Skip to navigation

Bug Fix Advisory procinfo bug fix update

Advisory: RHBA-2012:0021-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2012-01-16
Last updated on: 2012-01-16
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

An updated procinfo package that fixes one bug is now available for Red Hat
Enterprise Linux 5.

The procinfo package contains a set of system utilities providing users with
system information. The procinfo package includes the following commands:
procinfo, lsdev, socklist.

This update fixes the following bug:

* Previously, the procinfo command calculated the system idle time in a way that
caused arithmetic overflows. As a consequence, procinfo displayed the system
idle time incorrectly, which eventually resulted in buffer overflows. With this
update, procinfo has been modified to convert variables to a larger data type
before they are used in the calculation so that procinfo now always displays the
system idle time correctly. Buffer overflows no longer occur under these
circumstances. (BZ#769857)

All users of procinfo are advised to upgrade to this updated package, which
fixes this bug.


Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat
Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
procinfo-18-19.el5_7.2.src.rpm     MD5: 64f5b187969a680b1c7a648fa1f67fc0
SHA-256: 7ae958d3656c433f533a46188c55b091204029976bc92d20f314c01d4be00767
 
IA-32:
procinfo-18-19.el5_7.2.i386.rpm     MD5: 0c8eb459ff0d3db3515d29fc7fdb0aec
SHA-256: 2134989e4d1c201caa64806ffe9701029bff57ce0108aa0ad8ea528dd18523d1
 
IA-64:
procinfo-18-19.el5_7.2.ia64.rpm     MD5: 77a8e84c74483c7c85ca18c99b634793
SHA-256: dd258f097c8543908b3ac9dabd9944ed6dd92da0d4c8c2ef6c7c8ae012099443
 
PPC:
procinfo-18-19.el5_7.2.ppc.rpm     MD5: ead03ab34f62e526bbe273a92c99ca73
SHA-256: ff92537784af55e9cddb01cd32f3a6464d42a5fecb43d504adc61e7285f09944
 
s390x:
procinfo-18-19.el5_7.2.s390x.rpm     MD5: 880a771f15db663237f9ce4bc21b5d6b
SHA-256: d94c9d45cf96d552d3e50afa76201649f1e7168625599934fed6f282b72424e8
 
x86_64:
procinfo-18-19.el5_7.2.x86_64.rpm     MD5: 1d28941ff41508cb5bb8791cd5dc77d4
SHA-256: 228e012fa39d7e9f9c0082112c5029e12c84a9e79dc23387d5d14956bf5bd490
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
procinfo-18-19.el5_7.2.src.rpm     MD5: 64f5b187969a680b1c7a648fa1f67fc0
SHA-256: 7ae958d3656c433f533a46188c55b091204029976bc92d20f314c01d4be00767
 
IA-32:
procinfo-18-19.el5_7.2.i386.rpm     MD5: 0c8eb459ff0d3db3515d29fc7fdb0aec
SHA-256: 2134989e4d1c201caa64806ffe9701029bff57ce0108aa0ad8ea528dd18523d1
 
x86_64:
procinfo-18-19.el5_7.2.x86_64.rpm     MD5: 1d28941ff41508cb5bb8791cd5dc77d4
SHA-256: 228e012fa39d7e9f9c0082112c5029e12c84a9e79dc23387d5d14956bf5bd490
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

769857 - procinfo command gets buffer overflow for hms calculations


Keywords

lsdev, procinfo, socklist


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/