AnNyung Official Homepage Home > Update [ 1.2 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



glibc 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1132644847
업데이트 : 2005.11.22


상세내용

glibc 는 시스템에서 가장 중요한 공유 라이브러리를 제공한다.


CAN-2004-1382:
The glibcbug script in glibc 2.3.4 and earlier allows local users to overwrite
arbitrary files via a symlink attack on temporary files, a different vulnerability
than CAN-2004-0968

CVE-2004-1453:
GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2
before 2.3.2-r10 does not restrict the use of LD_DEBUG for a setuid program,
which allows local users to gain sensitive information, such as the list of
symbols used by the program.

- syslog 수행시에 sigaction (SYGPIPE,...) 호출을 하지 않도록 변경
- 공유 라이브러리 블럭에 setenv/putenv 설정 가능하도록 변경


Autoupdates 지원 : 지원

update 패키지

  RPMS :

    . glibc-2.2.4-36.i686.rpm
    . glibc-devel-2.2.4-36.i686.rpm
    . glibc-common-2.2.4-36.i686.rpm
    . glibc-profile-2.2.4-36.i686.rpm
    . nscd-2.2.4-36.i686.rpm

  SRPMS :

    . glibc-2.2.4-36.src.rpm

참고 : 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1453




    



 Home > Update [ 1.2 ]

Copyright 2018 OOPS Development Organization 
LAST MODIFIED: 2016/04/24