Skip to navigation

Security Advisory Moderate: glibc security and bug fix update

Advisory: RHSA-2012:0125-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-02-13
Last updated on: 2012-02-13
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-5029
CVE-2009-5064
CVE-2010-0296
CVE-2010-0830
CVE-2011-1071
CVE-2011-1089
CVE-2011-1095
CVE-2011-1659
CVE-2011-4609

Details

Updated glibc packages that fix multiple security issues and one bug are
now available for Red Hat Enterprise Linux 4.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The glibc packages contain the standard C libraries used by multiple
programs on the system. These packages contain the standard C and the
standard math libraries. Without these two libraries, a Linux system cannot
function properly.

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way the glibc library read timezone files. If a
carefully-crafted timezone file was loaded by an application linked against
glibc, it could cause the application to crash or, potentially, execute
arbitrary code with the privileges of the user running the application.
(CVE-2009-5029)

A flaw was found in the way the ldd utility identified dynamically linked
libraries. If an attacker could trick a user into running ldd on a
malicious binary, it could result in arbitrary code execution with the
privileges of the user running ldd. (CVE-2009-5064)

It was discovered that the glibc addmntent() function, used by various
mount helper utilities, did not sanitize its input properly. A local
attacker could possibly use this flaw to inject malformed lines into the
mtab (mounted file systems table) file via certain setuid mount helpers, if
the attacker were allowed to mount to an arbitrary directory under their
control. (CVE-2010-0296)

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way the glibc library loaded ELF (Executable and Linking
Format) files. If a carefully-crafted ELF file was loaded by an
application linked against glibc, it could cause the application to crash
or, potentially, execute arbitrary code with the privileges of the user
running the application. (CVE-2010-0830)

It was discovered that the glibc fnmatch() function did not properly
restrict the use of alloca(). If the function was called on sufficiently
large inputs, it could cause an application using fnmatch() to crash or,
possibly, execute arbitrary code with the privileges of the application.
(CVE-2011-1071)

It was found that the glibc addmntent() function, used by various mount
helper utilities, did not handle certain errors correctly when updating the
mtab (mounted file systems table) file. If such utilities had the setuid
bit set, a local attacker could use this flaw to corrupt the mtab file.
(CVE-2011-1089)

It was discovered that the locale command did not produce properly escaped
output as required by the POSIX specification. If an attacker were able to
set the locale environment variables in the environment of a script that
performed shell evaluation on the output of the locale command, and that
script were run with different privileges than the attacker's, it could
execute arbitrary code with the privileges of the script. (CVE-2011-1095)

An integer overflow flaw was found in the glibc fnmatch() function. If an
attacker supplied a long UTF-8 string to an application linked against
glibc, it could cause the application to crash. (CVE-2011-1659)

A denial of service flaw was found in the remote procedure call (RPC)
implementation in glibc. A remote attacker able to open a large number of
connections to an RPC service that is using the RPC implementation from
glibc, could use this flaw to make that service use an excessive amount of
CPU time. (CVE-2011-4609)

Red Hat would like to thank the Ubuntu Security Team for reporting
CVE-2010-0830, and Dan Rosenberg for reporting CVE-2011-1089. The Ubuntu
Security Team acknowledges Dan Rosenberg as the original reporter of
CVE-2010-0830.

This update also fixes the following bug:

* When using an nscd package that is a different version than the glibc
package, the nscd service could fail to start. This update makes the nscd
package require a specific glibc version to prevent this problem.
(BZ#657009)

Users should upgrade to these updated packages, which resolve these issues.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)

SRPMS:
glibc-2.3.4-2.57.src.rpm     MD5: 96df7307d4941c5e61d74a64e41747b5
SHA-256: c946f34d9c1861f53a038cbc64be43b5a17a40b3f7a58717b5066cd49b6850ad
 
IA-32:
glibc-2.3.4-2.57.i386.rpm     MD5: 4c6f2a7732217c96424680a0785790e5
SHA-256: 796d86f23e40db253e6cda8fce826079219e4cfbff3a6d14a3b086a770fae836
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-common-2.3.4-2.57.i386.rpm     MD5: 6df6234aaefe87caf8e03c03c5854fb9
SHA-256: 56076e1fd47a7af2eddb4f2e29ad2ea42cea34d0b77f28cd0f90b0163d6e5d8b
glibc-devel-2.3.4-2.57.i386.rpm     MD5: 64adb1a318d2e1506f952e9f7b600f98
SHA-256: 8b159ecc0bd002d46e4d3f463cf227ab3090f127b857805278ba2380b5e9f445
glibc-headers-2.3.4-2.57.i386.rpm     MD5: 98b365c63611147eae7e609eb695e3d3
SHA-256: 07e4ec40a796dc24c0461e46fe2d26bc242083386dcd13be78af1f3c629ed1ec
glibc-profile-2.3.4-2.57.i386.rpm     MD5: 4303287e90b39a3c9b9da6a122a61a20
SHA-256: 95d74122980c62ab6164efaa4e0abc5ea403a0e75c61c4f0a1aa1024016d9550
glibc-utils-2.3.4-2.57.i386.rpm     MD5: aba5a294b0f65a0b94211dc7309fd72c
SHA-256: 8ff4c96ab9740077f5f7b328e0632075eb379d5a7722f56847b908c7150049f5
nptl-devel-2.3.4-2.57.i386.rpm     MD5: bfaae072c4ee4488545135f07f80c9da
SHA-256: 6c773a3e1c5d20238e4c57c80a14e31549ecf6c458aed4e557c3ef72a87288b8
nptl-devel-2.3.4-2.57.i686.rpm     MD5: e4be5f8ec6e22398243c01120c591a58
SHA-256: a0f38dfab5dfed7d6a5d4df27d7d57a7f8d5ae763042bcc0bef3662d22c27ba8
nscd-2.3.4-2.57.i386.rpm     MD5: 86d72a69e22459bde6e03557f982c6f2
SHA-256: 2529ea0a2c7fafbf5e181ca998b8f2bce9227e99071829d26d9fd25bd68350f3
 
x86_64:
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-2.3.4-2.57.x86_64.rpm     MD5: 8f41b5d23ef085744e7a8c1f5b7807f3
SHA-256: 7f5604ec1211f1bd05c28daee85d96631ce9c47a2069702539131ebd9c10449f
glibc-common-2.3.4-2.57.x86_64.rpm     MD5: e4e43753498142a09364c722cb4da2bb
SHA-256: 77fe1b12488479126a2b5ee5c0d8b8f064b115cf8916d1d1580d26b1e6a1201a
glibc-devel-2.3.4-2.57.i386.rpm     MD5: 64adb1a318d2e1506f952e9f7b600f98
SHA-256: 8b159ecc0bd002d46e4d3f463cf227ab3090f127b857805278ba2380b5e9f445
glibc-devel-2.3.4-2.57.x86_64.rpm     MD5: 9858958fe18ffb0fe1752d9b0e4297a8
SHA-256: b66ba8c0df0665ad3af697dcf7add60989e4426cc2d45bde89a58fc69015d244
glibc-headers-2.3.4-2.57.x86_64.rpm     MD5: 822fde90efd9671e172d52454aa485b0
SHA-256: 9d0b213eb459487f9f7df948bfe3bdc67838001993af9f3f0c1e3d05c45b9aa5
glibc-profile-2.3.4-2.57.x86_64.rpm     MD5: 7601ea4d84890f81d3652acd9d36f808
SHA-256: 6d0dd91098ed385c4ac524307b4ef8ea8ac511da3b1538ed5603fa0a709eba98
glibc-utils-2.3.4-2.57.x86_64.rpm     MD5: 936b6f442bd1559d593896042d8d3a56
SHA-256: 98917377d05d5db36e69cb9656dfad77c7f8681dbb25ab0bfef325a28dd74aaf
nptl-devel-2.3.4-2.57.x86_64.rpm     MD5: 0c43e2579dc4708ab430e645ca9b5dec
SHA-256: 0d17f6ed1ed9dc3a9d57a43d218fc94b830c85d9601ccf21d6efb957e2e5032c
nscd-2.3.4-2.57.x86_64.rpm     MD5: 34ba2387135781f963fbec23aef8940e
SHA-256: 9298e674e277fe9c94d632e5c546104a2406c72126eab39db6b3eefac1d7754e
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
glibc-2.3.4-2.57.src.rpm     MD5: 96df7307d4941c5e61d74a64e41747b5
SHA-256: c946f34d9c1861f53a038cbc64be43b5a17a40b3f7a58717b5066cd49b6850ad
 
