• info
• discussion
• exploit
• solution
• references

Multiple Vendor Locale Subsystem Format String Vulnerability

Solution:
Current information:

ImmunixOS:

http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/usermode-1.36-2.6.x_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/SysVinit-2.78-5_StackGuard.i386.rpm

or

http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/usermode-1.36-2.6.x_StackGuard.src.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/SysVinit-2.78-5_StackGuard.src.rpm

CONECTIVA LINUX:

DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES

ftp://atualizacoes.conectiva.com.br/4.0/SRPMS/glibc-2.1.2-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-devel-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/glibc-profile-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0/i386/nscd-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/SRPMS/glibc-2.1.2-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-devel-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/glibc-profile-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.0es/i386/nscd-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/glibc-2.1.2-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-devel-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/glibc-profile-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.1/i386/nscd-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/glibc-2.1.2-13cl.src.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-devel-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/glibc-profile-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/4.2/i386/nscd-2.1.2-13cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/glibc-2.1.3-9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-devel-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/glibc-profile-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.0/i386/nscd-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/glibc-2.1.3-9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-devel-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/glibc-profile-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/5.1/i386/nscd-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/glibc-2.1.3-9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-devel-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/glibc-profile-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/nscd-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/glibc-2.1.3-9cl.src.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-devel-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/glibc-profile-2.1.3-9cl.i386.rpm
ftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/nscd-2.1.3-9cl.i386.rpm

Debian GNU/Linux 2.2 alias potato
- ------------------------------------

Potato was released for the alpha, arm, i386, m68k, powerpc and sparc
architectures. At this moment packages for m68k are not yet
available. As soon as they are ready we will put them online and
list them on the security pages at http://security.debian.org/.

Source archives:
http://security.debian.org/dists/stable/updates/main/source/glibc_2.1.3-13.diff.gz
MD5 checksum: 70fcaf79c3c1e84c6bb18c579784b062
http://security.debian.org/dists/stable/updates/main/source/glibc_2.1.3-13.dsc
MD5 checksum: fd82c79e94f4adfacad7ac7e10a82850
http://security.debian.org/dists/stable/updates/main/source/glibc_2.1.3.orig.tar.gz
MD5 checksum: aea1bb5c28f793013153d1b8f91eb746

Architecture indendent archives:
http://security.debian.org/dists/stable/updates/main/binary-all/glibc-doc_2.1.3-13_all.deb
MD5 checksum: 715d058a21da37459873fa9810f8ac80
http://security.debian.org/dists/stable/updates/main/binary-all/i18ndata_2.1.3-13_all.deb
MD5 checksum: 6c90c6b465428d76ed7292258f11b5b6

Alpha architecture:
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1-dbg_2.1.3-13_alpha.deb
MD5 checksum: 9b3766a8c636e0475eb1123227d6efd5
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1-dev_2.1.3-13_alpha.deb
MD5 checksum: cee532947e5169b21309ac8a2175e28c
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1-pic_2.1.3-13_alpha.deb
MD5 checksum: 34bdaa22187f7fb28bde26980f288663
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1-prof_2.1.3-13_alpha.deb
MD5 checksum: 9caab3a0d2965defc917a3f7d639cb67
http://security.debian.org/dists/stable/updates/main/binary-alpha/libc6.1_2.1.3-13_alpha.deb
MD5 checksum: bd80fa7df7b35298b03fa86ed4eddb58
http://security.debian.org/dists/stable/updates/main/binary-alpha/libnss1-compat_2.1.3-13_alpha.deb
MD5 checksum: ffa9525ee030d7d1314db3b052e5df1f
http://security.debian.org/dists/stable/updates/main/binary-alpha/locales_2.1.3-13_alpha.deb
MD5 checksum: a2b2b33cf960cf826edc3aa5387e7d27
http://security.debian.org/dists/stable/updates/main/binary-alpha/nscd_2.1.3-13_alpha.deb
MD5 checksum: ed04bda8579a4ec939e8ee09942f7b1f

ARM architecture:
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6-dbg_2.1.3-13_arm.deb
MD5 checksum: da2b951b1ffe58526e5c9a032ef5f73c
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6-dev_2.1.3-13_arm.deb
MD5 checksum: 771857d6aab61fc88da0c8e740421690
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6-pic_2.1.3-13_arm.deb
MD5 checksum: 63d85ff2300b43fd1dc5617b09bbd213
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6-prof_2.1.3-13_arm.deb
MD5 checksum: 8584f4af0aa50edf32a447efd0a31c65
http://security.debian.org/dists/stable/updates/main/binary-arm/libc6_2.1.3-13_arm.deb
MD5 checksum: 15364347a059937f66c73fcf08d1dd46
http://security.debian.org/dists/stable/updates/main/binary-arm/locales_2.1.3-13_arm.deb
MD5 checksum: 4d0d0f3138e6f7634079deebc010a239
http://security.debian.org/dists/stable/updates/main/binary-arm/nscd_2.1.3-13_arm.deb
MD5 checksum: da07801bb41e66e753999b1b2d932084

Intel ia32 architecture:
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6-dbg_2.1.3-13_i386.deb
MD5 checksum: 5f807f96733f5e20f5b96c41db83b213
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6-dev_2.1.3-13_i386.deb
MD5 checksum: 706320b902f75df49648807260cfbedc
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6-pic_2.1.3-13_i386.deb
MD5 checksum: 640caa2b950660108554aa775222c753
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6-prof_2.1.3-13_i386.deb
MD5 checksum: d63917ecf3baffefef63f3192d92c0d3
http://security.debian.org/dists/stable/updates/main/binary-i386/libc6_2.1.3-13_i386.deb
MD5 checksum: 4fa5f5586c96ac8e77519324326268af
http://security.debian.org/dists/stable/updates/main/binary-i386/libnss1-compat_2.1.3-13_i386.deb
MD5 checksum: 5a0ba8bfdd1909f1b999b672761c23ad
http://security.debian.org/dists/stable/updates/main/binary-i386/locales_2.1.3-13_i386.deb
MD5 checksum: ba677879a912e15d72abac4026c0385f
http://security.debian.org/dists/stable/updates/main/binary-i386/nscd_2.1.3-13_i386.deb
MD5 checksum: ae98fbe3e00aa8be3700622e7d84ff2b

PowerPC architecture:
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6-dbg_2.1.3-13_powerpc.deb
MD5 checksum: 555aad39f66aacd796a770a0a03016be
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6-dev_2.1.3-13_powerpc.deb
MD5 checksum: 4fbd5aefb34c2081dc1e7f0e02ff5ae7
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6-pic_2.1.3-13_powerpc.deb
MD5 checksum: 7056a4bade2e2826a440c5308217b6f2
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6-prof_2.1.3-13_powerpc.deb
MD5 checksum: ec364dba9a60cd0a030549a1b9a17389
http://security.debian.org/dists/stable/updates/main/binary-powerpc/libc6_2.1.3-13_powerpc.deb
MD5 checksum: cfc05198b7db0184543170d98c43d415
http://security.debian.org/dists/stable/updates/main/binary-powerpc/locales_2.1.3-13_powerpc.deb
MD5 checksum: 572422ea41d70bec2e4fb2c979f539b8
http://security.debian.org/dists/stable/updates/main/binary-powerpc/nscd_2.1.3-13_powerpc.deb
MD5 checksum: e4875824d6e56fb71bec517368643e07

Sun Sparc architecture:
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6-dbg_2.1.3-13_sparc.deb
MD5 checksum: a6ce8fc46495d37666fc3ffa41c928ec
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6-dev_2.1.3-13_sparc.deb
MD5 checksum: 0450318920b99f6f9f2f11b7c1c6ffe2
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6-pic_2.1.3-13_sparc.deb
MD5 checksum: 8c47c80ded91aba75127da261821a92a
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6-prof_2.1.3-13_sparc.deb
MD5 checksum: f48e298dbf9bda280dd3deb0f32b1796
http://security.debian.org/dists/stable/updates/main/binary-sparc/libc6_2.1.3-13_sparc.deb
MD5 checksum: 27df020bfceab1c066477cc9150d22c2
http://security.debian.org/dists/stable/updates/main/binary-sparc/locales_2.1.3-13_sparc.deb
MD5 checksum: 9358612ba28d43d1a101715eeafce758
http://security.debian.org/dists/stable/updates/main/binary-sparc/nscd_2.1.3-13_sparc.deb
MD5 checksum: f86593fd83626b59d0675323dbdc698f

For not yet released architectures please refer to the appropriate
directory ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .

REDHAT LINUX:

Red Hat Linux 6.0:

sparc:
ftp://updates.redhat.com/6.0/sparc/usermode-1.37-1.6.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/SysVinit-2.78-5.sparc.rpm

i386:
ftp://updates.redhat.com/6.0/i386/usermode-1.37-1.6.i386.rpm
ftp://updates.redhat.com/6.0/i386/SysVinit-2.78-5.i386.rpm

alpha:
ftp://updates.redhat.com/6.0/alpha/usermode-1.37-1.6.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/SysVinit-2.78-5.alpha.rpm

sources:
ftp://updates.redhat.com/6.0/SRPMS/usermode-1.37-1.6.src.rpm
ftp://updates.redhat.com/6.0/SRPMS/SysVinit-2.78-5.src.rpm

Red Hat Linux 6.1:

alpha:
ftp://updates.redhat.com/6.1/alpha/usermode-1.37-1.6.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/SysVinit-2.78-5.alpha.rpm

sparc:
ftp://updates.redhat.com/6.1/sparc/usermode-1.37-1.6.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/SysVinit-2.78-5.sparc.rpm

i386:
ftp://updates.redhat.com/6.1/i386/usermode-1.37-1.6.i386.rpm
ftp://updates.redhat.com/6.1/i386/SysVinit-2.78-5.i386.rpm

sources:
ftp://updates.redhat.com/6.1/SRPMS/usermode-1.37-1.6.src.rpm
ftp://updates.redhat.com/6.1/SRPMS/SysVinit-2.78-5.src.rpm

Red Hat Linux 6.2:

alpha:
ftp://updates.redhat.com/6.2/alpha/usermode-1.37-1.6.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/SysVinit-2.78-5.alpha.rpm

sparc:
ftp://updates.redhat.com/6.2/sparc/usermode-1.37-1.6.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/SysVinit-2.78-5.sparc.rpm

i386:
ftp://updates.redhat.com/6.2/i386/usermode-1.37-1.6.i386.rpm
ftp://updates.redhat.com/6.2/i386/SysVinit-2.78-5.i386.rpm

sources:
ftp://updates.redhat.com/6.2/SRPMS/usermode-1.37-1.6.src.rpm
ftp://updates.redhat.com/6.2/SRPMS/SysVinit-2.78-5.src.rpm

Red Hat Linux 7.0:

alpha:
ftp://updates.redhat.com/7.0/alpha/usermode-1.37-2.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/i386/usermode-1.37-2.i386.rpm

sources:
ftp://updates.redhat.com/7.0/SRPMS/usermode-1.37-2.src.rpm

7. Verification:

MD5 sum Package Name
--------------------------------------------------------------------------
3310677ae7403c683e7947cd86b19344 6.0/SRPMS/SysVinit-2.78-5.src.rpm
e299c4b17b7eafdf66acf1fb21491d9b 6.0/SRPMS/usermode-1.37-1.6.src.rpm
546bf7949c5be73b9f28b1819bfbd7c6 6.0/alpha/SysVinit-2.78-5.alpha.rpm
978af994a09fcbc4bf1cb2fa2723bfe7 6.0/alpha/usermode-1.37-1.6.alpha.rpm
ca5b97a1abb47b64d71ef69ab96fcb8a 6.0/i386/SysVinit-2.78-5.i386.rpm
e8fe2db6f95348a93a373673b1c87443 6.0/i386/usermode-1.37-1.6.i386.rpm
4dfeacb8db12af4b2666f2792e1027c1 6.0/sparc/SysVinit-2.78-5.sparc.rpm
ba94a59a3a8195346735f202f28af3f8 6.0/sparc/usermode-1.37-1.6.sparc.rpm
3310677ae7403c683e7947cd86b19344 6.1/SRPMS/SysVinit-2.78-5.src.rpm
e299c4b17b7eafdf66acf1fb21491d9b 6.1/SRPMS/usermode-1.37-1.6.src.rpm
546bf7949c5be73b9f28b1819bfbd7c6 6.1/alpha/SysVinit-2.78-5.alpha.rpm
978af994a09fcbc4bf1cb2fa2723bfe7 6.1/alpha/usermode-1.37-1.6.alpha.rpm
ca5b97a1abb47b64d71ef69ab96fcb8a 6.1/i386/SysVinit-2.78-5.i386.rpm
e8fe2db6f95348a93a373673b1c87443 6.1/i386/usermode-1.37-1.6.i386.rpm
4dfeacb8db12af4b2666f2792e1027c1 6.1/sparc/SysVinit-2.78-5.sparc.rpm
ba94a59a3a8195346735f202f28af3f8 6.1/sparc/usermode-1.37-1.6.sparc.rpm
3310677ae7403c683e7947cd86b19344 6.2/SRPMS/SysVinit-2.78-5.src.rpm
e299c4b17b7eafdf66acf1fb21491d9b 6.2/SRPMS/usermode-1.37-1.6.src.rpm
546bf7949c5be73b9f28b1819bfbd7c6 6.2/alpha/SysVinit-2.78-5.alpha.rpm
978af994a09fcbc4bf1cb2fa2723bfe7 6.2/alpha/usermode-1.37-1.6.alpha.rpm
ca5b97a1abb47b64d71ef69ab96fcb8a 6.2/i386/SysVinit-2.78-5.i386.rpm
e8fe2db6f95348a93a373673b1c87443 6.2/i386/usermode-1.37-1.6.i386.rpm
4dfeacb8db12af4b2666f2792e1027c1 6.2/sparc/SysVinit-2.78-5.sparc.rpm
ba94a59a3a8195346735f202f28af3f8 6.2/sparc/usermode-1.37-1.6.sparc.rpm
ede9b759a01552a261c67ebf0238794a 7.0/SRPMS/usermode-1.37-2.src.rpm
6cd3999fa6015fcf301b502d4a416373 7.0/alpha/usermode-1.37-2.alpha.rpm
c32888b6f362b04f8a3805d4465c042a 7.0/i386/usermode-1.37-2.i386.rpm

CALDERA:

Location of Fixed Packages

The upgrade packages can be found on Caldera's FTP site at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/RPMS/

The corresponding source code package can be found at:
ftp://ftp.calderasystems.com/pub/updates/OpenLinux/2.3/current/SRPMS

Verification:

9509340276c43bdcbeee2d95e82b9d03 RPMS/glibc-2.1.1-3.i386.rpm
e7d4b0f9db9b92af32b224d7e1b83511 RPMS/glibc-devel-2.1.1-3.i386.rpm
b2fac2bcf6e961d7fc5f4071be2cd934 RPMS/glibc-devel-static-2.1.1-3.i386.rpm
3883f85e36804e8a25f5c8f1d5644a18 RPMS/glibc-localedata-2.1.1-3.i386.rpm
8c155c6564b725d09c9c2b4109212774 SRPMS/glibc-2.1.1-3.src.rpm

SLACKWARE:

ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/a1/glibcso.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/d1/glibc.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-current/slakware/des1/descrypt.tgz

SuSE:

i386 Intel Platform:

SuSE-7.0

ftp://ftp.suse.com/pub/suse/i386/update/7.0/a1/shlibs-2.1.3-154.i386.rpm
753176172ebf628c6567c70a9b950933
ftp://ftp.suse.com/pub/suse/i386/update/7.0/d1/libc-2.1.3-154.i386.rpm
0f0696fc359cdb7b13f40a52d6676f09
ftp://ftp.suse.com/pub/suse/i386/update/7.0/d2/libd-2.1.3-154.i386.rpm
4ca3268f91a9294313cf871e9f7cb8b8
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/7.0/zq1/libc-2.1.3-154.src.rpm
a6af3232fe6d474d6309c68469c126ec

SuSE-6.4

ftp://ftp.suse.com/pub/suse/i386/update/6.4/a1/shlibs-2.1.3-154.i386.rpm
150dcb3854b066c021c396b4a0fe25e6
ftp://ftp.suse.com/pub/suse/i386/update/6.4/d1/libc-2.1.3-154.i386.rpm
75c9aef75d6e7e4b196c21bb500d00e0
ftp://ftp.suse.com/pub/suse/i386/update/6.4/d2/libd-2.1.3-154.i386.rpm
47fff508b0b67a82356361aa23c8beae
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.4/zq1/libc-2.1.3-154.src.rpm
bfeaa4e15ecbe1fea986b710152b5fec

SuSE-6.3

ftp://ftp.suse.com/pub/suse/i386/update/6.3/a1/shlibs-2.1.2-47.i386.rpm
8e88f237414a4d8f96131b17267b4d53
ftp://ftp.suse.com/pub/suse/i386/update/6.3/d1/libc-2.1.2-47.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/6.3/d2/libd-2.1.2-47.i386.rpm
8728db143b6393a261aa9060d9321345
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/zq1/libc-2.1.2-47.src.rpm
eea1810dceafe5e7f77b4b5137829834

SuSE-6.2

ftp://ftp.suse.com/pub/suse/i386/update/6.2/a1/shlibs-2.1.1-29.i386.rpm
78360eddc58f3897a14327d2fa214191
ftp://ftp.suse.com/pub/suse/i386/update/6.2/d1/libc-2.1.1-29.i386.rpm
456cad1d8034d40ebbf8337d1308c4de
ftp://ftp.suse.com/pub/suse/i386/update/6.2/d2/libd-2.1.1-29.i386.rpm
6dccdf557c6d329b40238a1644368564
source rpm:
ftp://ftp.suse.com/pub/suse/i386/update/6.2/zq1/libc-2.1.1-29.src.rpm
cec489c212826cb2dcc65a602da61da3

SuSE-6.1

ftp://ftp.suse.com/pub/suse/i386/update/6.1/a1/shlibs-2000.9.5-0.i386.rpm
7a272e7f15fd2dec69401d4c788de015

ftp://ftp.suse.com/pub/suse/i386/update/6.1/d1/libc-2000.9.5-0.i386.rpm
c748944bbe8a55f69478e6ef0bda843a

ftp://ftp.suse.com/pub/suse/i386/update/6.1/d2/libd-2000.9.5-0.i386.rpm
7fce2e2e41b62dc985e48ee31f6dac1c
source rpm:

ftp://ftp.suse.com/pub/suse/i386/update/6.1/zq1/libc-2000.9.5-0.src.rpm
77fa60f5a3a10e02460bd1960b1f78f6
Please use the packages from the SuSE-6.1 directory for SuSE-6.0!

Sparc Platform:

SuSE-7.0:

ftp://ftp.suse.com/pub/suse/sparc/update/7.0/a1/shlibs-2.1.3-154.sparc.rpm
1563171d7ee17a3048500afd4424927d

ftp://ftp.suse.com/pub/suse/sparc/update/7.0/d1/libc-2.1.3-154.sparc.rpm
a907fbb3e5e48664cadb6b75570e15b2

ftp://ftp.suse.com/pub/suse/sparc/update/7.0/d2/libd-2.1.3-154.sparc.rpm
f60071e3a497e3af48078338b3bd6610
source rpm:

ftp://ftp.suse.com/pub/suse/sparc/update/7.0/zq1/libc-2.1.3-154.src.rpm
690a34f9ddb6bd6edf41a07d5fba0ad4

AXP Alpha Platform:

SuSE-6.4

ftp://ftp.suse.com/pub/suse/axp/update/6.4/a1/shlibs-2.1.3-154.alpha.rpm
d08a782d1dc1cc406b2141727295befe
ftp://ftp.suse.com/pub/suse/axp/update/6.4/d1/libc-2.1.3-154.alpha.rpm
730c9b3c98f9d243c09ce41c5c4240a5
ftp://ftp.suse.com/pub/suse/axp/update/6.4/d2/libd-2.1.3-154.alpha.rpm
0c2ba3d11a42d84f48b1ee79a15e36b2
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.4/zq1/libc-2.1.3-154.src.rpm
a5f2a207c6f8b179bbd91cea9c96711d

SuSE-6.3

ftp://ftp.suse.com/pub/suse/axp/update/6.3/a1/shlibs-2.1.2-47.alpha.rpm
afc0ac7f3db066702fbd19bfaa216751
ftp://ftp.suse.com/pub/suse/axp/update/6.3/d1/libc-2.1.2-47.alpha.rpm
ftp://ftp.suse.com/pub/suse/axp/update/6.3/d1/libc-2.1.2-47.alpha.rpm
3530ef711231a5b378d14fe70e2971f6
ftp://ftp.suse.com/pub/suse/axp/update/6.3/d2/libd-2.1.2-47.alpha.rpm
5836a7a1557046b0c3498b7dec1ee436
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.3/zq1/libc-2.1.2-47.src.rpm
0100769ad09d68563a7540ba73c826d7

