ELSA-2019-4753

ELSA-2019-4753 - glibc security update

Type:SECURITY
Severity:MODERATE
Release Date:2019-08-19

Description


[2.17-292.0.1.7]
- Remove glibc-ora28641867.patch as duplicate of glibc-rh1705899-4.patch
- Make _IO_funlockfile match __funlockfile and _IO_flockfile match __flockfile
Both should test
if ((stream->_flags & _IO_USER_LOCK) == 0)
_IO_lock_lock (*stream->_lock);
OraBug 28481550.
Reviewed-by: Jose E. Marchesi
- Modify glibc-ora28849085.patch so it works with RHCK kernels.
Orabug 28849085.
- Reviewed-by: Egeyar Bagcioglu
- Use NLM_F_SKIP_STATS in uek2 and RTEXT_FILTER_SKIP_STATS in uek4 in getifaddrs.
- Orabug 28849085
- Reviewed-by: Patrick McGehearty
- Mention CVE numbers in the .spec file for CVE-2015-8983 and CVE-2015-8984.
- Orabug 25558067.
- Reviewed-by: Egeyar Bagcioglu
- Regenerate plural.c
- OraBug 28806294.
- Reviewed-by: Jose E. Marchesi
- intl: Port to Bison 3.0
- Backport of upstream gettext commit 19f23e290a5e4a82b9edf9f5a4f8ab6192871be9
- OraBug 28806294.
- Reviewed-by: Patrick McGehearty
- Fix dbl-64/wordsize-64 remquo (bug 17569).
- Backport of upstream d9afe48d55a412e76b0dcb28335fd4b390fe07ae
- OraBug 19570749.
- Reviewed-by: Jose E. Marchesi
- libio: Disable vtable validation in case of interposition.
- Backport of upstream c402355dfa7807b8e0adb27c009135a7e2b9f1b0.
- OraBug 28641867.
- Reviewed-by: Egeyar Bagcioglu
- Include-linux-falloc.h-in-bits-fcntl-linux.h
- Defines FALLOC_FL_PUNSH_HOLE, FALLOC_FL_KEEP_SIZE,
FALLOC_FL_COLLAPSE_RANGE, and FALLOC_FL_ZERO_RANGE
- OraBug 28483336
- Add MAP_SHARED_VALIDATE and MAP_SYNC flags to
- sysdeps/unix/sysv/linux/x86/bits/mman.h
- OraBug 28389572
- Update bits/siginfo.h with Linux hwpoison SIGBUS changes.
- Adds new SIGBUS error codes for hardware poison signals, syncing with
the current kernel headers (v3.9).
- It also adds si_trapno field for alpha.
- New values: BUS_MCEERR_AR, BUS_MCEERR_AO
- OraBug 28124569

[2.17-292]
- Avoid iconv hang on invalid multi-byte sequences (#1427734)

[2.17-291]
- Use versioned Obsoletes: for nss_db (#1703565)

[2.17-290]
- Adjust to find-debuginfo.sh changes (#1661508)

[2.17-289]
- ja_JP: Add new Japanese Era name (#1555189)

[2.17-288]
- Unify and improve pthread_once implementation for all architectures (#1163509)

[2.17.287]
- malloc: Always call memcpy in _int_realloc (#1662842)

[2.17-286]
- Update comments in nscd.conf and nsswitch.conf (#1488370)

[2.17-285]
- intl: Ensure plural.c is current to prevent regenerating it (#1640764)

[2.17-284]
- Update to include IP*_PMTUDISC_OMIT and others (#1684874)

[2.17-283]
- elf: Adjust the big PT_NOTE test to exercise the bug in more cases (#1579739)

[2.17-282]
- x86: Fix incorrect selection of string functions (#1641981)

[2.17-281]
- elf: Avoid stack overflow with large PT_NOTE segments (#1579739)

[2.17-280]
- resolv: Fully initialize sendmmsg argument data (#1579354)

[2.17-279]
- Improve formatting of Netlink error messages (#1443872)

[2.17-278]
- Run resolv/tst-inet_aton_exact test (#1673465)

[2.17-277]
- getifaddrs could return interfaces with ifa_name set to NULL (#1472832)

[2.17-276]
- Terminate process on invalid netlink response from kernel (#1443872)

[2.17-275]
- resolv: Support host names with trailing dashes (#1039304)

[2.17-274]
- CVE-2016-10739: Reject trailing characters in getaddrinfo (#1673465)

[2.17-273]
- Update syscall list for Linux 4.20 (#1657015)

[2.17-272]
- glibc-headers: Add ipc STAT_ANY constants (#1592475)

[2.17-271]
- localedata: Make IBM273 compatible with ISO-8859-1 (#1591268)

[2.17-270]
- Fix pldd race condition that may leave the process stopped after
detaching. (#1609067)

[2.17-269]
- libanl: properly cleanup if first helper thread creation failed (#1646373)

[2.17-268]
- Add note about missing test case for BZ1457479 (#1635325)

[2.17-267]
- elf: Fix data race in _dl_profile_fixup (#1630440)

[2.17-266]
- Fix i386 sigaction sa_restorer initialization (#1579730)

[2.17-265]
- Fix compilation error in stdlib/tst-strtod-overflow.c (#1647490)

[2.17-264]
- aarch64: Disable lazy symbol binding of TLSDESC (#1639524)

[2.17-263]
- Reduce RAM requirements for stdlib/test-bz22786 (#1647490)

[2.17-262]
- libio vtable validation improvements (#1595191)

[2.17-261]
- Update support/ to the most recent upstream version (#1595191)


Related CVEs



Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) glibc-2.17-292.0.1.ksplice1.el7.src.rpmc4c6af191cb82036ad055704b7775bd4ELBA-2021-9262
glibc-2.17-292.0.1.ksplice1.el7.i686.rpmd5b8c33fbe622b20fe5fd14555570016ELBA-2021-9262
glibc-2.17-292.0.1.ksplice1.el7.x86_64.rpma18d87d25527b3d29f9f7aa36bb76122ELBA-2021-9262
glibc-common-2.17-292.0.1.ksplice1.el7.x86_64.rpm1916817fdf3e5ab1661a991845fde1e1ELBA-2021-9262
glibc-devel-2.17-292.0.1.ksplice1.el7.i686.rpmb8218a47e60815673fa868d62d9438d3ELBA-2021-9262
glibc-devel-2.17-292.0.1.ksplice1.el7.x86_64.rpm84728e1dedc15a07e5e55b61647c1d5eELBA-2021-9262
glibc-headers-2.17-292.0.1.ksplice1.el7.x86_64.rpm9af016c261a277a0ed26c1853db7b12dELBA-2021-9262
glibc-static-2.17-292.0.1.ksplice1.el7.i686.rpm8b9e5a42a9b1a783cff669ed2addca69ELBA-2021-9262
glibc-static-2.17-292.0.1.ksplice1.el7.x86_64.rpmf8d14102d4b347b2c2302799f0f42157ELBA-2021-9262
glibc-utils-2.17-292.0.1.ksplice1.el7.x86_64.rpma63e75056377092eadae3f773603f184ELBA-2021-9262
nscd-2.17-292.0.1.ksplice1.el7.x86_64.rpm6f0f120e173b4094ebf0aed71a758ee0ELBA-2021-9262



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete