ELSA-2018-0805

ELSA-2018-0805 - glibc security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2018-04-16

Description


[2.17-222]
- Restore internal GLIBC_PRIVATE symbols for use during upgrades (#1523119)

[2.17-221]
- CVE-2018-1000001: Fix realpath() buffer underflow (#1534635)
- i386: Fix unwinding for 32-bit C++ application (#1529982)
- Reduce thread and dynamic loader stack usage (#1527904)
- x86-64: Use XSAVE/XSAVEC more often during lazy symbol binding (#1528418)

[2.17-220]
- Update HWCAP bits for IBM POWER9 DD2.1 (#1503854)

[2.17-219]
- Rebuild with newer gcc for aarch64 stack probing fixes (#1500475)

[2.17-218]
- Improve memcpy performance for POWER9 DD2.1 (#1498925)

[2.17-217]
- Update Linux system call list to kernel 4.13 (#1508895)

[2.17-216]
- x86-64: Use XSAVE/XSAVEC in the ld.so trampoline (#1504969)

[2.17-215]
- CVE-2017-15670: glob: Fix one-byte overflow with GLOB_TILDE (#1504809)
- CVE-2017-15804: glob: Fix buffer overflow in GLOB_TILDE unescaping (#1504809)

[2.17-214]
- Fix check-localplt test failure.
- Include ld.so in check-localplt test. (#1440250)

[2.17-213]
- Fix build warning in locarchive.c (#1349964)

[2.17-212]
- Hide reference to mktemp in libpthread (#1349962)

[2.17-211]
- Implement fopencookie hardening (#1372305)

[2.17-210]
- x86-64: Support __tls_get_addr with an unaligned stack (#1468807)

[2.17-209]
- Define CLOCK_TAI in (#1448822)

[2.17-208]
- Compile glibc with -fstack-clash-protection (#1500475)

[2.17-207]
- aarch64: Avoid invalid relocations in the startup code (#1500908)

[2.17-206]
- Fix timezone test failures on large parallel builds. (#1234449, #1378329)

[2.17-205]
- Handle DSOs with no PLT (#1445781)

[2.17-204]
- libio: Implement vtable verification (#1398413)

[2.17-203]
- Fix socket system call selection on s390x (#1498566).
- Use different construct for protected visibility in IFUNC tests (#1445644)

[2.17-202]
- Rebase the DNS stub resolver and getaddrinfo to the glibc 2.26 version
- Support an arbitrary number of search domains in the stub resolver (#677316)
- Detect and apply /etc/resolv.conf changes in libresolv (#1432085)
- CVE-2017-1213: Fragmentation attacks possible when ENDS0 is enabled
(#1487063)
- CVE-2016-3706: Stack (frame) overflow in getaddrinfo when called
with AF_INET, AF_INET6 (#1329674)
- CVE-2015-5180: resolv: Fix crash with internal QTYPE (#1497131)
- CVE-2014-9402: denial of service in getnetbyname function (#1497132)
- Fix getaddrinfo to handle certain long lines in /etc/hosts (#1452034)
- Make RES_ROTATE start with a random name server (#1257639)
- Stricter IPv6 address parser (#1484034)
- Remove noip6dotint support from the stub resolver (#1482988)
- Remove partial bitstring label support from the stub resolver
- Remove unsupported resolver hook functions from the API
- Remove outdated RR type classification macros from the API
- hesiod: Always use TLS resolver state
- hesiod: Avoid non-trust-boundary crossing heap overflow in get_txt_records

[2.17.201]
- Fix hang in nscd cache prune thread (#1435615)

[2.17-200]
- Add binary timezone test data files (#1234449, #1378329)

[2.17.198]
- Add support for new IBM z14 (s390x) instructions (#1375235)

[2.17-197]
- Fix compile warnings in malloc (#1347277)
- Fix occasional tst-malloc-usable failures (#1348000)
- Additional chunk hardening in malloc (#1447556)
- Pointer alignment fix in nss group merge (#1463692)
- Fix SIGSEGV when LD_LIBRARY_PATH only has non-existing paths (#1443236)