SuSE-6.1

ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/shlibs-2000.9.5-0.alpha.rpm
64c59dcb13069293694faf845446463e

ftp://ftp.suse.com/pub/suse/axp/update/6.1/d1/libc-2000.9.5-0.alpha.rpm
2b8df961dcfb42933cdf298f9229cffd

ftp://ftp.suse.com/pub/suse/axp/update/6.1/d2/libd-2000.9.5-0.alpha.rpm
75dd4bcfb0bf2cc64fe8dd5bfc4a69f0
source rpm:
ftp://ftp.suse.com/pub/suse/axp/update/6.1/zq1/libc-2000.9.5-0.src.rpm
11871baa8279f8c0c79f6c9d95ca531c

PPC Power PC Platform:

SuSE-6.4
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/a1/shlibs-2.1.3-154.ppc.rpm
8565cd463e4fbbccc39aa96f1eefdc70
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/d1/libc-2.1.3-154.ppc.rpm
987ed3d338fb7c42083cf6dd2057ce0b
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/d2/libd-2.1.3-154.ppc.rpm
a212f188cf31d55c2016236d2c313cf4
source rpm:
ftp://ftp.suse.com/pub/suse/ppc/update/6.4/zq1/libc-2.1.3-154.src.rpm
401b4f2f306a065fb04edd89cd153364

MANDRAKE:

Please verify these md5 checksums of the updates prior to upgrading to
ensure the integrity of the downloaded package. You can do this by
running the md5sum program on the downloaded package by using
"md5sum package.rpm".

Linux-Mandrake 7.0:
05e57344e0141d4f5085f78155b58b66 7.0/RPMS/glibc-2.1.3-16mdk.i586.rpm
284ee4868af286469169a4a6605d3172 7.0/RPMS/glibc-devel-2.1.3-16mdk.i586.rpm
114c605878c338ed36aabe9b673cd4fd 7.0/RPMS/glibc-profile-2.1.3-16mdk.i586.r=
pm
1f263ca77795b93b54e0af5644149407 7.0/SRPMS/glibc-2.1.3-16mdk.src.rpm

Linux-Mandrake 7.1:
f34a2988c60b32baeef205c0a0586b8e 7.1/RPMS/glibc-2.1.3-17mdk.i586.rpm
28c96de9e746eb0c7b3bcc0c58728fd9 7.1/RPMS/glibc-devel-2.1.3-17mdk.i586.rpm
27805991e31882d827bb032453fd5f16 7.1/RPMS/glibc-profile-2.1.3-17mdk.i586.r=
pm
eec3d0d92b216e0a47bc4909b6fbdfaf 7.1/SRPMS/glibc-2.1.3-17mdk.src.rpm
________________________________________________________________________

To upgrade automatically, use =AB MandrakeUpdate =BB. =20

If you want to upgrade manually, download the updated package from one=20
of our FTP server mirrors and uprade with "rpm -Uvh package_name". =20

You can download the updates directly from:
ftp://ftp.linux.tucows.com/pub/distributions/Mandrake/Mandrake/updates
ftp://ftp.free.fr/pub/Distributions_Linux/Mandrake/updates

TRUSTIX:

The new packages are:
glibc-2.1.3-10tr.i586.rpm
glibc-devel-2.1.3-10tr.i586.rpm
glibc-profile-2.1.3-10tr.i586.rpm
nscd-2.1.3-10tr.i586.rpm

URL:
ftp://ftp.trustix.com/pub/Trustix/updates/1.1/RPMS/

TURBOLINUX:

Update the packages from our ftp server by running the following command
for each package:

rpm -Uvh --nodeps --Force ftp_path_to_filename

Where ftp_path_to_filename is the following:

for 6.0.4 and up (glibc-2.1.2-17):
ftp://ftp.turbolinux.com/pub/updates/6.0/glibc-2.1.2-17S.i386.rpm

for 6.0 - 6.0.2 (glibc-2.1.2-15):
ftp://ftp.turbolinux.com/pub/updates/6.0/glibc-2.1.2-15S.i386.rpm

The source RPMs can be downloaded here:

for 6.0.4 and up (glibc-2.1.2-17):
ftp://ftp.turbolinux.com/pub/updates/6.0/SRPMS/glibc-2.1.2-17S.src.rpm

for 6.0 - 6.0.2 (glibc-2.1.2-15):
ftp://ftp.turbolinux.com/pub/updates/6.0/SRPMS/glibc-2.1.2-15S.src.rpm

**Note: You must rebuild and install the RPM if you choose to download
and install the SRPM. Simply installing the SRPM alone WILL NOT CLOSE
THE SECURITY HOLE.
To find a mirror closer to you, check:
http://www.trustix.net/mirrors.php3

For your own safety, remember to check the package signatures with
"rpm --checksig filename.rpm" before installing.

RedHat has released updated packages for Userhelper:

Red Hat Linux 6.0:

sparc:
ftp://updates.redhat.com/6.0/sparc/usermode-1.37-1.6.sparc.rpm
ftp://updates.redhat.com/6.0/sparc/SysVinit-2.78-5.sparc.rpm

i386:
ftp://updates.redhat.com/6.0/i386/usermode-1.37-1.6.i386.rpm
ftp://updates.redhat.com/6.0/i386/SysVinit-2.78-5.i386.rpm

alpha:
ftp://updates.redhat.com/6.0/alpha/usermode-1.37-1.6.alpha.rpm
ftp://updates.redhat.com/6.0/alpha/SysVinit-2.78-5.alpha.rpm

sources:
ftp://updates.redhat.com/6.0/SRPMS/usermode-1.37-1.6.src.rpm
ftp://updates.redhat.com/6.0/SRPMS/SysVinit-2.78-5.src.rpm

Red Hat Linux 6.1:

alpha:
ftp://updates.redhat.com/6.1/alpha/usermode-1.37-1.6.alpha.rpm
ftp://updates.redhat.com/6.1/alpha/SysVinit-2.78-5.alpha.rpm

sparc:
ftp://updates.redhat.com/6.1/sparc/usermode-1.37-1.6.sparc.rpm
ftp://updates.redhat.com/6.1/sparc/SysVinit-2.78-5.sparc.rpm

i386:
ftp://updates.redhat.com/6.1/i386/usermode-1.37-1.6.i386.rpm
ftp://updates.redhat.com/6.1/i386/SysVinit-2.78-5.i386.rpm

sources:
ftp://updates.redhat.com/6.1/SRPMS/usermode-1.37-1.6.src.rpm
ftp://updates.redhat.com/6.1/SRPMS/SysVinit-2.78-5.src.rpm

Red Hat Linux 6.2:

alpha:
ftp://updates.redhat.com/6.2/alpha/usermode-1.37-1.6.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/SysVinit-2.78-5.alpha.rpm

sparc:
ftp://updates.redhat.com/6.2/sparc/usermode-1.37-1.6.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/SysVinit-2.78-5.sparc.rpm

i386:
ftp://updates.redhat.com/6.2/i386/usermode-1.37-1.6.i386.rpm
ftp://updates.redhat.com/6.2/i386/SysVinit-2.78-5.i386.rpm

sources:
ftp://updates.redhat.com/6.2/SRPMS/usermode-1.37-1.6.src.rpm
ftp://updates.redhat.com/6.2/SRPMS/SysVinit-2.78-5.src.rpm

Red Hat Linux 7.0:

i386:
ftp://updates.redhat.com/7.0/i386/usermode-1.37-2.i386.rpm

sources:
ftp://updates.redhat.com/7.0/SRPMS/usermode-1.37-2.src.rpm


IBM AIX 4.3

• IBM libc_43Sgold_efixes
  ftp://ftp.software.ibm.com/aix/efixes/security/libc_43Sgold_efixes.tar .Z


• IBM locale_format_efix
  ftp://ftp.software.ibm.com/aix/efixes/security/locale_format_efix.tar. Z


• IBM IY12541
  http://techsupport.services.ibm.com/rs6k/fixes.html

IBM AIX 4.3.1

• IBM libc_43Sgold_efixes
  ftp://ftp.software.ibm.com/aix/efixes/security/libc_43Sgold_efixes.tar .Z


• IBM locale_format_efix
  ftp://ftp.software.ibm.com/aix/efixes/security/locale_format_efix.tar. Z


• IBM IY12541
  http://techsupport.services.ibm.com/rs6k/fixes.html

IBM AIX 4.3.2

• IBM libc_43Sgold_efixes
  ftp://ftp.software.ibm.com/aix/efixes/security/libc_43Sgold_efixes.tar .Z


• IBM locale_format_efix
  ftp://ftp.software.ibm.com/aix/efixes/security/locale_format_efix.tar. Z


• IBM IY12541
  http://techsupport.services.ibm.com/rs6k/fixes.html