ELSA-2018-3092 - glibc security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2018-11-05 |
Description
[2.17-260.0.9]
- Regenerate plural.c
- OraBug 28806294.
- Reviewed-by: Jose E. Marchesi
[2.17-260.0.7]
- intl: Port to Bison 3.0
- Backport of upstream gettext commit 19f23e290a5e4a82b9edf9f5a4f8ab6192871be9
- OraBug 28806294.
- Reviewed-by: Patrick McGehearty
[2.17-260.0.5]
- Fix dbl-64/wordsize-64 remquo (bug 17569).
- Backport of upstream d9afe48d55a412e76b0dcb28335fd4b390fe07ae
- OraBug 19570749.
- Reviewed-by: Jose E. Marchesi
[2.17-260.0.3]
- libio: Disable vtable validation in case of interposition.
- Backport of upstream c402355dfa7807b8e0adb27c009135a7e2b9f1b0.
- OraBug 28641867.
- Reviewed-by: Egeyar Bagcioglu
[2.17-260.0.1]
- Include-linux-falloc.h-in-bits-fcntl-linux.h
- Defines FALLOC_FL_PUNSH_HOLE, FALLOC_FL_KEEP_SIZE,
FALLOC_FL_COLLAPSE_RANGE, and FALLOC_FL_ZERO_RANGE
- OraBug 28483336
- Add MAP_SHARED_VALIDATE and MAP_SYNC flags to
- sysdeps/unix/sysv/linux/x86/bits/mman.h
- OraBug 28389572
[2.17-260.0.1]
- Update bits/siginfo.h with Linux hwpoison SIGBUS changes.
- Adds new SIGBUS error codes for hardware poison signals, syncing with
the current kernel headers (v3.9).
- It also adds si_trapno field for alpha.
- New values: BUS_MCEERR_AR, BUS_MCEERR_AO
- OraBug 28124569
[2.17-260]
- Update glibc-rh1560641.patch to initialize pad outside
the conditional eliminating an uninitialized byte warning from
valgrind. (#1560641)
[2.17-259]
- Correctly set errno when send() fails on i686 (#1550080)
[2.17-258]
- Fix dynamic string token substitution in DT_RPATH etc. (#1447808, #1540480)
- Additional robust mutex fixes (#1401665)
[2.17-257]
- Improve process-shared robust mutex support (#1401665)
[2.17-256]
- CVE-2017-16997: Correctly handle DT_RPATH (#1540480).
- Correctly process '' element in DT_RPATH or DT_NEEDED (#1447808).
[2.17-255]
- Make transition from legacy nss_db easier (#1408964)
[2.17-254]
- nptl: Avoid expected SIGALRM in most tests (#1372304)
[2.17-253]
- Add support for el_GR@euro locale. Update el_GR, ur_IN and
wal_ET locales. (#1448107)
[2.17-252]
- Do not scale NPTL tests with available number of CPUs (#1526193)
[2.17-251]
- Correctly set errno when send() fails on s390 and s390x (#1550080)
[2.17-250]
- Initialize pad field in sem_open. (#1560641)
[2.17-249]
- getlogin_r: Return early when process has no associated login UID (#1563046)
[2.17-248]
- Return static array, not local array from transliteration function (#1505500)
[2.17-247]
- Re-write multi-statement strftime_l macros using better style (#1505477)
[2.17-246]
- Fix pthread_barrier_init typo (#1505451)
[2.17-245]
- CVE-2018-11237: AVX-512 mempcpy for KNL buffer overflow (#1579809)
[2.17-244]
- resolv: Fix crash after memory allocation failure (#1579727)
[2.17-243]
- CVE-2018-11236: Path length overflow in realpath (#1579742)
[2.17-242]
- S390: fix sys/ptrace.h to make it includible again after
asm/ptrace.h (#1457479)
[2.17-241]
- x86: setcontext, makecontext alignment issues (#1531168)
[2.17-240]
- Remove abort() warning in manual (#1577333)
[2.17-239]
- Add Open File Description (OFL) locks. (#1461231)
[2.17-238]
- Properly handle more invalid --install-langs arguments. (#1349982)
[2.17-237]
- Add O_TMPFILE macro (#1471405)
- Update syscall names list to kernel 4.16 (#1563747)
- Include in bits/fcntl-linux.h. (#1476120)
- Fix netgroup cache keys. (#1505647)
- Update ptrace constants. (#1457479)
[2.17-236]
- Fix strfmon_l so that it groups digits (#1307241)
[2.17-235]
- CVE-2018-6485: Integer overflow in posix_memalign in memalign (#1548002)
[2.17-234]
- Adjust spec file for compiler warnings cleanup (#1505492)
- Drop ports add-on
- Do not attempt to disable warnings-as-errors on s390x
[2.17-233]
- Compiler warnings cleanup, phase 7 (#1505492)
[2.17-232]
- Compiler warnings cleanup, phase 6 (#1505492)
[2.17-231]
- Compiler warnings cleanup, phase 5 (#1505492)
[2.17-230]
- Compiler warnings cleanup, phase 4 (#1505492)
[2.17-229]
- Compiler warnings cleanup, phase 3 (#1505492)
[2.17-228]
- Compiler warnings cleanup, phase 2 (#1505492)
[2.17-227]
- Fix downstream-specific compiler warnings (#1505492)
[2.17-226]
- rtkaio: Do not define IN_MODULE (#1349967)
[2.17-225]
- Fix K&R function definitions in libio (#1566623)
[2.17-224]
- Fix type errors in string tests (#1564638)
[2.17-223]
- Make nscd build reproducible for verification (#1505492)
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 7 (x86_64) | glibc-2.17-260.0.9.el7.src.rpm | 8f710bb9d7db17fd4e2758e3f75b0069 | ELBA-2021-9262 |
| glibc-2.17-260.0.9.el7.i686.rpm | c9f1626136846bf5fef61402770ca05d | ELBA-2021-9262 |
| glibc-2.17-260.0.9.el7.x86_64.rpm | 75fa457b5218d9695632572d2d5354b9 | ELBA-2021-9262 |
| glibc-common-2.17-260.0.9.el7.x86_64.rpm | 45deca2215a0017f3d06ae190ee57e66 | ELBA-2021-9262 |
| glibc-devel-2.17-260.0.9.el7.i686.rpm | 17a5140da3991daf62bf7f86dec86582 | ELBA-2021-9262 |
| glibc-devel-2.17-260.0.9.el7.x86_64.rpm | 18bf1aa6a45a14fd74a07155042d122e | ELBA-2021-9262 |
| glibc-headers-2.17-260.0.9.el7.x86_64.rpm | 692d1eb70b28741b6aeb17e71e3a703f | ELBA-2021-9262 |
| glibc-static-2.17-260.0.9.el7.i686.rpm | 80aac92a7598a889c8584545e27b2171 | ELBA-2021-9262 |
| glibc-static-2.17-260.0.9.el7.x86_64.rpm | 377a3e18e91ed2a8a4443b66e43eea26 | ELBA-2021-9262 |
| glibc-utils-2.17-260.0.9.el7.x86_64.rpm | 395b77594dc39e17464dadedc2cfca5c | ELBA-2021-9262 |
| nscd-2.17-260.0.9.el7.x86_64.rpm | 13703cc33ad4e61edfc372986628de74 | ELBA-2021-9262 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