IA-32:
glibc-2.3.4-2.57.i386.rpm     MD5: 4c6f2a7732217c96424680a0785790e5
SHA-256: 796d86f23e40db253e6cda8fce826079219e4cfbff3a6d14a3b086a770fae836
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-common-2.3.4-2.57.i386.rpm     MD5: 6df6234aaefe87caf8e03c03c5854fb9
SHA-256: 56076e1fd47a7af2eddb4f2e29ad2ea42cea34d0b77f28cd0f90b0163d6e5d8b
glibc-devel-2.3.4-2.57.i386.rpm     MD5: 64adb1a318d2e1506f952e9f7b600f98
SHA-256: 8b159ecc0bd002d46e4d3f463cf227ab3090f127b857805278ba2380b5e9f445
glibc-headers-2.3.4-2.57.i386.rpm     MD5: 98b365c63611147eae7e609eb695e3d3
SHA-256: 07e4ec40a796dc24c0461e46fe2d26bc242083386dcd13be78af1f3c629ed1ec
glibc-profile-2.3.4-2.57.i386.rpm     MD5: 4303287e90b39a3c9b9da6a122a61a20
SHA-256: 95d74122980c62ab6164efaa4e0abc5ea403a0e75c61c4f0a1aa1024016d9550
glibc-utils-2.3.4-2.57.i386.rpm     MD5: aba5a294b0f65a0b94211dc7309fd72c
SHA-256: 8ff4c96ab9740077f5f7b328e0632075eb379d5a7722f56847b908c7150049f5
nptl-devel-2.3.4-2.57.i386.rpm     MD5: bfaae072c4ee4488545135f07f80c9da
SHA-256: 6c773a3e1c5d20238e4c57c80a14e31549ecf6c458aed4e557c3ef72a87288b8
nptl-devel-2.3.4-2.57.i686.rpm     MD5: e4be5f8ec6e22398243c01120c591a58
SHA-256: a0f38dfab5dfed7d6a5d4df27d7d57a7f8d5ae763042bcc0bef3662d22c27ba8
nscd-2.3.4-2.57.i386.rpm     MD5: 86d72a69e22459bde6e03557f982c6f2
SHA-256: 2529ea0a2c7fafbf5e181ca998b8f2bce9227e99071829d26d9fd25bd68350f3
 
IA-64:
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-2.3.4-2.57.ia64.rpm     MD5: ef5e02d7eded07e714efa9146fd0b3d5
SHA-256: 9e312afc13c153ac3414c57e4f25d1985a6cbcd4b88d5e4116e3ec1279490270
glibc-common-2.3.4-2.57.ia64.rpm     MD5: aa04e193275375861fe6d33aaacfc3c3
SHA-256: 174a6d0e3e5d60dab0a5c28c1ea4c4bc09845a208ecc89ead6bf2fba4fe3d748
glibc-devel-2.3.4-2.57.ia64.rpm     MD5: fe3f198b6a10ad48d39f4c8eb4d1f558
SHA-256: 42853ac5f1fb2176dc8ddbf1061063264cd5c47f7f0d2711c02df75b56a32481
glibc-headers-2.3.4-2.57.ia64.rpm     MD5: 9d7381c10c9de0ca27bcb697c91c0131
SHA-256: abca9ea40f717e241f4ce6a2b8da0e3d30872cd84246c74c11dd3f171c0926f1
glibc-profile-2.3.4-2.57.ia64.rpm     MD5: 6f4ee452b46980c3ee349d24860321ff
SHA-256: 7ffcc4dee9d585ead4ccf7da2f4d01f40476bb6b83d2143a026451338bc03808
glibc-utils-2.3.4-2.57.ia64.rpm     MD5: bad30eb0ca4d177d3f609edce394e431
SHA-256: b72ac3917542a8bdbcecc0c280a8d742ba79d67a7f14d9ae3e7273ac89e850a0
nptl-devel-2.3.4-2.57.ia64.rpm     MD5: 22291a219fd1a231342a23bef015bd71
SHA-256: b8324bb58486fdb9bcf208bc452eb8375710ee2961bf70118b72725f20c31210
nscd-2.3.4-2.57.ia64.rpm     MD5: 1ce654163b221987fb1372a39605324e
SHA-256: 9dc29a327737436c48a3db17e20257210f08ebc668216ae31535f97c543a7090
 
PPC:
glibc-2.3.4-2.57.ppc.rpm     MD5: 567984112ea533b744c65453dd6406c0
SHA-256: 03916db6ecc538fcb30d7e15171d856a8d1441e529920426337a401fa73261a9
glibc-2.3.4-2.57.ppc64.rpm     MD5: 153d26044febe5476dccd252b34c0963
SHA-256: 711f0d57080f0862c81c94181554528c21c6f27382d6cfe49c39228ecc86b300
glibc-common-2.3.4-2.57.ppc.rpm     MD5: 548c22a492a28780604b7a8f4cd0e6d7
SHA-256: 76ddeeef9574dd9cb4a4a5fb32641efb0939807ec4a5f43a8d3fe273d248bd9e
glibc-devel-2.3.4-2.57.ppc.rpm     MD5: 1a5dae261f9d195e52a84716e5591af9
SHA-256: b27aaa777f7505b285e353d87fb3a16b769e0f5508d26622fa0f3913f6712375
glibc-devel-2.3.4-2.57.ppc64.rpm     MD5: f1470feb5c5adc058e8c743fed8dc097
SHA-256: cdbe04f7495aeb0f22526e695fce7ad84b86628735a680fdd2d022fcde191226
glibc-headers-2.3.4-2.57.ppc.rpm     MD5: da58fa589f4f52f82e876d5932a9b569
SHA-256: 9859bba3eace8f086deb470aa111def2ebb82eb051e92fedb207ba6857d51872
glibc-profile-2.3.4-2.57.ppc.rpm     MD5: b31e04d79af64bad2f04e962335df629
SHA-256: 8b83cc0a219d95187f362e480783f97a300ec98db4e00493779df026363ec3c1
glibc-utils-2.3.4-2.57.ppc.rpm     MD5: 01bcf7e7a7012462ec6fcfada1ff0f9d
SHA-256: 58364e776242a069979866ebfc05308635c3193a3dd72f62b367483cd378c07c
nptl-devel-2.3.4-2.57.ppc.rpm     MD5: 0793b05925270e6a7a4da2a8ce9e2a56
SHA-256: b6f08005278e174d22116b6e5e4324328a9f32d902fea0b17134f08c11368024
nscd-2.3.4-2.57.ppc.rpm     MD5: 129e42bdc3d19466c471870f00c65035
SHA-256: a4089afc47bdecacc7dfb43ffd8dffab5b1340c680778d504076c91e281de556
 
s390:
glibc-2.3.4-2.57.s390.rpm     MD5: c079422e78959f8310c23fd6afe21af9
SHA-256: 033e70b121ad52f7f6c7f8e0b5d8a38be350f9c22d88416f72c0160a8ae31acb
glibc-common-2.3.4-2.57.s390.rpm     MD5: c2bf8c863e09ab17559a9f9a3e453a82
SHA-256: 6d0fd80d996cf1707398063d9d08e59ae3f85e2561ac0c8fb2518133635cda79
glibc-devel-2.3.4-2.57.s390.rpm     MD5: ec6549df277335f07bb6e6f6cce9e1d0
SHA-256: 949b7b2dfdf4a12071a8433dabc797bfa228fa39938ef730a770ccc253c03988
glibc-headers-2.3.4-2.57.s390.rpm     MD5: 9457f1d6315728dc826766ddcac3b66f
SHA-256: d111b64bf1b43930aa3bebc6260c22bca3b1498c1b2d02949a7a829d7ef79bca
glibc-profile-2.3.4-2.57.s390.rpm     MD5: f0544593fe222d192514200a23896379
SHA-256: 61085bcdbf0db1eb6233db63e065b8663cd3087438897e994a345461cf7bcd39
glibc-utils-2.3.4-2.57.s390.rpm     MD5: e63df1600210bf0707291d4c0ec742ba
SHA-256: 44b9205be72d39f91fa50b29183193049ea84960d5fd32cd8331a6f4afb1cfde
nptl-devel-2.3.4-2.57.s390.rpm     MD5: 592dc855feed32f4b4561fa684a757df
SHA-256: 1a3d897554150f805cb39a009ef26ece0dc7d778f2e3791f07451b34eee0a77d
nscd-2.3.4-2.57.s390.rpm     MD5: 671c5a84e90fdf616efa04e9852db99f
SHA-256: 0c1eae384252c0c9edb2b40994cb70801781bc1ac18d29b2a226fd3699462c7d
 
