-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2003-23
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 アナウンス日 : 2003/03/28
 最終更新日   : 2003/03/28

 パッケージ名 : glibc

 タイトル : Sun RPC XDR ライブラリに整数オーバーフローの脆弱性

 概要 : Sun RPC の実装に用いられている XDR ライブラリ xdrmem_getbytes 関数には、
      整数オーバーフローの脆弱性が存在します。

 影響 : 遠隔から任意のコードを実行される可能性があります。

 影響製品 :

    - Turbolinux 8 Server
    - Turbolinux 8 Workstation
    - Turbolinux 7 Server
    - Turbolinux 7 Workstation
    - Turbolinux Server 6.5
    - Turbolinux Advanced Server 6
    - Turbolinux Server 6.1
    - Turbolinux Workstation 6.0

 対策方法 : 下記パッケージにアップデートを行って下さい。
          アップデートはturbopkgコマンドを使用して行ってください。


 <Turbolinux 8 Server>

   Source Packages
   Size : MD5

   glibc-2.2.5-15.src.rpm
     15680916 6f7f7ba0e9bf31283a66b870658f2fa7

   Binary Packages
   Size : MD5

   glibc-2.2.5-15.i586.rpm
     10944237 4651b5b80519a0066612638ad0494000
   glibc-devel-2.2.5-15.i586.rpm
      3087367 d4d7e56d6366729b6b0044451c427bdf
   glibc-profile-2.2.5-15.i586.rpm
       793332 c60246664dd7bb3dca8eb5c8657bee27
   mtrace-2.2.5-15.i586.rpm
        26102 7e9f5d294b1db6d98a470938eb9d98e2
   nscd-2.2.5-15.i586.rpm
        32932 b819a9db711914561e264ad68c5bb720

 <Turbolinux 8 Workstation>

   Source Packages
   Size : MD5

   glibc-2.2.5-15.src.rpm
     15680916 881474fdce8f5eab24e0ee96369c274a

   Binary Packages
   Size : MD5

   glibc-2.2.5-15.i586.rpm
     10942648 6b4007d6f77f417f3f78f37a40230f02
   glibc-devel-2.2.5-15.i586.rpm
      3087695 c871c620acc0814d00aac346e3d6bc1c
   glibc-profile-2.2.5-15.i586.rpm
       793181 cb947716dc9510a19d266aafac84fbee
   mtrace-2.2.5-15.i586.rpm
        26106 506f2007872a42e90ab35469ad747efc
   nscd-2.2.5-15.i586.rpm
        32951 b5dbc82a7eacd0ce8dfb528dc42f9b66

 <Turbolinux 7 Server>

   Source Packages
   Size : MD5

   glibc-2.2.4-12.src.rpm
     13581701 1959acec8515595b19946fdce08cd5fb

   Binary Packages
   Size : MD5

   glibc-2.2.4-12.i586.rpm
     11325787 6596b7248dd821effc59b81630252dd4
   glibc-devel-2.2.4-12.i586.rpm
      6294443 0378c8c390b73768229527d18a175103
   glibc-profile-2.2.4-12.i586.rpm
      4126248 43c175c31e1eb5db45209f640140358a
   mtrace-2.2.4-12.i586.rpm
        15301 fdb5d7d63008d1a8467f2e54cf43a337
   nscd-2.2.4-12.i586.rpm
        31149 b0fdb387cc1e1f3a71df3679e633a31e

 <Turbolinux 7 Workstation>

   Source Packages
   Size : MD5

   glibc-2.2.4-12.src.rpm
     13581701 292bb85a837a8b84eee15d399ac35d48

   Binary Packages
   Size : MD5

   glibc-2.2.4-12.i586.rpm
     11325214 afa7401d8df27ec8a29bbb35ee08d337
   glibc-devel-2.2.4-12.i586.rpm
      6295152 bd8028d5aecf9d36555fc965b7cbaf3e
   glibc-profile-2.2.4-12.i586.rpm
      4126139 7e43d55e61f633341a8413aa214bfc58
   mtrace-2.2.4-12.i586.rpm
        15307 89a2d72f8249ce36a848e872abdba994
   nscd-2.2.4-12.i586.rpm
        31153 79969aaf85c83222c3a0480495836ea2

 <Turbolinux Server 6.5>

   Source Packages
   Size : MD5

   glibc-2.1.3-37.src.rpm
      7421334 bfa48b54a4caace1b15fff552ab1763b

   Binary Packages
   Size : MD5

   glibc-2.1.3-37.i386.rpm
      9757015 449c014cb051165d3aaa76af3fa9d487
   glibc-devel-2.1.3-37.i386.rpm
      8129991 0b69fdc11ee445fca1b7766b1464f768
   glibc-profile-2.1.3-37.i386.rpm
      6968121 6a5ad5e94dd866ee81a4443a0333bc4e
   mtrace-2.1.3-37.i386.rpm
         9949 3059d87001d146c328e5133aaa750b1d
   nscd-2.1.3-37.i386.rpm
        25709 304f49ddc42871f888a478a9a8585443

 <Turbolinux Advanced Server 6>

   Source Packages
   Size : MD5

   glibc-2.1.3-37.src.rpm
      7421334 daca20b5e8002b2fd8f6a85a33d52a2f

   Binary Packages
   Size : MD5

   glibc-2.1.3-37.i386.rpm
      9756846 f02cb8e56fabce2f5a9324f189f93031
   glibc-devel-2.1.3-37.i386.rpm
      8130004 c9ecec76acc58e52851965960f16aa99
   glibc-profile-2.1.3-37.i386.rpm
      6968092 1b30b8ea1e1f66bf3c252f14024e81fa
   mtrace-2.1.3-37.i386.rpm
         9943 1cb341c548f36c830992f5e71001f346
   nscd-2.1.3-37.i386.rpm
        25713 2df67c47e763696295e10727776975e0

 <Turbolinux Server 6.1>

   Source Packages
   Size : MD5

   glibc-2.1.3-37.src.rpm
      7421334 aca81a130d5339a0f945a553201a5ee5

   Binary Packages
   Size : MD5

   glibc-2.1.3-37.i386.rpm
      9756918 70b597136ffdbc3d068fc12854f9a62b
   glibc-devel-2.1.3-37.i386.rpm
      8130059 380b6d12d44b9a8197dd538415b3363f
   glibc-profile-2.1.3-37.i386.rpm
      6968236 7e24a52ff68bf8a773ebd1b96dfcbb45
   mtrace-2.1.3-37.i386.rpm
         9949 480ae89b921b6833c6b33a381072ddec
   nscd-2.1.3-37.i386.rpm
        25705 7a149d8a68575bd9731951f71552877a

 <Turbolinux Workstation 6.0>

   Source Packages
   Size : MD5

   glibc-2.1.3-37.src.rpm
      7421334 e19d20e0934bf00dc22ca4fcfe16c93f

   Binary Packages
   Size : MD5

   glibc-2.1.3-37.i386.rpm
      9756671 6b80c54b7bcb793af9daedb9f580dc64
   glibc-devel-2.1.3-37.i386.rpm
      8129939 77bbe0482a933f7f935d65b680f6cf83
   glibc-profile-2.1.3-37.i386.rpm
      6968113 b7cfd8607a1c659997c3c1c8e3e4c5e0
   mtrace-2.1.3-37.i386.rpm
         9944 f77fc95e6bfadbd533d5fff9bd23b2e4
   nscd-2.1.3-37.i386.rpm
        25712 691e81b49db0754d4c096e0a615364b0


 関連文章 :

 CERT Advisory
   [CA-2003-10]
   http://www.cert.org/advisories/CA-2003-10.html


 --------------------------------------------------------------------------
 更新履歴
   初版 2003/03/28
 --------------------------------------------------------------------------

 Copyright(C) 2003 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+g24TK0LzjOqIJMwRAt+fAJ9+r7O2JlpOyQrgCIvRfdCKXTdNzgCgh7oS
9krLzs+H8PiQbQuDTAkKZIo=
=2/4g
-----END PGP SIGNATURE-----