ELSA-2016-0176

ELSA-2016-0176 - glibc security and bug fix update

Type:SECURITY
Severity:CRITICAL
Release Date:2016-02-16

Description


[2.17-106.0.1.4]
- Remove strstr and strcasestr implementations using sse4.2 instructions.
- Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and
1818483b15d22016b0eae41d37ee91cc87b37510 backported.

[2.17-106.4]
- Revert problematic libresolv change, not needed for the
CVE-2015-7547 fix (#1296030).

[2.17-106.3]
- Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296030).
- Fix madvise performance issues (#1298930).
- Avoid 'monstartup: out of memory' error on powerpc64le (#1298956).

[2.17-106.2]
- Fix CVE-2015-5229: calloc() may return non-zero memory (#1296453).


Related CVEs


CVE-2015-7547
CVE-2015-5229

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) glibc-2.17-106.0.1.el7_2.4.src.rpm231912dabe957ef7c0f47a60723b9745ELSA-2017-3601
glibc-2.17-106.0.1.el7_2.4.i686.rpmaa287092f2edff95e0593f31335d55b6ELSA-2017-3601
glibc-2.17-106.0.1.el7_2.4.x86_64.rpme9956bbdb60465e3867dd584b706466fELSA-2017-3601
glibc-common-2.17-106.0.1.el7_2.4.x86_64.rpm32c53d9b62721d33b7dcec4a57ffb315ELSA-2017-3601
glibc-devel-2.17-106.0.1.el7_2.4.i686.rpm9434270dc7f5054b2ae53bef4b118377ELSA-2017-3601
glibc-devel-2.17-106.0.1.el7_2.4.x86_64.rpm06d566f4a66190775b07e8c30cdace4cELSA-2017-3601
glibc-headers-2.17-106.0.1.el7_2.4.x86_64.rpmc80b71f6c16c5b93d2af76541e119aebELSA-2017-3601
glibc-static-2.17-106.0.1.el7_2.4.i686.rpmfba098782885d4531fd0592622c7fe6eELSA-2017-3601
glibc-static-2.17-106.0.1.el7_2.4.x86_64.rpm05911021a224606b63bec1c7ba8f2f1fELSA-2017-3601
glibc-utils-2.17-106.0.1.el7_2.4.x86_64.rpmd3df959b889028a49e179c048c75706bELSA-2017-3601
nscd-2.17-106.0.1.el7_2.4.x86_64.rpmab704eb417ecff1b0f8486eb6c1c42d0ELSA-2017-3601



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete