A new glibc exploit has been disclosed under CVE-2010-3856. Unlike the last glibc exploit a few days ago you do not get direct root access, but you can create files/dirs in root owned paths. I expect an update from RedHat with in the next 24 – 48 hours.
I released a glibc update for the last glibc update in a testing repo. It looks like I will be keeping the testing repo for some time. Here is how to get the latest glibc update (a copy of my previous post)
–
Run /admin/updatefromtesting and there are glibc updates for CentOS 5.
You can get this by running
/admin/upscripts
If you do not have the admin scripts run
rsync -a rsync://mirror.trouble-free.net/admin /admin
Before use, you will need to run either
ln -s /admin/testing.repo /etc/yum.repos.d/testing.repo
or
cp /admin/testing.repo /etc/yum.repos.d/testing.repo
Then run
/admin/updatefromtesting
This repo is not enabled by default. So what is really happening is yum is being called as yum –enablerepo=tf-testing update
—
The testing repo will stay around for a bit longer. If you are a current InterServer customer please contact support.
I have tested this update on multiple i386 and x86_64 systems and have seemed it stable. However, using the testing repo is not an official update from RedHat or CentOS.
The repo, including srpm, is at http://mirror.trouble-free.net/tf/testing/5.5/