User: Password:
|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2013-4100 (glibc)

From:  updates@fedoraproject.org
To:  package-announce@lists.fedoraproject.org
Subject:  [SECURITY] Fedora 18 Update: glibc-2.16-30.fc18
Date:  Sat, 30 Mar 2013 21:30:28 +0000
Message-ID:  <20130330213028.6201120A4F@bastion01.phx2.fedoraproject.org>
Archive-link:  Article, Thread

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2013-4100 2013-03-20 20:46:57 -------------------------------------------------------------------------------- Name : glibc Product : Fedora 18 Version : 2.16 Release : 30.fc18 URL : http://www.gnu.org/software/glibc/ Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. -------------------------------------------------------------------------------- Update Information: Fix multibyte character processing crash in regexp (CVE-2013-0242). Fix ownership of /usr/lib[64]/audit (#894307). Rename release engineering directory to `releng' (#903754). -------------------------------------------------------------------------------- ChangeLog: * Sun Mar 17 2013 Carlos O'Donell <carlos@redhat.com> - 2.16-30 - Fix ownership of /usr/lib[64]/audit (#894307). - Rename release engineering directory to `releng' (#903754). - Fix multibyte character processing crash in regexp (#905874, #905877, CVE-2013-0242) * Wed Dec 26 2012 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.16-29 Fix sparc build with older compilers. (#890035) * Mon Dec 10 2012 Patsy Franklin <pfrankli@redhat.com> - 2.16-28 - Backport fix for nss_db crash when db contains exactly one entry.(#878913) * Fri Dec 7 2012 Patsy Franklin <pfrankli@redhat.com> - 2.16-27 - Backport crypto support from upstream. (#811753) * Thu Dec 6 2012 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.16-26 - use uint64_t for __bswap64 (#859428). * Wed Nov 28 2012 Patsy Franklin <pfrankli@redhat.com> - 2.16-25 - Backport of upstream BZ #5298. Don't flush buffer for ftell. Compute offsets from write pointers instead. (#577950) -------------------------------------------------------------------------------- References: [ 1 ] Bug #905874 - CVE-2013-0242 glibc: Buffer overrun (DoS) in regexp matcher by processing multibyte characters https://bugzilla.redhat.com/show_bug.cgi?id=905874 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update glibc' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds