a3 2010.1/x86_64/glibc-i18ndata-2.11.1-8.1mnb2.x86_64.rpm 6c01cc1115a9b0b97b50ae1ae3d8a26b 2010.1/x86_64/glibc-profile-2.11.1-8.1mnb2.x86_64.rpm 647707744cc66ab912cd2b341c15bc2d 2010.1/x86_64/glibc-static-devel-2.11.1-8.1mnb2.x86_64.rpm d075a7e7b4ce61f651e6333b9e094c06 2010.1/x86_64/glibc-utils-2.11.1-8.1mnb2.x86_64.rpm ed63cad1e47bc68b14e26e065edea104 2010.1/x86_64/nscd-2.11.1-8.1mnb2.x86_64.rpm 3f6685b949eb1b75efe40e4c492da5b2 2010.1/SRPMS/glibc-2.11.1-8.1mnb2.src.rpm Corporate 4.0: 954c7fa4796eb96661670110927bf04e corporate/4.0/i586/glibc-2.3.6-4.3.20060mlcs4.i586.rpm 7844b1b3a5fcea5592714ef19f3ebb7a corporate/4.0/i586/glibc-devel-2.3.6-4.3.20060mlcs4.i586.rpm 2e744f6fac29b88dbbf44b431644eada corporate/4.0/i586/glibc-doc-2.3.6-4.3.20060mlcs4.i586.rpm 6e764e6966598fa92f28129ff08a259b corporate/4.0/i586/glibc-doc-pdf-2.3.6-4.3.20060mlcs4.i586.rpm 58f6f507708cf4c62ce1b9b64bac7339 corporate/4.0/i586/glibc-i18ndata-2.3.6-4.3.20060mlcs4.i586.rpm 0726d5a973be9e94caf298ade74ebca7 corporate/4.0/i586/glibc-profile-2.3.6-4.3.20060mlcs4.i586.rpm c43e083f977ee4ccce227891259f64ff corporate/4.0/i586/glibc-static-devel-2.3.6-4.3.20060mlcs4.i586.rpm 19d3abef528b0ebce245f8d522f0ca1f corporate/4.0/i586/glibc-utils-2.3.6-4.3.20060mlcs4.i586.rpm 105fc8f187ab07b87def4e52c68b45a3 corporate/4.0/i586/ldconfig-2.3.6-4.3.20060mlcs4.i586.rpm 5d7c07e0f9c6abf92633664afd301087 corporate/4.0/i586/nptl-devel-2.3.6-4.3.20060mlcs4.i586.rpm 8d7349924d0a53f9567929b0a87317de corporate/4.0/i586/nscd-2.3.6-4.3.20060mlcs4.i586.rpm 65fae4c5ea02d94ccd7fc4a72a5635bc corporate/4.0/SRPMS/glibc-2.3.6-4.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: cbf4e06b0564c49886f348d0224dc52d corporate/4.0/x86_64/glibc-2.3.6-4.3.20060mlcs4.x86_64.rpm e0784311d11ab7c17f0740b29eb3c2f3 corporate/4.0/x86_64/glibc-devel-2.3.6-4.3.20060mlcs4.x86_64.rpm 7ad0dfb37bfb00fc08e5c6d66e9f01bd corporate/4.0/x86_64/glibc-doc-2.3.6-4.3.20060mlcs4.x86_64.rpm eda60dfec28e3a85f158714ec42d7ae3 corporate/4.0/x86_64/glibc-doc-pdf-2.3.6-4.3.20060mlcs4.x86_64.rpm 1a2ad411439f6b140cbc6f6e82f8e749 corporate/4.0/x86_64/glibc-i18ndata-2.3.6-4.3.20060mlcs4.x86_64.rpm 822beed8ac604a8f2ee8af0e2682ccd8 corporate/4.0/x86_64/glibc-profile-2.3.6-4.3.20060mlcs4.x86_64.rpm 5d0f0642e7ab6983cfe4c32cf24d4018 corporate/4.0/x86_64/glibc-static-devel-2.3.6-4.3.20060mlcs4.x86_64.rpm 2533bf85da955bde2cdbc8f13864d8bb corporate/4.0/x86_64/glibc-utils-2.3.6-4.3.20060mlcs4.x86_64.rpm 484402227eadfbbcde7dee3967c88c1f corporate/4.0/x86_64/ldconfig-2.3.6-4.3.20060mlcs4.x86_64.rpm 47549d339fb39d272b941ead96805ab9 corporate/4.0/x86_64/nptl-devel-2.3.6-4.3.20060mlcs4.x86_64.rpm 239d6747993896fd28da6cdebc72cb95 corporate/4.0/x86_64/nscd-2.3.6-4.3.20060mlcs4.x86_64.rpm 65fae4c5ea02d94ccd7fc4a72a5635bc corporate/4.0/SRPMS/glibc-2.3.6-4.3.20060mlcs4.src.rpm Mandriva Enterprise Server 5: 546cdb658291860d33699bc3ade38c3f mes5/i586/glibc-2.8-1.20080520.5.6mnb2.i586.rpm 76f36515736c5780bcd9915de8afb17e mes5/i586/glibc-devel-2.8-1.20080520.5.6mnb2.i586.rpm 8e31d27ec488d3b8651d9f5783978185 mes5/i586/glibc-doc-2.8-1.20080520.5.6mnb2.i586.rpm 04fe57ffa7ba67f8b6f0db555a25500c mes5/i586/glibc-doc-pdf-2.8-1.20080520.5.6mnb2.i586.rpm c69b0fae345c40c585923b9b625a2f21 mes5/i586/glibc-i18ndata-2.8-1.20080520.5.6mnb2.i586.rpm cccdff704b3ecfe45498460ae9aa9572 mes5/i586/glibc-profile-2.8-1.20080520.5.6mnb2.i586.rpm 86b48858aa46fcf2cf453270e117311a mes5/i586/glibc-static-devel-2.8-1.20080520.5.6mnb2.i586.rpm c307b635e06dff286871f07295d7ca23 mes5/i586/glibc-utils-2.8-1.20080520.5.6mnb2.i586.rpm 2a5192418cc815d92e38c0b7a62fbc01 mes5/i586/nscd-2.8-1.20080520.5.6mnb2.i586.rpm 916d165d2665deccc30655d0f7f85bae mes5/SRPMS/glibc-2.8-1.20080520.5.6mnb2.src.rpm Mandriva Enterprise Server 5/X86_64: 811ae047841180c2028ac426a69d6e72 mes5/x86_64/glibc-2.8-1.20080520.5.6mnb2.x86_64.rpm 377afd0b6673e71fc37697dede5a72e2 mes5/x86_64/glibc-devel-2.8-1.20080520.5.6mnb2.x86_64.rpm cf98a56094d67c47a44cbc482ac10e0a mes5/x86_64/glibc-doc-2.8-1.20080520.5.6mnb2.x86_64.rpm 9eb63f098b8288abbba2a1c2db096a06 mes5/x86_64/glibc-doc-pdf-2.8-1.20080520.5.6mnb2.x86_64.rpm 12fa3833f6daa50d0baf169f855ba29d mes5/x86_64/glibc-i18ndata-2.8-1.20080520.5.6mnb2.x86_64.rpm 645e92cb5d447a5614f8d54df4851e18 mes5/x86_64/glibc-profile-2.8-1.20080520.5.6mnb2.x86_64.rpm 6902498ca74ec74d5f29980484800e5a mes5/x86_64/glibc-static-devel-2.8-1.20080520.5.6mnb2.x86_64.rpm 40fa0bc5b61932dd96e0129930b759ed mes5/x86_64/glibc-utils-2.8-1.20080520.5.6mnb2.x86_64.rpm 744f9ebd9d4e6c17be419b88394c180c mes5/x86_64/nscd-2.8-1.20080520.5.6mnb2.x86_64.rpm 916d165d2665deccc30655d0f7f85bae mes5/SRPMS/glibc-2.8-1.20080520.5.6mnb2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMvzkSmqjQ0CJFipgRAsxhAKCXjvn+mLjD3jW9CjAMbJ0f63NgUgCg8JbV Tv+YBX6HYdei+vm4D/Ykbrs= =kVF6 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/