 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.123175 |
| Kategorie: | Oracle Linux Local Security Checks |
| Titel: | Oracle: Security Advisory (ELSA-2015-0327) |
| Zusammenfassung: | The remote host is missing an update for the 'glibc' package(s) announced via the ELSA-2015-0327 advisory. |
| Beschreibung: | Summary: The remote host is missing an update for the 'glibc' package(s) announced via the ELSA-2015-0327 advisory. Vulnerability Insight: [2.17-78.0.1] - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. [2.17-78] - Fix ppc64le builds (#1077389). [2.17-77] - Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183545). [2.17-76] - Fix application crashes during calls to gettimeofday on ppc64 when kernel exports gettimeofday via VDSO (#1077389). - Prevent NSS-based file backend from entering infinite loop when different APIs request the same service (CVE-2014-8121, #1182272). [2.17-75] - Fix permission of debuginfo source files to allow multiarch debuginfo packages to be installed and upgraded (#1170110). [2.17-74] - Fix wordexp() to honour WRDE_NOCMD (CVE-2014-7817, #1170487). [2.17-73] - ftell: seek to end only when there are unflushed bytes (#1156331). [2.17-72] - [s390] Fix up _dl_argv after adjusting arguments in _dl_start_user (#1161666). [2.17-71] - Fix incorrect handling of relocations in 64-bit LE mode for Power (#1162847). [2.17-70] - [s390] Retain stack alignment when skipping over loader argv (#1161666). [2.17-69] - Use __int128_t in link.h to support older compiler (#1120490). [2.17-68] - Revert to defining __extern_inline only for gcc-4.3+ (#1120490). [2.17-67] - Correct a defect in the generated math error table in the manual (#786638). [2.17-66] - Include preliminary thread, signal and cancellation safety documentation in manual (#786638). [2.17-65] - PowerPC 32-bit and 64-bit optimized function support using STT_GNU_IFUNC (#731837). - Support running Intel MPX-enabled applications (#1132518). - Support running Intel AVX-512-enabled applications (#1140272). [2.17-64] - Fix crashes on invalid input in IBM gconv modules (#1140474, CVE-2014-6040). [2.17-63] - Build build-locale-archive statically (#1070611). - Return failure in getnetgrent only when all netgroups have been searched (#1085313). [2.17-62] - Don't use alloca in addgetnetgrentX (#1138520). - Adjust pointers to triplets in netgroup query data (#1138520). [2.17-61] - Set CS_PATH to just /use/bin (#1124453). - Add systemtap probe in lll_futex_wake for ppc and s390 (#1084089). [2.17-60] - Add mmap usage to malloc_info output (#1103856). - Fix nscd lookup for innetgr when netgroup has wildcards (#1080766). - Fix memory order when reading libgcc handle (#1103874). - Fix typo in nscd/selinux.c (#1125306). - Do not fail if one of the two responses to AF_UNSPEC fails (#1098047). [2.17-59] - Provide correct buffer length to netgroup queries in nscd (#1083647). - Return NULL for wildcard values in getnetgrent from nscd (#1085290). - Avoid overlapping addresses to stpcpy calls in nscd (#1083644). - Initialize all of datahead structure in nscd (#1083646). [2.17-58] - Remove gconv transliteration loadable modules support (CVE-2014-5119, - _nl_find_locale: Improve ... [Please see the references for more information on the vulnerabilities] Affected Software/OS: 'glibc' package(s) on Oracle Linux 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-6040 62100 http://secunia.com/advisories/62100 62146 http://secunia.com/advisories/62146 69472 http://www.securityfocus.com/bid/69472 DSA-3142 http://www.debian.org/security/2015/dsa-3142 GLSA-201602-02 https://security.gentoo.org/glsa/201602-02 MDVSA-2014:175 http://www.mandriva.com/security/advisories?name=MDVSA-2014:175 USN-2432-1 http://ubuntu.com/usn/usn-2432-1 [oss-security] 20140829 CVE request: glibc character set conversion from IBM code pages http://www.openwall.com/lists/oss-security/2014/08/29/3 [oss-security] 20140902 Re: CVE request: glibc character set conversion from IBM code pages http://www.openwall.com/lists/oss-security/2014/09/02/1 http://linux.oracle.com/errata/ELSA-2015-0016.html https://sourceware.org/bugzilla/show_bug.cgi?id=17325 https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commitdiff%3Bh=41488498b6 Common Vulnerability Exposure (CVE) ID: CVE-2014-8121 73038 http://www.securityfocus.com/bid/73038 DSA-3480 http://www.debian.org/security/2016/dsa-3480 RHSA-2015:0327 http://rhn.redhat.com/errata/RHSA-2015-0327.html SUSE-SU-2015:1424 http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00019.html SUSE-SU-2016:0470 http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html USN-2985-1 http://www.ubuntu.com/usn/USN-2985-1 USN-2985-2 http://www.ubuntu.com/usn/USN-2985-2 [libc-alpha] 20150223 [PATCH] CVE-2014-8121: Fix nss_files file management [BZ#18007] https://sourceware.org/ml/libc-alpha/2015-02/msg00617.html https://bugzilla.redhat.com/show_bug.cgi?id=1165192 |
| Copyright | Copyright (C) 2015 Greenbone AG |
| Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |