[16544] in bugtraq
Re: UNIX locale format string vulnerability
daemon@ATHENA.MIT.EDU (Tyler)
Mon Sep 4 20:35:02 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.21.0009041654340.20746-100000@hal.rescomp.berkeley.edu>
Date: Mon, 4 Sep 2000 17:01:41 -0700
Reply-To: Tyler <tyler@RESCOMP.BERKELEY.EDU>
From: Tyler <tyler@RESCOMP.BERKELEY.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.SGI.3.96.1000904172458.21712142F-100000@skule.ecf>
> I immediately grabbed the new rpms from update.redhat.com, followed the
> instructions and got:
>
> glibc
> ##################################################
> package zic not found in file index
> package ca_ES not found in file index
[snip]
i'm not sure if this is directly relevant to your problem or not, but it
looks like the redhat RPMs that got released have some issues which i
wanted to share with anyone else having problems. on several of my RH5.2
boxen, installing the new glibc caused tcsh to segfault all the time.
there is a bugzilla entry on the tcsh problem
at: http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=17187
there is a link there to some new packages which worked for me
at: ftp://ultra.linux.cz/private/glibc/
the redhat 6.x packages appear to be fine.
there is a note in the bugzilla logs that these new 5.x packages are
supposed to be made public somtime "Monday morning." so hopefully they'll
come through tomorrow (what with Labor Day and all...).
tyler
--
"Any setuid root program that does an exec() somewhere is just a less
user friendly version of su. I have a wonderful proof of this claim,
but unfortunately the margin is too small to hold it :-)"
--Olaf Kirch, on bugtraq