s390x:
glibc-2.3.4-2.57.s390.rpm     MD5: c079422e78959f8310c23fd6afe21af9
SHA-256: 033e70b121ad52f7f6c7f8e0b5d8a38be350f9c22d88416f72c0160a8ae31acb
glibc-2.3.4-2.57.s390x.rpm     MD5: 4fc646694fc31f14f6a376f00e425c69
SHA-256: 306b3e5d77e0f61521b68dbbfa5640ad36bae8c7e13d46cdeaff425a54a4ca49
glibc-common-2.3.4-2.57.s390x.rpm     MD5: d4ee0a1804ec8580b633d5432173c1f9
SHA-256: 8426602aeef24e1f91884ea68927746c2f418a09b2943436c102ecdd04367789
glibc-devel-2.3.4-2.57.s390.rpm     MD5: ec6549df277335f07bb6e6f6cce9e1d0
SHA-256: 949b7b2dfdf4a12071a8433dabc797bfa228fa39938ef730a770ccc253c03988
glibc-devel-2.3.4-2.57.s390x.rpm     MD5: b3a244f16179ab5fd91e319729f3f9b7
SHA-256: e5046c30305ae814ceed95a3de341f8d1632aef73e3ab07b294def363a8a0018
glibc-headers-2.3.4-2.57.s390x.rpm     MD5: 4871e4fe67495ac425ef3c57f5554880
SHA-256: 33d81b47a7260434ad7cb89f8e7350afdfc138abebb862b7edfdd51eec7a4aab
glibc-profile-2.3.4-2.57.s390x.rpm     MD5: 3f2753417ab3fb8229ba081cbd172ba1
SHA-256: 97e2d628671886dd39c1d56d4a409d085cb79d8e8216afad03fe41a61cf1b51d
glibc-utils-2.3.4-2.57.s390x.rpm     MD5: eda406ec5f31539861d3767ed9d67398
SHA-256: 298d82cedbea95b4acac8a3e3a3fbe2b87b8f0ad8860d1847a5bd5d93bd0157e
nptl-devel-2.3.4-2.57.s390x.rpm     MD5: f7927e24be505dbaf1569afe7acf7fd5
SHA-256: 8abc0e063c002115852e16404f057458559bbb8f08aa55d019c1d5f197d43d2e
nscd-2.3.4-2.57.s390x.rpm     MD5: c3621e00f55e7e2c0eb0407aadb9ce47
SHA-256: 9ebebf4b161875b394f425c475b4e0687d9e997741031e2a90a46d1e47463031
 
x86_64:
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-2.3.4-2.57.x86_64.rpm     MD5: 8f41b5d23ef085744e7a8c1f5b7807f3
SHA-256: 7f5604ec1211f1bd05c28daee85d96631ce9c47a2069702539131ebd9c10449f
glibc-common-2.3.4-2.57.x86_64.rpm     MD5: e4e43753498142a09364c722cb4da2bb
SHA-256: 77fe1b12488479126a2b5ee5c0d8b8f064b115cf8916d1d1580d26b1e6a1201a
glibc-devel-2.3.4-2.57.i386.rpm     MD5: 64adb1a318d2e1506f952e9f7b600f98
SHA-256: 8b159ecc0bd002d46e4d3f463cf227ab3090f127b857805278ba2380b5e9f445
glibc-devel-2.3.4-2.57.x86_64.rpm     MD5: 9858958fe18ffb0fe1752d9b0e4297a8
SHA-256: b66ba8c0df0665ad3af697dcf7add60989e4426cc2d45bde89a58fc69015d244
glibc-headers-2.3.4-2.57.x86_64.rpm     MD5: 822fde90efd9671e172d52454aa485b0
SHA-256: 9d0b213eb459487f9f7df948bfe3bdc67838001993af9f3f0c1e3d05c45b9aa5
glibc-profile-2.3.4-2.57.x86_64.rpm     MD5: 7601ea4d84890f81d3652acd9d36f808
SHA-256: 6d0dd91098ed385c4ac524307b4ef8ea8ac511da3b1538ed5603fa0a709eba98
glibc-utils-2.3.4-2.57.x86_64.rpm     MD5: 936b6f442bd1559d593896042d8d3a56
SHA-256: 98917377d05d5db36e69cb9656dfad77c7f8681dbb25ab0bfef325a28dd74aaf
nptl-devel-2.3.4-2.57.x86_64.rpm     MD5: 0c43e2579dc4708ab430e645ca9b5dec
SHA-256: 0d17f6ed1ed9dc3a9d57a43d218fc94b830c85d9601ccf21d6efb957e2e5032c
nscd-2.3.4-2.57.x86_64.rpm     MD5: 34ba2387135781f963fbec23aef8940e
SHA-256: 9298e674e277fe9c94d632e5c546104a2406c72126eab39db6b3eefac1d7754e
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
glibc-2.3.4-2.57.src.rpm     MD5: 96df7307d4941c5e61d74a64e41747b5
SHA-256: c946f34d9c1861f53a038cbc64be43b5a17a40b3f7a58717b5066cd49b6850ad
 
IA-32:
glibc-2.3.4-2.57.i386.rpm     MD5: 4c6f2a7732217c96424680a0785790e5
SHA-256: 796d86f23e40db253e6cda8fce826079219e4cfbff3a6d14a3b086a770fae836
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-common-2.3.4-2.57.i386.rpm     MD5: 6df6234aaefe87caf8e03c03c5854fb9
SHA-256: 56076e1fd47a7af2eddb4f2e29ad2ea42cea34d0b77f28cd0f90b0163d6e5d8b
glibc-devel-2.3.4-2.57.i386.rpm     MD5: 64adb1a318d2e1506f952e9f7b600f98
SHA-256: 8b159ecc0bd002d46e4d3f463cf227ab3090f127b857805278ba2380b5e9f445
glibc-headers-2.3.4-2.57.i386.rpm     MD5: 98b365c63611147eae7e609eb695e3d3
SHA-256: 07e4ec40a796dc24c0461e46fe2d26bc242083386dcd13be78af1f3c629ed1ec
glibc-profile-2.3.4-2.57.i386.rpm     MD5: 4303287e90b39a3c9b9da6a122a61a20
SHA-256: 95d74122980c62ab6164efaa4e0abc5ea403a0e75c61c4f0a1aa1024016d9550
glibc-utils-2.3.4-2.57.i386.rpm     MD5: aba5a294b0f65a0b94211dc7309fd72c
SHA-256: 8ff4c96ab9740077f5f7b328e0632075eb379d5a7722f56847b908c7150049f5
nptl-devel-2.3.4-2.57.i386.rpm     MD5: bfaae072c4ee4488545135f07f80c9da
SHA-256: 6c773a3e1c5d20238e4c57c80a14e31549ecf6c458aed4e557c3ef72a87288b8
nptl-devel-2.3.4-2.57.i686.rpm     MD5: e4be5f8ec6e22398243c01120c591a58
SHA-256: a0f38dfab5dfed7d6a5d4df27d7d57a7f8d5ae763042bcc0bef3662d22c27ba8
nscd-2.3.4-2.57.i386.rpm     MD5: 86d72a69e22459bde6e03557f982c6f2
SHA-256: 2529ea0a2c7fafbf5e181ca998b8f2bce9227e99071829d26d9fd25bd68350f3
 
IA-64:
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-2.3.4-2.57.ia64.rpm     MD5: ef5e02d7eded07e714efa9146fd0b3d5
SHA-256: 9e312afc13c153ac3414c57e4f25d1985a6cbcd4b88d5e4116e3ec1279490270
glibc-common-2.3.4-2.57.ia64.rpm     MD5: aa04e193275375861fe6d33aaacfc3c3
SHA-256: 174a6d0e3e5d60dab0a5c28c1ea4c4bc09845a208ecc89ead6bf2fba4fe3d748
glibc-devel-2.3.4-2.57.ia64.rpm     MD5: fe3f198b6a10ad48d39f4c8eb4d1f558
SHA-256: 42853ac5f1fb2176dc8ddbf1061063264cd5c47f7f0d2711c02df75b56a32481
glibc-headers-2.3.4-2.57.ia64.rpm     MD5: 9d7381c10c9de0ca27bcb697c91c0131
SHA-256: abca9ea40f717e241f4ce6a2b8da0e3d30872cd84246c74c11dd3f171c0926f1
glibc-profile-2.3.4-2.57.ia64.rpm     MD5: 6f4ee452b46980c3ee349d24860321ff
SHA-256: 7ffcc4dee9d585ead4ccf7da2f4d01f40476bb6b83d2143a026451338bc03808
glibc-utils-2.3.4-2.57.ia64.rpm     MD5: bad30eb0ca4d177d3f609edce394e431
SHA-256: b72ac3917542a8bdbcecc0c280a8d742ba79d67a7f14d9ae3e7273ac89e850a0
nptl-devel-2.3.4-2.57.ia64.rpm     MD5: 22291a219fd1a231342a23bef015bd71
SHA-256: b8324bb58486fdb9bcf208bc452eb8375710ee2961bf70118b72725f20c31210
nscd-2.3.4-2.57.ia64.rpm     MD5: 1ce654163b221987fb1372a39605324e
SHA-256: 9dc29a327737436c48a3db17e20257210f08ebc668216ae31535f97c543a7090
 
x86_64:
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-2.3.4-2.57.x86_64.rpm     MD5: 8f41b5d23ef085744e7a8c1f5b7807f3
SHA-256: 7f5604ec1211f1bd05c28daee85d96631ce9c47a2069702539131ebd9c10449f
glibc-common-2.3.4-2.57.x86_64.rpm     MD5: e4e43753498142a09364c722cb4da2bb
SHA-256: 77fe1b12488479126a2b5ee5c0d8b8f064b115cf8916d1d1580d26b1e6a1201a
glibc-devel-2.3.4-2.57.i386.rpm     MD5: 64adb1a318d2e1506f952e9f7b600f98
SHA-256: 8b159ecc0bd002d46e4d3f463cf227ab3090f127b857805278ba2380b5e9f445
glibc-devel-2.3.4-2.57.x86_64.rpm     MD5: 9858958fe18ffb0fe1752d9b0e4297a8
SHA-256: b66ba8c0df0665ad3af697dcf7add60989e4426cc2d45bde89a58fc69015d244
glibc-headers-2.3.4-2.57.x86_64.rpm     MD5: 822fde90efd9671e172d52454aa485b0
SHA-256: 9d0b213eb459487f9f7df948bfe3bdc67838001993af9f3f0c1e3d05c45b9aa5
glibc-profile-2.3.4-2.57.x86_64.rpm     MD5: 7601ea4d84890f81d3652acd9d36f808
SHA-256: 6d0dd91098ed385c4ac524307b4ef8ea8ac511da3b1538ed5603fa0a709eba98
glibc-utils-2.3.4-2.57.x86_64.rpm     MD5: 936b6f442bd1559d593896042d8d3a56
SHA-256: 98917377d05d5db36e69cb9656dfad77c7f8681dbb25ab0bfef325a28dd74aaf
nptl-devel-2.3.4-2.57.x86_64.rpm     MD5: 0c43e2579dc4708ab430e645ca9b5dec
SHA-256: 0d17f6ed1ed9dc3a9d57a43d218fc94b830c85d9601ccf21d6efb957e2e5032c
nscd-2.3.4-2.57.x86_64.rpm     MD5: 34ba2387135781f963fbec23aef8940e
SHA-256: 9298e674e277fe9c94d632e5c546104a2406c72126eab39db6b3eefac1d7754e
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
glibc-2.3.4-2.57.src.rpm     MD5: 96df7307d4941c5e61d74a64e41747b5
SHA-256: c946f34d9c1861f53a038cbc64be43b5a17a40b3f7a58717b5066cd49b6850ad
 
IA-32:
glibc-2.3.4-2.57.i386.rpm     MD5: 4c6f2a7732217c96424680a0785790e5
SHA-256: 796d86f23e40db253e6cda8fce826079219e4cfbff3a6d14a3b086a770fae836
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-common-2.3.4-2.57.i386.rpm     MD5: 6df6234aaefe87caf8e03c03c5854fb9
SHA-256: 56076e1fd47a7af2eddb4f2e29ad2ea42cea34d0b77f28cd0f90b0163d6e5d8b
glibc-devel-2.3.4-2.57.i386.rpm     MD5: 64adb1a318d2e1506f952e9f7b600f98
SHA-256: 8b159ecc0bd002d46e4d3f463cf227ab3090f127b857805278ba2380b5e9f445
glibc-headers-2.3.4-2.57.i386.rpm     MD5: 98b365c63611147eae7e609eb695e3d3
SHA-256: 07e4ec40a796dc24c0461e46fe2d26bc242083386dcd13be78af1f3c629ed1ec
glibc-profile-2.3.4-2.57.i386.rpm     MD5: 4303287e90b39a3c9b9da6a122a61a20
SHA-256: 95d74122980c62ab6164efaa4e0abc5ea403a0e75c61c4f0a1aa1024016d9550
glibc-utils-2.3.4-2.57.i386.rpm     MD5: aba5a294b0f65a0b94211dc7309fd72c
SHA-256: 8ff4c96ab9740077f5f7b328e0632075eb379d5a7722f56847b908c7150049f5
nptl-devel-2.3.4-2.57.i386.rpm     MD5: bfaae072c4ee4488545135f07f80c9da
SHA-256: 6c773a3e1c5d20238e4c57c80a14e31549ecf6c458aed4e557c3ef72a87288b8
nptl-devel-2.3.4-2.57.i686.rpm     MD5: e4be5f8ec6e22398243c01120c591a58
SHA-256: a0f38dfab5dfed7d6a5d4df27d7d57a7f8d5ae763042bcc0bef3662d22c27ba8
nscd-2.3.4-2.57.i386.rpm     MD5: 86d72a69e22459bde6e03557f982c6f2
SHA-256: 2529ea0a2c7fafbf5e181ca998b8f2bce9227e99071829d26d9fd25bd68350f3
 
IA-64:
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-2.3.4-2.57.ia64.rpm     MD5: ef5e02d7eded07e714efa9146fd0b3d5
SHA-256: 9e312afc13c153ac3414c57e4f25d1985a6cbcd4b88d5e4116e3ec1279490270
glibc-common-2.3.4-2.57.ia64.rpm     MD5: aa04e193275375861fe6d33aaacfc3c3
SHA-256: 174a6d0e3e5d60dab0a5c28c1ea4c4bc09845a208ecc89ead6bf2fba4fe3d748
glibc-devel-2.3.4-2.57.ia64.rpm     MD5: fe3f198b6a10ad48d39f4c8eb4d1f558
SHA-256: 42853ac5f1fb2176dc8ddbf1061063264cd5c47f7f0d2711c02df75b56a32481
glibc-headers-2.3.4-2.57.ia64.rpm     MD5: 9d7381c10c9de0ca27bcb697c91c0131
SHA-256: abca9ea40f717e241f4ce6a2b8da0e3d30872cd84246c74c11dd3f171c0926f1
glibc-profile-2.3.4-2.57.ia64.rpm     MD5: 6f4ee452b46980c3ee349d24860321ff
SHA-256: 7ffcc4dee9d585ead4ccf7da2f4d01f40476bb6b83d2143a026451338bc03808
glibc-utils-2.3.4-2.57.ia64.rpm     MD5: bad30eb0ca4d177d3f609edce394e431
SHA-256: b72ac3917542a8bdbcecc0c280a8d742ba79d67a7f14d9ae3e7273ac89e850a0
nptl-devel-2.3.4-2.57.ia64.rpm     MD5: 22291a219fd1a231342a23bef015bd71
SHA-256: b8324bb58486fdb9bcf208bc452eb8375710ee2961bf70118b72725f20c31210
nscd-2.3.4-2.57.ia64.rpm     MD5: 1ce654163b221987fb1372a39605324e
SHA-256: 9dc29a327737436c48a3db17e20257210f08ebc668216ae31535f97c543a7090
 
x86_64:
glibc-2.3.4-2.57.i686.rpm     MD5: cc6b2117f459359c6f92c03046d911f1
SHA-256: aaa88e80b2c98885d1247a21808a61a908d5773562683ff699526e64037db532
glibc-2.3.4-2.57.x86_64.rpm     MD5: 8f41b5d23ef085744e7a8c1f5b7807f3
SHA-256: 7f5604ec1211f1bd05c28daee85d96631ce9c47a2069702539131ebd9c10449f
glibc-common-2.3.4-2.57.x86_64.rpm     MD5: e4e43753498142a09364c722cb4da2bb
SHA-256: 77fe1b12488479126a2b5ee5c0d8b8f064b115cf8916d1d1580d26b1e6a1201a
glibc-devel-2.3.4-2.57.i386.rpm     MD5: 64adb1a318d2e1506f952e9f7b600f98
SHA-256: 8b159ecc0bd002d46e4d3f463cf227ab3090f127b857805278ba2380b5e9f445
glibc-devel-2.3.4-2.57.x86_64.rpm     MD5: 9858958fe18ffb0fe1752d9b0e4297a8
SHA-256: b66ba8c0df0665ad3af697dcf7add60989e4426cc2d45bde89a58fc69015d244
glibc-headers-2.3.4-2.57.x86_64.rpm     MD5: 822fde90efd9671e172d52454aa485b0
SHA-256: 9d0b213eb459487f9f7df948bfe3bdc67838001993af9f3f0c1e3d05c45b9aa5
glibc-profile-2.3.4-2.57.x86_64.rpm     MD5: 7601ea4d84890f81d3652acd9d36f808
SHA-256: 6d0dd91098ed385c4ac524307b4ef8ea8ac511da3b1538ed5603fa0a709eba98
glibc-utils-2.3.4-2.57.x86_64.rpm     MD5: 936b6f442bd1559d593896042d8d3a56
SHA-256: 98917377d05d5db36e69cb9656dfad77c7f8681dbb25ab0bfef325a28dd74aaf
nptl-devel-2.3.4-2.57.x86_64.rpm     MD5: 0c43e2579dc4708ab430e645ca9b5dec
SHA-256: 0d17f6ed1ed9dc3a9d57a43d218fc94b830c85d9601ccf21d6efb957e2e5032c
nscd-2.3.4-2.57.x86_64.rpm     MD5: 34ba2387135781f963fbec23aef8940e
SHA-256: 9298e674e277fe9c94d632e5c546104a2406c72126eab39db6b3eefac1d7754e
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

559579 - CVE-2010-0296 glibc: Improper encoding of names with certain special character in utilities for writing to mtab table
599056 - CVE-2010-0830 glibc: ld.so d_tag signedness error in elf_get_dynamic_info
625893 - CVE-2011-1095 glibc: insufficient quoting in the locale command output
657009 - nscd rpm installation doesn't check dependencies
681054 - CVE-2011-1071 CVE-2011-1659 glibc: fnmatch() alloca()-based memory corruption flaw
688980 - CVE-2011-1089 glibc: Suid mount helpers fail to anticipate RLIMIT_FSIZE
692393 - CVE-2009-5064 glibc: ldd unexpected code execution issue
761245 - CVE-2009-5029 glibc: __tzfile_read integer overflow to buffer overflow
767299 - CVE-2011-4609 glibc: svc_run() produces high cpu usage when accept() fails with EMFILE error


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/