安全公告详情

NS-SA-2022-0042

2022-05-08 20:18:47

简介

important: glibc/libX11 security update

严重级别

important

主题

An update for glibc/libX11 is now available for NewStart CGSL MAIN 5.05/CGSL CORE 5.05.
NewStart Security has rated this update as having a security impact of important. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.

详细描述

glibc: Nscd caches name service lookups and can dramatically improve performance with NIS+, and may help with DNS as well.
libX11: Core X11 protocol client library.


Security Fix(es):
glibc: An integer overflow flaw was found in glibc that may result in reading of arbitrary memory when wordexp is used with a specially crafted untrusted regular expression input.(CVE-2021-35942)
glibc: bugfix
libX11: A missing validation flaw was found in libX11. This flaw allows an attacker to inject X11 protocol commands on X clients, and in some cases, also bypass, authenticate (via injection of control characters), or potentially execute arbitrary code with permissions of the application compiled with libX11. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.(CVE-2021-31535)
libX11: bugfix


Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.05.F14B4.

影响组件

  • glibc
  • libX11

影响产品

  • CGSL MAIN 5.05
  • CGSL CORE 5.05

更新包

{"fix":[{"product":"CGSL MAIN 5.05","pkgs":[{"binary":["glibc-headers-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm","glibc-common-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm","glibc-debuginfo-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm","glibc-debuginfo-common-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm","glibc-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm","glibc-utils-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm","glibc-static-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm","glibc-devel-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm","nscd-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.x86_64.rpm"],"source":"glibc-2.17-322.el7_9.cgslv5_5.0.4.gef82d43.src.rpm"},{"binary":["libX11-1.6.7-4.el7_9.x86_64.rpm","libX11-common-1.6.7-4.el7_9.noarch.rpm","libX11-devel-1.6.7-4.el7_9.x86_64.rpm","libX11-debuginfo-1.6.7-4.el7_9.x86_64.rpm"],"source":"libX11-1.6.7-4.el7_9.src.rpm"}]},{"product":"CGSL CORE 5.05","pkgs":[{"binary":["glibc-utils-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-debuginfo-common-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-debuginfo-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-lang-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-headers-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-static-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-common-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-i18n-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-tools-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-locale-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-devel-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","glibc-iconv-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm","nscd-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.x86_64.rpm"],"source":"glibc-2.17-322.el7_9.cgslv5_5.0.9.g3179b16.lite.src.rpm"},{"binary":["libX11-1.6.7-4.el7_9.x86_64.rpm","libX11-common-1.6.7-4.el7_9.noarch.rpm","libX11-devel-1.6.7-4.el7_9.x86_64.rpm","libX11-debuginfo-1.6.7-4.el7_9.x86_64.rpm"],"source":"libX11-1.6.7-4.el7_9.src.rpm"}]}]}

CVE

参考