Synopsis: Critical: glibc security update
Advisory ID: SLSA-2015:0090-1
Issue Date: 2015-01-27
CVE Numbers: CVE-2015-0235
—
A heap-based buffer overflow was found in glibc’s
__nss_hostname_digits_dots() function, which is used by the
gethostbyname() and gethostbyname2() glibc function calls. A remote
attacker able to make an application call either of these functions could
use this flaw to execute arbitrary code with the permissions of the user
running the application. (CVE-2015-0235)
—
SL5
x86_64
glibc-2.5-123.el5_11.1.i686.rpm
glibc-2.5-123.el5_11.1.x86_64.rpm
glibc-common-2.5-123.el5_11.1.x86_64.rpm
glibc-debuginfo-2.5-123.el5_11.1.i386.rpm
glibc-debuginfo-2.5-123.el5_11.1.i686.rpm
glibc-debuginfo-2.5-123.el5_11.1.x86_64.rpm
glibc-debuginfo-common-2.5-123.el5_11.1.i386.rpm
glibc-devel-2.5-123.el5_11.1.i386.rpm
glibc-devel-2.5-123.el5_11.1.x86_64.rpm
glibc-headers-2.5-123.el5_11.1.x86_64.rpm
glibc-utils-2.5-123.el5_11.1.x86_64.rpm
nscd-2.5-123.el5_11.1.x86_64.rpm
i386
glibc-2.5-123.el5_11.1.i386.rpm
glibc-2.5-123.el5_11.1.i686.rpm
glibc-common-2.5-123.el5_11.1.i386.rpm
glibc-debuginfo-2.5-123.el5_11.1.i386.rpm
glibc-debuginfo-2.5-123.el5_11.1.i686.rpm
glibc-debuginfo-common-2.5-123.el5_11.1.i386.rpm
glibc-devel-2.5-123.el5_11.1.i386.rpm
glibc-headers-2.5-123.el5_11.1.i386.rpm
glibc-utils-2.5-123.el5_11.1.i386.rpm
nscd-2.5-123.el5_11.1.i386.rpm
– Scientific Linux Development Team
