Oval Definition:oval:com.redhat.rhsa:def:20120397
Revision Date:2012-03-19Version:634
Title:RHSA-2012:0397: glibc security update (Moderate)
Description:The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

  • An integer overflow flaw was found in the implementation of the printf functions family. This could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort. (CVE-2012-0864)

    All users of glibc are advised to upgrade to these updated packages, which contain a patch to resolve this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2012-0864
    RHSA-2012:0397
    RHSA-2012:0397-01
    RHSA-2012:0397-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • glibc is earlier than 0:2.5-81.el5_8.1
  • AND glibc is signed with Red Hat redhatrelease2 key
  • glibc-common is earlier than 0:2.5-81.el5_8.1
  • AND glibc-common is signed with Red Hat redhatrelease2 key
  • glibc-devel is earlier than 0:2.5-81.el5_8.1
  • AND glibc-devel is signed with Red Hat redhatrelease2 key
  • glibc-headers is earlier than 0:2.5-81.el5_8.1
  • AND glibc-headers is signed with Red Hat redhatrelease2 key
  • glibc-utils is earlier than 0:2.5-81.el5_8.1
  • AND glibc-utils is signed with Red Hat redhatrelease2 key
  • nscd is earlier than 0:2.5-81.el5_8.1
  • AND nscd is signed with Red Hat redhatrelease2 key
    • BACK