ELSA-2018-4266

ELSA-2018-4266 - glibc security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2018-11-06

Description


[2.17-260.0.9]
- Regenerate plural.c
- OraBug 28806294.
- Reviewed-by: Jose E. Marchesi

[2.17-260.0.7]
- intl: Port to Bison 3.0
- Backport of upstream gettext commit 19f23e290a5e4a82b9edf9f5a4f8ab6192871be9
- OraBug 28806294.
- Reviewed-by: Patrick McGehearty

[2.17-260.0.5]
- Fix dbl-64/wordsize-64 remquo (bug 17569).
- Backport of upstream d9afe48d55a412e76b0dcb28335fd4b390fe07ae
- OraBug 19570749.
- Reviewed-by: Jose E. Marchesi

[2.17-260.0.3]
- libio: Disable vtable validation in case of interposition.
- Backport of upstream c402355dfa7807b8e0adb27c009135a7e2b9f1b0.
- OraBug 28641867.
- Reviewed-by: Egeyar Bagcioglu

[2.17-260.0.1]
- Include-linux-falloc.h-in-bits-fcntl-linux.h
- Defines FALLOC_FL_PUNSH_HOLE, FALLOC_FL_KEEP_SIZE,
FALLOC_FL_COLLAPSE_RANGE, and FALLOC_FL_ZERO_RANGE
- OraBug 28483336

- Add MAP_SHARED_VALIDATE and MAP_SYNC flags to
- sysdeps/unix/sysv/linux/x86/bits/mman.h
- OraBug 28389572

[2.17-260.0.1]
- Update bits/siginfo.h with Linux hwpoison SIGBUS changes.
- Adds new SIGBUS error codes for hardware poison signals, syncing with
the current kernel headers (v3.9).
- It also adds si_trapno field for alpha.
- New values: BUS_MCEERR_AR, BUS_MCEERR_AO
- OraBug 28124569

[2.17-260]
- Update glibc-rh1560641.patch to initialize pad outside
the conditional eliminating an uninitialized byte warning from
valgrind. (#1560641)

[2.17-259]
- Correctly set errno when send() fails on i686 (#1550080)

[2.17-258]
- Fix dynamic string token substitution in DT_RPATH etc. (#1447808, #1540480)
- Additional robust mutex fixes (#1401665)

[2.17-257]
- Improve process-shared robust mutex support (#1401665)

[2.17-256]
- CVE-2017-16997: Correctly handle DT_RPATH (#1540480).
- Correctly process '' element in DT_RPATH or DT_NEEDED (#1447808).

[2.17-255]
- Make transition from legacy nss_db easier (#1408964)

[2.17-254]
- nptl: Avoid expected SIGALRM in most tests (#1372304)

[2.17-253]
- Add support for el_GR@euro locale. Update el_GR, ur_IN and
wal_ET locales. (#1448107)

[2.17-252]
- Do not scale NPTL tests with available number of CPUs (#1526193)

[2.17-251]
- Correctly set errno when send() fails on s390 and s390x (#1550080)

[2.17-250]
- Initialize pad field in sem_open. (#1560641)

[2.17-249]
- getlogin_r: Return early when process has no associated login UID (#1563046)

[2.17-248]
- Return static array, not local array from transliteration function (#1505500)

[2.17-247]
- Re-write multi-statement strftime_l macros using better style (#1505477)

[2.17-246]
- Fix pthread_barrier_init typo (#1505451)

[2.17-245]
- CVE-2018-11237: AVX-512 mempcpy for KNL buffer overflow (#1579809)

[2.17-244]
- resolv: Fix crash after memory allocation failure (#1579727)

[2.17-243]
- CVE-2018-11236: Path length overflow in realpath (#1579742)

[2.17-242]
- S390: fix sys/ptrace.h to make it includible again after
asm/ptrace.h (#1457479)

[2.17-241]
- x86: setcontext, makecontext alignment issues (#1531168)

[2.17-240]
- Remove abort() warning in manual (#1577333)

[2.17-239]
- Add Open File Description (OFL) locks. (#1461231)

[2.17-238]
- Properly handle more invalid --install-langs arguments. (#1349982)

[2.17-237]
- Add O_TMPFILE macro (#1471405)
- Update syscall names list to kernel 4.16 (#1563747)
- Include in bits/fcntl-linux.h. (#1476120)
- Fix netgroup cache keys. (#1505647)
- Update ptrace constants. (#1457479)

[2.17-236]
- Fix strfmon_l so that it groups digits (#1307241)

[2.17-235]
- CVE-2018-6485: Integer overflow in posix_memalign in memalign (#1548002)

[2.17-234]
- Adjust spec file for compiler warnings cleanup (#1505492)
- Drop ports add-on
- Do not attempt to disable warnings-as-errors on s390x

[2.17-233]
- Compiler warnings cleanup, phase 7 (#1505492)

[2.17-232]
- Compiler warnings cleanup, phase 6 (#1505492)

[2.17-231]
- Compiler warnings cleanup, phase 5 (#1505492)

[2.17-230]
- Compiler warnings cleanup, phase 4 (#1505492)

[2.17-229]
- Compiler warnings cleanup, phase 3 (#1505492)

[2.17-228]
- Compiler warnings cleanup, phase 2 (#1505492)

[2.17-227]
- Fix downstream-specific compiler warnings (#1505492)

[2.17-226]
- rtkaio: Do not define IN_MODULE (#1349967)

[2.17-225]
- Fix K&R function definitions in libio (#1566623)

[2.17-224]
- Fix type errors in string tests (#1564638)

[2.17-223]
- Make nscd build reproducible for verification (#1505492)


Related CVEs



Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) glibc-2.17-260.0.9.ksplice1.el7.src.rpm8a79ffa76c958f3464ca44be59aa71d3ELBA-2021-9262
glibc-2.17-260.0.9.ksplice1.el7.i686.rpm5c23380b080a27d7a3dd5f5687d0e84fELBA-2021-9262
glibc-2.17-260.0.9.ksplice1.el7.x86_64.rpm24d8f721ff4cbf0b603f25c153f9828fELBA-2021-9262
glibc-common-2.17-260.0.9.ksplice1.el7.x86_64.rpm34f669ff6d51909446332826924d6d22ELBA-2021-9262
glibc-devel-2.17-260.0.9.ksplice1.el7.i686.rpm29be180a0ffa813b86c6358bf863d6a6ELBA-2021-9262
glibc-devel-2.17-260.0.9.ksplice1.el7.x86_64.rpm57a7fe9e0ef35089da6a3c2a67ea356fELBA-2021-9262
glibc-headers-2.17-260.0.9.ksplice1.el7.x86_64.rpm12851c3cb7556edc0f9710efc98fed53ELBA-2021-9262
glibc-static-2.17-260.0.9.ksplice1.el7.i686.rpm13feb692913c2086d71a23bbb7108801ELBA-2021-9262
glibc-static-2.17-260.0.9.ksplice1.el7.x86_64.rpm01ae7b1963df4994616a69b221a985e3ELBA-2021-9262
glibc-utils-2.17-260.0.9.ksplice1.el7.x86_64.rpm6b098ab640243c0e2334280461a18bedELBA-2021-9262
nscd-2.17-260.0.9.ksplice1.el7.x86_64.rpm14e0ca9407650f55c3201eb9b3d09f7fELBA-2021-9262



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete