openSUSE Security Update: glibc: Security update to fix security problems ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0912-1 Rating: important References: #572188 #646960 Cross-References: CVE-2010-3847 CVE-2010-3856 Affected Products: openSUSE 11.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update of glibc fixes two bugs and security issues: CVE-2010-3847: Decoding of the $ORIGIN special value in various LD_ environment variables allowed local attackers to execute code in context of e.g. setuid root programs, elevating privileges. This issue does not affect SUSE as an assertion triggers before the respective code is executed. The bug was fixed nevertheless. CVE-2010-3856: The LD_AUDIT environment was not pruned during setuid root execution and could load shared libraries from standard system library paths. This could be used by local attackers to inject code into setuid root programs and so elevated privileges. Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.3: zypper in -t patch glibc-3401 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.3 (i586 i686 x86_64): glibc-2.11.2-3.3.1 glibc-devel-2.11.2-3.3.1 - openSUSE 11.3 (i586 x86_64): glibc-html-2.11.2-3.3.1 glibc-i18ndata-2.11.2-3.3.1 glibc-info-2.11.2-3.3.1 glibc-locale-2.11.2-3.3.1 glibc-obsolete-2.11.2-3.3.1 glibc-profile-2.11.2-3.3.1 nscd-2.11.2-3.3.1 - openSUSE 11.3 (x86_64): glibc-32bit-2.11.2-3.3.1 glibc-devel-32bit-2.11.2-3.3.1 glibc-locale-32bit-2.11.2-3.3.1 glibc-profile-32bit-2.11.2-3.3.1 References: http://support.novell.com/security/cve/CVE-2010-3847.html http://support.novell.com/security/cve/CVE-2010-3856.html https://bugzilla.novell.com/572188 https://bugzilla.novell.com/646960