Download
| Alert*
oval:org.secpod.oval:def:1600880
Fragmentation attacks possible when EDNS0 is enabledThe DNS stub resolver in the GNU C Library before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation.Buffer overflow in glob ... oval:org.secpod.oval:def:89002331 This update for glibc fixes the following issues: Security issues: - CVE-2017-8804: Fix memory leak after deserialization failure in xdr_bytes, xdr_string - CVE-2017-12132: Reduce EDNS payload size to 1200 bytes - CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign and malloc f ... oval:org.secpod.oval:def:502266 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: realpath buffer underflow w ... oval:org.secpod.oval:def:1502176 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2001392 The DNS stub resolver in the GNU C Library before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation. oval:org.secpod.oval:def:1900219 The DNS stub resolver in the GNU C Library before version 2.26, when EDNS support is enabled, will solicit large UDP responses from name servers, potentially simplifying off-path DNS spoofing attacks due to IP fragmentation. oval:org.secpod.oval:def:89002577 This update for glibc fixes the following issues: Security issues fixed: - CVE-2017-8804: Fix memory leak after deserialization failure in xdr_bytes, xdr_string - CVE-2017-12132: Reduce EDNS payload size to 1200 bytes - CVE-2018-6485,CVE-2018-6551: Fix integer overflows in internal memalign and ma ... oval:org.secpod.oval:def:204790 The glibc packages provide the standard C libraries , POSIX thread libraries , standard math libraries , and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: * glibc: realpath buffer underflow w ... oval:org.secpod.oval:def:113077 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... |