Oval Definition:oval:com.redhat.rhsa:def:20121208
Revision Date:2012-08-27Version:634
Title:RHSA-2012:1208: glibc security update (Moderate)
Description:The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function properly.

  • Multiple integer overflow flaws, leading to stack-based buffer overflows, were found in glibc's functions for converting a string to a numeric representation (strtod(), strtof(), and strtold()). If an application used such a function on attacker controlled input, it could cause the application to crash or, potentially, execute arbitrary code. (CVE-2012-3480)

    All users of glibc are advised to upgrade to these updated packages, which contain a backported patch to correct these issues.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2012-3480
    CVE-2012-3480
    RHSA-2012:1208
    RHSA-2012:1208-01
    RHSA-2012:1208-01
    Platform(s):Red Hat Enterprise Linux 6
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • glibc is earlier than 0:2.12-1.80.el6_3.5
  • AND glibc is signed with Red Hat redhatrelease2 key
  • glibc-common is earlier than 0:2.12-1.80.el6_3.5
  • AND glibc-common is signed with Red Hat redhatrelease2 key
  • glibc-devel is earlier than 0:2.12-1.80.el6_3.5
  • AND glibc-devel is signed with Red Hat redhatrelease2 key
  • glibc-headers is earlier than 0:2.12-1.80.el6_3.5
  • AND glibc-headers is signed with Red Hat redhatrelease2 key
  • glibc-static is earlier than 0:2.12-1.80.el6_3.5
  • AND glibc-static is signed with Red Hat redhatrelease2 key
  • glibc-utils is earlier than 0:2.12-1.80.el6_3.5
  • AND glibc-utils is signed with Red Hat redhatrelease2 key
  • nscd is earlier than 0:2.12-1.80.el6_3.5
  • AND nscd is signed with Red Hat redhatrelease2 key
    • BACK