-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:212 http://www.mandriva.com/security/ _______________________________________________________________________ Package : glibc Date : October 24, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1, Enterprise Server 5.0 _______________________________________________________________________ Problem Description: A vulnerability in the GNU C library (glibc) was discovered which could escalate the privilegies for local users (CVE-2010-3856). Packages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3856 _______________________________________________________________________ Updated Packages: Mandriva Linux 2009.0: a2ee03ac0924c44c810d083662a97de8 2009.0/i586/glibc-2.8-1.20080520.5.7mnb2.i586.rpm a8a1c842e5e2d0133ef8c63b5f7f28f2 2009.0/i586/glibc-devel-2.8-1.20080520.5.7mnb2.i586.rpm 97e1265c6a220df77c7fbc82f6af6411 2009.0/i586/glibc-doc-2.8-1.20080520.5.7mnb2.i586.rpm a058e4a88e8254c99081c59ab8dd78f0 2009.0/i586/glibc-doc-pdf-2.8-1.20080520.5.7mnb2.i586.rpm b4d6ab07d4c746f2efcc74d836042256 2009.0/i586/glibc-i18ndata-2.8-1.20080520.5.7mnb2.i586.rpm 0f99ed3aefdeb272c6a57be92e67b4dd 2009.0/i586/glibc-profile-2.8-1.20080520.5.7mnb2.i586.rpm 313f76c1ac601bf29a15cec76fe4184d 2009.0/i586/glibc-static-devel-2.8-1.20080520.5.7mnb2.i586.rpm c778c2132821d1ec58a426af876bf132 2009.0/i586/glibc-utils-2.8-1.20080520.5.7mnb2.i586.rpm c6fde01aa255f822d2d95a2f51d7fd81 2009.0/i586/nscd-2.8-1.20080520.5.7mnb2.i586.rpm ad4a9d7e7726b08a1b652d3c04f1a89c 2009.0/SRPMS/glibc-2.8-1.20080520.5.7mnb2.src.rpm Mandriva Linux 2009.0/X86_64: d76d8b72db1f8786e21cb5f59e6cce00 2009.0/x86_64/glibc-2.8-1.20080520.5.7mnb2.x86_64.rpm 4950b32b5ce4442ef435169ba910c7dd 2009.0/x86_64/glibc-devel-2.8-1.20080520.5.7mnb2.x86_64.rpm 63262a38695cb9e5b6399619b2ef1df0 2009.0/x86_64/glibc-doc-2.8-1.20080520.5.7mnb2.x86_64.rpm 99554007d43ea6ee4725b1c7745f333d 2009.0/x86_64/glibc-doc-pdf-2.8-1.20080520.5.7mnb2.x86_64.rpm 5d36614adab5b84cd0df2ad8fb9c8c0d 2009.0/x86_64/glibc-i18ndata-2.8-1.20080520.5.7mnb2.x86_64.rpm 1835fb265a5217f3cd4859935375d382 2009.0/x86_64/glibc-profile-2.8-1.20080520.5.7mnb2.x86_64.rpm c90410d40a815d21a70f269148e82902 2009.0/x86_64/glibc-static-devel-2.8-1.20080520.5.7mnb2.x86_64.rpm b8f304c7513105758add95000aab554a 2009.0/x86_64/glibc-utils-2.8-1.20080520.5.7mnb2.x86_64.rpm 8ef1151024c5a100fb644f26619542fc 2009.0/x86_64/nscd-2.8-1.20080520.5.7mnb2.x86_64.rpm