[18733] in bugtraq
Trustix Security Advisory - glibc
daemon@ATHENA.MIT.EDU (Trustix Secure Linux Team)
Mon Jan 22 19:53:08 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <037l3ozvhp.fsf@colargol.tihlde.hist.no>
Date: Sun, 21 Jan 2001 18:05:22 +0100
Reply-To: Trustix Secure Linux Team <tsl@TRUSTIX.COM>
From: Trustix Secure Linux Team <tsl@TRUSTIX.COM>
X-To: tsl-announce@trustix.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <038zogyeil.fsf@colargol.tihlde.hist.no>
Hi
Trustix is, like many other linux distributions, based on Glibc 2.1.3
and is therefore open to the "preload hole" discussed in various
postings to bugtraq and other lists. This is a local security hole,
and all users of TSL should upgrade their boxes.
MD5sums:
1.2:
d69cb9bf4b4e2054eca741b66bea7efe glibc-2.1.3-14tr.i586.rpm
89dc092c40a710f50461565ad77cd73b glibc-devel-2.1.3-14tr.i586.rpm
f28b091857fa5819f89a5196d2cd9677 glibc-profile-2.1.3-14tr.i586.rpm
8bbd1a727271cda776377960fd5a5207 nscd-2.1.3-14tr.i586.rpm
1.1:
b3f6874ccafde9ed366eb0f1f91134eb glibc-2.1.3-14tr.i586.rpm
3432382c84ec6ec850f8c1867b4a0662 glibc-devel-2.1.3-14tr.i586.rpm
a1118708c0420bc80ef62c0a9d10164b glibc-profile-2.1.3-14tr.i586.rpm
5846041d401e3929cbe09119e22c573f nscd-2.1.3-14tr.i586.rpm
1.0:
Use the 1.1 packages.
Packages can be downloaded from:
ftp://ftp.trustix.net/pub/Trustix/updates/
http://www.trustix.net/pub/Trustix/updates/
Or from one of our mirrors:
http://www.trustix.net/mirrors.php3
1.2 users who have installed the optional SWUP-package (from
ftp://ftp.trustix.com/pub/Trustix/software/swup/) can use
'swup --upgrade' to automatically download and install the new packages.
For a full update history of the 1.2 release, see:
ftp://ftp.trustix.com/pub/Trustix/updates/1.2/ChangeLog
Trustix Security Team
