ELSA-2017-1916

ELSA-2017-1916 - glibc security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2017-08-07

Description


[2.17-196]
- Avoid large allocas in the dynamic linker (#1452721)

[2.17-195]
- Rounding issues on POWER (#1457177)

[2.17-194]
- Use a built-in list of system call names (#1439165)

[2.17-193]
- Inhibit FMA while compiling sqrt, pow (#1413638)

[2.17-192]
- Exclude lock elision support for older Intel hardware with
Intel TSX that has hardware errata (#841653).

[2.17-191]
- Add transparent lock elision for default POSIX mutexes on
IBM POWER hardware with support for IBM POWER HTM (#731835).

[2.17-190]
- Add transparent lock elision for default POSIX mutexes on
Intel hardware with support for Intel TSX (#841653).
- Update dynamic loader trampoline for Intel Skylake server (#1421155).

[2.17-189]
- Update dynamic loader trampoline for Intel SSE, AVX, and AVX512 usage (#1421155)

[2.17-188]
- Improve exp() and pow() performance in libm (#1409611)
- Add optimized strcmp and strncmp for IBM POWER9 hardware (#1320947)

[2.17-187]
- Define MSG_FASTOPEN. (#1387874)

[2.17-186]
- Update patch for glibc-rh1288613.patch to include tst-res_hconf_reorder
in the list of tests to be built and run. (#1367804)

[2.17-185]
- math: Regenerate ULPs for POWER (#1385004)

[2.17-184]
- Correct s390 definition of SIZE_MAX (#1385003)

[2.17-183]
- Fix CVE-2015-8776 glibc: Segmentation fault caused by passing
out-of-range data to strftime() (#1374658)

[2.17-182]
- Fix CVE-2015-8778: Integer overflow in hcreate and hcreate_r (#1374657)

[2.17-181]
- Fix rare case where calloc may not zero memory properly (#1430477)

[2.17-180]
- malloc: additional unlink hardening for non-small bins (#1326739)

[2.17-179]
- Add improvements and optimizations to take advantage of the new
z13 processor design (#1380680)

[2.17-178]
- Backport the latest POWER8 performance optimizations (#1385004)

[2.17-177]
- LD_POINTER_GUARD in the environment is not sanitized (#1383951)

[2.17-176]
- Fix cmpli usage in power6 memset. (#1418997)

[2.17-175]
- Avoid accessing user-controlled stdio locks in forked child (#1322544)

[2.17-174]
- Fix unbounded stack allocation in catopen function (#1374654)

[2.17-173]
- Fix unbounded stack allocation in nan* functions (#1374652)

[2.17-172]
- Handle /var/cache/ldconfig/aux-cache corruption (#1325138)

[2.17-171]
- Make padding in struct sockaddr_storage explicit (#1338672)

[2.17-170]
- Add AF_VSOCK/PF_VSOCK, TCP_TIMESTAMP (#1417205)

[2.17-169]
- Define and macros unconditionally (#1318877)

[2.17-168]
- Backport the groups merging feature (#1298975)

[2.17-167]
- Fix sunrpc UDP client timeout handling (#1228114)

[2.17-166]
- Add 'sss' service to the automount database in nsswitch.conf (#1392540)

[2.17-165]
- Fix use of uninitialized data in getaddrinfo with nscd (#1324568)
- Remove the 'power8' AT_PLATFORM directory (#1404435)
- Fix profil on aarch64 (#1144516)

[2.17-164]
- Fix TOC stub on powerpc64 clone() (#1398244)

[2.17-163]
- stdio buffer auto-tuning should reject large buffer sizes (#988869)

[2.17-162]
- Backport support/ subdirectory from upstream (#1418978)
- Fix deadlock between fork, malloc, flush (NULL) (#906468)

[2.17-161]
- Fix tst-cancel17/tst-cancelx17 was sometimes segfaulting.
Wait for the read to finish before returning. (#1337242)

[2.17-160]
- Add internal-only support for O_TMPFILE (#1330705)

[2.17-158]
- Do not set initgroups in default nsswitch.conf (#1366569)
- nss_db: Request larger buffers for long group entries (#1318890)
- nss_db: Fix get*ent crash without preceding set*ent (#1213603)
- nss_db: Fix endless loop in services database processing (#1370630)


Related CVEs


CVE-2014-9761
CVE-2015-8776
CVE-2015-8778
CVE-2015-8779
CVE-2015-8777

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) glibc-2.17-196.el7.src.rpm8ab8bab0634d07a30f4378e5df2b54b8ELSA-2017-3601
glibc-2.17-196.el7.i686.rpm2291f2421564e552211ab6ffd7791a8aELSA-2017-3601
glibc-2.17-196.el7.x86_64.rpm8837ba64b2ab4668fb6d9d70b0864004ELSA-2017-3601
glibc-common-2.17-196.el7.x86_64.rpm43874197028642c3e3aa4c4f5f8941f3ELSA-2017-3601
glibc-devel-2.17-196.el7.i686.rpm0f8bb102fe03fb763e7bc1da3146078eELSA-2017-3601
glibc-devel-2.17-196.el7.x86_64.rpm80f354ef4b3348657152b9da0c6fceadELSA-2017-3601
glibc-headers-2.17-196.el7.x86_64.rpm8a802f17f0bfddb5319b23600e89aa71ELSA-2017-3601
glibc-static-2.17-196.el7.i686.rpm3fdd342505a1afdd90984d379cfadd97ELSA-2017-3601
glibc-static-2.17-196.el7.x86_64.rpme1484504a745133f354b56267aaec61bELSA-2017-3601
glibc-utils-2.17-196.el7.x86_64.rpm4ce5c66c5ffb2a340c767b5addaec543ELSA-2017-3601
nscd-2.17-196.el7.x86_64.rpm1203ecd2ac1faf4505c87f6fc49d261bELSA-2017-3601



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete