Fw: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines

To: <debian-security@lists.debian.org>
Subject: Fw: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines
From: "Jeff" <jaa.debian@aquabolt.com>
Date: Fri, 21 Mar 2003 08:48:29 -0000
Message-id: <[🔎] 011101c2ef86$a672c230$3864a8c0@comice>

----- Original Message -----
From: "CERT Advisory" <cert-advisory@cert.org>
To: <cert-advisory@cert.org>
Sent: Wednesday, March 19, 2003 7:53 PM
Subject: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library
routines


>
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines
>
>    Original release date: March 19, 2003
>    Last revised: --
>    Source: CERT/CC
>
snip...
>
> GNU glibc
>
>    Version 2.3.1 of the GNU C Library is vulnerable. Earlier versions are
>    also  vulnerable.  The  following patches have been installed into the
>    CVS  sources,  and  should  appear  in  the  next version of the GNU C
>    Library. These patches are also available from the following URLs:

Does this affect:
  libstdc++2.10-glibc2.2
  glibc-2.2.5-11.2

If so are the patches in the pipeline?

Apologies if I have missed a posting - unfortunately the volume of recent
off-topic messages has resulted in my heavy filtering of debian-security.

Regards
Jeff

Reply to:

Follow-Ups:
- Re: Fw: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines
  - From: Kevin Buhr <buhr@telus.net>

Prev by Date: Re: howcome there's no DSA for the latest Linux ptrace hole?
Next by Date: Re: is iptables enough?
Previous by thread: Re: Is this an obsolete tiger file?
Next by thread: Re: Fw: CERT Advisory CA-2003-10 Integer overflow in Sun RPC XDR library routines
Index(es):
- Date
- Thread