ad4a9d7e7726b08a1b652d3c04f1a89c 2009.0/SRPMS/glibc-2.8-1.20080520.5.7mnb2.src.rpm Mandriva Linux 2009.1: b6540023f3b57941d981bc64410e9eb8 2009.1/i586/glibc-2.9-0.20081113.5.3mnb2.i586.rpm c360be4bbc1cb261f02f9386560d7a4c 2009.1/i586/glibc-devel-2.9-0.20081113.5.3mnb2.i586.rpm 1dd4b37aeea6eb8b06a6334819675116 2009.1/i586/glibc-doc-2.9-0.20081113.5.3mnb2.i586.rpm 2fbddc7221a412acff0f18655b12f515 2009.1/i586/glibc-doc-pdf-2.9-0.20081113.5.3mnb2.i586.rpm f6fc0a2d8d3c113da6aa5315bada1b73 2009.1/i586/glibc-i18ndata-2.9-0.20081113.5.3mnb2.i586.rpm 7f2a1220dc376d12616bc90e33ee1a64 2009.1/i586/glibc-profile-2.9-0.20081113.5.3mnb2.i586.rpm fc81985f6f8f6ea4f93422c16c4941f6 2009.1/i586/glibc-static-devel-2.9-0.20081113.5.3mnb2.i586.rpm 63039fc05f259bd923df449dc0617e8f 2009.1/i586/glibc-utils-2.9-0.20081113.5.3mnb2.i586.rpm 1085c015259d7d7d6d79c92e4add2a00 2009.1/i586/nscd-2.9-0.20081113.5.3mnb2.i586.rpm 6bf81dd6d4891801d9c680d462ad1200 2009.1/SRPMS/glibc-2.9-0.20081113.5.3mnb2.src.rpm Mandriva Linux 2009.1/X86_64: ed1e0b0f9485fff4f1963df1747881eb 2009.1/x86_64/glibc-2.9-0.20081113.5.3mnb2.x86_64.rpm d4fee6708b7ccb8c0833c7f7d7aff86d 2009.1/x86_64/glibc-devel-2.9-0.20081113.5.3mnb2.x86_64.rpm 6abea6d85672cdadeffa0c65ab1b637d 2009.1/x86_64/glibc-doc-2.9-0.20081113.5.3mnb2.x86_64.rpm 5cb9af7ce950fc3d39155da3f4ac4e7a 2009.1/x86_64/glibc-doc-pdf-2.9-0.20081113.5.3mnb2.x86_64.rpm cc475683225258957642d9131cb9339f 2009.1/x86_64/glibc-i18ndata-2.9-0.20081113.5.3mnb2.x86_64.rpm abf433bdbb2d3b997490884912dde631 2009.1/x86_64/glibc-profile-2.9-0.20081113.5.3mnb2.x86_64.rpm 8f34aaebb609f4b0a7dcd3a060fed541 2009.1/x86_64/glibc-static-devel-2.9-0.20081113.5.3mnb2.x86_64.rpm 8d73c57e541469a56028ef3c982d3ae3 2009.1/x86_64/glibc-utils-2.9-0.20081113.5.3mnb2.x86_64.rpm d94964f62b56a38653e8eb873b670839 2009.1/x86_64/nscd-2.9-0.20081113.5.3mnb2.x86_64.rpm 6bf81dd6d4891801d9c680d462ad1200 2009.1/SRPMS/glibc-2.9-0.20081113.5.3mnb2.src.rpm Mandriva Linux 2010.0: 4414fd3f5453c5c0a622041d8dd4387d 2010.0/i586/glibc-2.10.1-6.7mnb2.i586.rpm 007709c8ebb909a2ffbf3c99760bb07b 2010.0/i586/glibc-devel-2.10.1-6.7mnb2.i586.rpm 7739823ed6ea206a100c69a0dc3ffa45 2010.0/i586/glibc-doc-2.10.1-6.7mnb2.i586.rpm 6d25b91cdd15da9bb497c93d62303a62 2010.0/i586/glibc-doc-pdf-2.10.1-6.7mnb2.i586.rpm 7b03588e5c1210d13dcc1314dfa0babc 2010.0/i586/glibc-i18ndata-2.10.1-6.7mnb2.i586.rpm 327c8b50ed380186387bcb088d4722f0 2010.0/i586/glibc-profile-2.10.1-6.7mnb2.i586.rpm 