Related CVEs


CVE-2014-9402
CVE-2015-5180
CVE-2017-12132
CVE-2017-15670
CVE-2017-15804
CVE-2018-1000001

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (x86_64) glibc-2.17-222.el7.src.rpme8686c208b301113406a29742dc873c980286337123521ecc58dfaa055228b4fELSA-2024-12444ol7_x86_64_latest
glibc-2.17-222.el7.src.rpme8686c208b301113406a29742dc873c980286337123521ecc58dfaa055228b4fELSA-2024-12444ol7_x86_64_optional_archive
glibc-2.17-222.el7.src.rpme8686c208b301113406a29742dc873c980286337123521ecc58dfaa055228b4fELSA-2024-12444ol7_x86_64_optional_latest
glibc-2.17-222.el7.src.rpme8686c208b301113406a29742dc873c980286337123521ecc58dfaa055228b4fELSA-2024-12444ol7_x86_64_u5_base
glibc-2.17-222.el7.i686.rpmdcb4848ba1e62cdd9c406b0d5a8a4e9edc081c038f22dd57e482b3525bfea67dELSA-2024-12444ol7_x86_64_latest
glibc-2.17-222.el7.i686.rpmdcb4848ba1e62cdd9c406b0d5a8a4e9edc081c038f22dd57e482b3525bfea67dELSA-2024-12444ol7_x86_64_u5_base
glibc-2.17-222.el7.x86_64.rpm8c08500021b05c25717c54328800545e38073ddb446531515bf57774adb47773ELSA-2024-12444exadata_dbserver_19.1.0.0.0_x86_64_base
glibc-2.17-222.el7.x86_64.rpm8c08500021b05c25717c54328800545e38073ddb446531515bf57774adb47773ELSA-2024-12444ol7_x86_64_latest
glibc-2.17-222.el7.x86_64.rpm8c08500021b05c25717c54328800545e38073ddb446531515bf57774adb47773ELSA-2024-12444ol7_x86_64_u5_base
glibc-common-2.17-222.el7.x86_64.rpm14af752b6078c833a9e6dfa90a7479e78fcc35b222627bb3ac22b4c79f347df0ELSA-2024-12444exadata_dbserver_19.1.0.0.0_x86_64_base
glibc-common-2.17-222.el7.x86_64.rpm14af752b6078c833a9e6dfa90a7479e78fcc35b222627bb3ac22b4c79f347df0ELSA-2024-12444ol7_x86_64_latest
glibc-common-2.17-222.el7.x86_64.rpm14af752b6078c833a9e6dfa90a7479e78fcc35b222627bb3ac22b4c79f347df0ELSA-2024-12444ol7_x86_64_u5_base
glibc-devel-2.17-222.el7.i686.rpma1535e0d4eb2e7c67a225942ff9744f70c16a41ca8f4ed02233dbc5d2550c7a4ELSA-2024-12444ol7_x86_64_latest
glibc-devel-2.17-222.el7.i686.rpma1535e0d4eb2e7c67a225942ff9744f70c16a41ca8f4ed02233dbc5d2550c7a4ELSA-2024-12444ol7_x86_64_u5_base
glibc-devel-2.17-222.el7.x86_64.rpmbe491d709fb897838a6a78908faeb99a0eb3d8568705e0c86a4ac488e426022fELSA-2024-12444exadata_dbserver_19.1.0.0.0_x86_64_base
glibc-devel-2.17-222.el7.x86_64.rpmbe491d709fb897838a6a78908faeb99a0eb3d8568705e0c86a4ac488e426022fELSA-2024-12444ol7_x86_64_latest
glibc-devel-2.17-222.el7.x86_64.rpmbe491d709fb897838a6a78908faeb99a0eb3d8568705e0c86a4ac488e426022fELSA-2024-12444ol7_x86_64_u5_base
glibc-headers-2.17-222.el7.x86_64.rpmc5447f5c7e8e694aede34c0dce926567ecfe6006deda60609d808c4fd3f1fa35ELSA-2024-12444exadata_dbserver_19.1.0.0.0_x86_64_base
glibc-headers-2.17-222.el7.x86_64.rpmc5447f5c7e8e694aede34c0dce926567ecfe6006deda60609d808c4fd3f1fa35ELSA-2024-12444ol7_x86_64_latest
glibc-headers-2.17-222.el7.x86_64.rpmc5447f5c7e8e694aede34c0dce926567ecfe6006deda60609d808c4fd3f1fa35ELSA-2024-12444ol7_x86_64_u5_base
glibc-static-2.17-222.el7.i686.rpm4491d69e68210acdb4e58d785ff0d3967add62e2bc8669e0ac54a1dedd156cfeELSA-2024-12444ol7_x86_64_optional_archive
glibc-static-2.17-222.el7.i686.rpm4491d69e68210acdb4e58d785ff0d3967add62e2bc8669e0ac54a1dedd156cfeELSA-2024-12444ol7_x86_64_optional_latest
glibc-static-2.17-222.el7.x86_64.rpm0c54429ee601f978dfe4d2556d99c2503127da5f8ed47b348b25dbb3eacf1a7dELSA-2024-12444ol7_x86_64_optional_archive
glibc-static-2.17-222.el7.x86_64.rpm0c54429ee601f978dfe4d2556d99c2503127da5f8ed47b348b25dbb3eacf1a7dELSA-2024-12444ol7_x86_64_optional_latest
glibc-utils-2.17-222.el7.x86_64.rpm53f8e9912d10cf0ee418367d25304fa4c29963d16a7d5033bf26dcecd8c6491fELSA-2024-12444ol7_x86_64_latest
glibc-utils-2.17-222.el7.x86_64.rpm53f8e9912d10cf0ee418367d25304fa4c29963d16a7d5033bf26dcecd8c6491fELSA-2024-12444ol7_x86_64_u5_base
nscd-2.17-222.el7.x86_64.rpm4a1f2d6bd158c28ba2127732e3a57667ed428ca67a7d07625ca00c77c61ea2c1ELSA-2024-12444exadata_dbserver_19.1.0.0.0_x86_64_base
nscd-2.17-222.el7.x86_64.rpm4a1f2d6bd158c28ba2127732e3a57667ed428ca67a7d07625ca00c77c61ea2c1ELSA-2024-12444ol7_x86_64_latest
nscd-2.17-222.el7.x86_64.rpm4a1f2d6bd158c28ba2127732e3a57667ed428ca67a7d07625ca00c77c61ea2c1ELSA-2024-12444ol7_x86_64_u5_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete