Updated glibc packages fix security vulnerabilities
Publication date: 28 Dec 2017Modification date: 28 Dec 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2017-12132 , CVE-2017-12133 , CVE-2017-15670 , CVE-2017-15671 , CVE-2017-15804
Description
The DNS stub resolver in the GNU C Library (aka glibc or libc6) before
version 2.26, when EDNS support is enabled, will solicit large UDP
responses from name servers, potentially simplifying off-path DNS
spoofing attacks due to IP fragmentation.(CVE-2017-12132, CVE-2017-12133).
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one
error leading to a heap-based buffer overflow (CVE-2017-15670).
The glob function in glob.c in the GNU C Library (aka glibc or libc6)
before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated
memory when processing the ~ operator with a long user name, potentially
leading to a denial of service (memory leak) (CVE-2017-15671).
The glob function in glob.c in the GNU C Library (aka glibc or libc6)
before 2.27 contains a buffer overflow during unescaping of user names
with the ~ operator (CVE-2017-15804).
As libtirpc is also affected by CVE-2017-12133, it's part of this update.
References
- https://bugs.mageia.org/show_bug.cgi?id=22255
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12132
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12133
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15671
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15804
SRPMS
5/core
- glibc-2.20-26.mga5
- libtirpc-0.2.5-3.3.mga5