For those of you running RHEL5 clones ( RedHat Enterprise Linux 5, Scientific Linux 5, CentOS 5, etc ), and had to deal with the glibc version 58 patch problem, here's a downrev patch that works.
It is Really Cool to run a distro supported by folks who are even more responsive than The Upstream Vendor. Keith ----- Forwarded message from Troy Dawson <[email protected]> ----- Date: Tue, 12 Apr 2011 15:51:24 -0500 From: Troy Dawson <[email protected]> Subject: TESTING - glibc security update fix for SL5 Hello, There was a bug with the latest glibc update that went out for SL5. https://bugzilla.redhat.com/show_bug.cgi?id=693882 It causes evolution to fail, and the gnome panel to crash. As far as we know, this bug doesn't affect any non-graphical environment, so servers should be safe. We have created a glibc with two changes taken out that fix the bug. The problem is that it removes one of the security patches. *Security Update Removed* CVE-2011-0536 The fix for CVE-2010-3847 introduced a regression in the way the dynamic loader expanded the $ORIGIN dynamic string token specified in the RPATH and RUNPATH entries in the ELF library header. A local attacker could use this flaw to escalate their privileges via a setuid or setgid program using such a library. *Security Updates Still Applied* CVE-2011-1095, CVE-2011-1071, CVE-2010-0296 This fix is for those admins who had to downgrade their glibc due to evolution and/or gnome-panel crashing. We feel it is better for them to have three security patches, rather than none. We do not plan on pushing this out, we are waiting for a fix from TUV. To test or update SL5 ------- yum --enablerepo=sl-testing update glibc\* or you can download rpm's by hand at http://ftp.scientificlinux.org/linux/scientific/5rolling/testing/i386/glibc/ http://ftp.scientificlinux.org/linux/scientific/5rolling/testing/x86_64/glibc/ glibc-2.5-58.el5_6.2.6.sl5 Thanks Troy Dawson -- __________________________________________________ Troy Dawson [email protected] (630)840-6468 Fermilab ComputingDivision/LCSI/CSI DSS Group __________________________________________________ ----- End forwarded message ----- -- Keith Lofstrom [email protected] Voice (503)-520-1993 KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon" Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