2b75375e54f049e7bf0e0c769da55a7d 2010.0/i586/glibc-static-devel-2.10.1-6.7mnb2.i586.rpm 418061b0fe53e5537b0ba598cb28f424 2010.0/i586/glibc-utils-2.10.1-6.7mnb2.i586.rpm c4c3b4c9968aeee0966a41be312608d1 2010.0/i586/nscd-2.10.1-6.7mnb2.i586.rpm 033b539e4fa738f633ac36791eb97d7e 2010.0/SRPMS/glibc-2.10.1-6.7mnb2.src.rpm Mandriva Linux 2010.0/X86_64: 360cff2b9681cc028a91602f807244b4 2010.0/x86_64/glibc-2.10.1-6.7mnb2.x86_64.rpm d7ffd0ac5f4c840c3166b7fa707a35ec 2010.0/x86_64/glibc-devel-2.10.1-6.7mnb2.x86_64.rpm 6cb4a74e38229e628f240c535b68ccf9 2010.0/x86_64/glibc-doc-2.10.1-6.7mnb2.x86_64.rpm 519a2dfbebbb6badde5561918ca83a32 2010.0/x86_64/glibc-doc-pdf-2.10.1-6.7mnb2.x86_64.rpm e38d9a284d10acbf3189468d29fe6a33 2010.0/x86_64/glibc-i18ndata-2.10.1-6.7mnb2.x86_64.rpm cbe0d12e4f0db9faa68ef88027b096ef 2010.0/x86_64/glibc-profile-2.10.1-6.7mnb2.x86_64.rpm e569e2c577805a3582d1047f43d25460 2010.0/x86_64/glibc-static-devel-2.10.1-6.7mnb2.x86_64.rpm 16ae8cb911a7be2959a0af7e7e799661 2010.0/x86_64/glibc-utils-2.10.1-6.7mnb2.x86_64.rpm f8c0adc585d148d5478f008ca270ec4d 2010.0/x86_64/nscd-2.10.1-6.7mnb2.x86_64.rpm 033b539e4fa738f633ac36791eb97d7e 2010.0/SRPMS/glibc-2.10.1-6.7mnb2.src.rpm Mandriva Linux 2010.1: 2440ac21cbcae4610dbd52cdfbdbfa50 2010.1/i586/glibc-2.11.1-8.2mnb2.i586.rpm 6f93f56c9350d979e922cd367e724088 2010.1/i586/glibc-devel-2.11.1-8.2mnb2.i586.rpm 6112f6e7bd2f39daab4f508ce918c4c3 2010.1/i586/glibc-doc-2.11.1-8.2mnb2.i586.rpm d46f2a7c2edeb62e46dcd9bd96713f97 2010.1/i586/glibc-doc-pdf-2.11.1-8.2mnb2.i586.rpm 6b364c8ee5541d3541c66f8232ef508c 2010.1/i586/glibc-i18ndata-2.11.1-8.2mnb2.i586.rpm dabacee26d90e1603413370bd5a0b31e 2010.1/i586/glibc-profile-2.11.1-8.2mnb2.i586.rpm 587c7a7681dd2c670c9f0e5946c11254 2010.1/i586/glibc-static-devel-2.11.1-8.2mnb2.i586.rpm 81b66ec63b52083db24fa3013c4d7402 2010.1/i586/glibc-utils-2.11.1-8.2mnb2.i586.rpm 40053327f4a0f2d25bb7af3a67a19e07 2010.1/i586/nscd-2.11.1-8.2mnb2.i586.rpm 64d9ecd7ac0258c451874441dc51fcfa 2010.1/SRPMS/glibc-2.11.1-8.2mnb2.src.rpm Mandriva Linux 2010.1/X86_64: 869bcf92e6e553a15ea2d0ccd347b04b 2010.1/x86_64/glibc-2.11.1-8.2mnb2.x86_64.rpm fb582ad728802ddf23e6aece2c3efd82 2010.1/x86_64/glibc-devel-2.11.1-8.2mnb2.x86_64.rpm fbbec6d51f6c9f37ea9095c1e7970ed3 2010.1/x86_64/glibc-doc-2.11.1-8.2mnb2.x86_64.rpm c268c26784648c1899e64ecb5668d222 2010.1/x86_64/glibc-doc-pdf-2.11.1-8.2mnb2.x86_64.rpm e53a3c4d13967696dd2c8165fc06e13c 2010.1/x86_64/glibc-i18ndata-2.11.1-8.2mnb2.x86_64.rpm 441eea1bdf6df5e2e62afb60c8fc0dcd 2010.1/x86_64/glibc-profile-2.11.1-8.2mnb2.x86_64.rpm bff71b40403b765948a87c27fe786ad2 2010.1/x86_64/glibc-static-devel-2.11.1-8.2mnb2.x86_64.rpm d322236f5d2e998e34ad48aa181cefb0 2010.1/x86_64/glibc-utils-2.11.1-8.2mnb2.x86_64.rpm 09190df3c70b830e813815361307aecc 2010.1/x86_64/nscd-2.11.1-8.2mnb2.x86_64.rpm 64d9ecd7ac0258c451874441dc51fcfa 2010.1/SRPMS/glibc-2.11.1-8.2mnb2.src.rpm Mandriva Enterprise Server 5: 204f18b5cd689161c3024e8e0677fb8c mes5/i586/glibc-2.8-1.20080520.5.7mnb2.i586.rpm 2c56c83e1d2026d47e1139268c15ca30 mes5/i586/glibc-devel-2.8-1.20080520.5.7mnb2.i586.rpm d161df53c274c0b705500e2330b8d74d mes5/i586/glibc-doc-2.8-1.20080520.5.7mnb2.i586.rpm 3915bc7141bdfba84d40842256484de7 mes5/i586/glibc-doc-pdf-2.8-1.20080520.5.7mnb2.i586.rpm 5455bcab125540e5fc0ea0460870c954 mes5/i586/glibc-i18ndata-2.8-1.20080520.5.7mnb2.i586.rpm d71582421b7cabca4bc2d1c8940d62af mes5/i586/glibc-profile-2.8-1.20080520.5.7mnb2.i586.rpm 327d7d960a73d748f5292f5f16c3c59c mes5/i586/glibc-static-devel-2.8-1.20080520.5.7mnb2.i586.rpm 01faeef7242b9dd8cc484128f2bc4337 mes5/i586/glibc-utils-2.8-1.20080520.5.7mnb2.i586.rpm d23c54d5c73f1f44d50baf3873f3b6f8 mes5/i586/nscd-2.8-1.20080520.5.7mnb2.i586.rpm d5c1d301d379bf286848f9ac541dd6e4 mes5/SRPMS/glibc-2.8-1.20080520.5.7mnb2.src.rpm Mandriva Enterprise Server 5/X86_64: 8bb454ac78787cbacb20b9a55c1329ff mes5/x86_64/glibc-2.8-1.20080520.5.7mnb2.x86_64.rpm 85fcdcd1e15e65eee194bab2fbe4cf78 mes5/x86_64/glibc-devel-2.8-1.20080520.5.7mnb2.x86_64.rpm 6b4abc5acee3c08a90047e47ff4475ca mes5/x86_64/glibc-doc-2.8-1.20080520.5.7mnb2.x86_64.rpm d1093bde442d3bdec354601821380d6f mes5/x86_64/glibc-doc-pdf-2.8-1.20080520.5.7mnb2.x86_64.rpm 2964e81ce79c4c78b2fdbd0bab16acfc mes5/x86_64/glibc-i18ndata-2.8-1.20080520.5.7mnb2.x86_64.rpm 29817a5e3e5eb723719668bd822e6927 mes5/x86_64/glibc-profile-2.8-1.20080520.5.7mnb2.x86_64.rpm bdcbaa4b6a7027f0661177bb59bd70b2 mes5/x86_64/glibc-static-devel-2.8-1.20080520.5.7mnb2.x86_64.rpm a268941cf5f14037e5051796c8d5b3c0 mes5/x86_64/glibc-utils-2.8-1.20080520.5.7mnb2.x86_64.rpm 317a9268ea301eb4f148df2b9566ee3d mes5/x86_64/nscd-2.8-1.20080520.5.7mnb2.x86_64.rpm d5c1d301d379bf286848f9ac541dd6e4 mes5/SRPMS/glibc-2.8-1.20080520.5.7mnb2.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMw93NmqjQ0CJFipgRAmq9AKCXxAg2xT85eY0IBojESy+ADOEALQCfROJt Yy3uWjzVODB1+mGgrP3N3Cc= =TZOg -----END PGP SIGNATURE-----