ELSA-2025-20596
- ULN >
- Oracle Linux Errata repository >
- ELSA-2025-20596
ELSA-2025-20596 - glibc security update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2025-09-16 |
Description
[2.17-326.0.11.3]
- Back port fix for CVE-2025-4802 [Orabug: 38144086]
[2.17-326.0.9.3]
- Forward-port Oracle patches to 2.17-326.3
Reviewed-by: Jose E. Marchesi
Oracle history:
June-22-2023 Cupertino Miranda
- OraBug 35517820 Reworked previous patch for OraBug 35318841 and removed
free() of stack allocations.
Reviewed-by: Jose E. Marchesi
June-20-2023 Cupertino Miranda
- OraBug 35517820 Do not allocate heap memory in __nptl_tunables_init.
- This issue was introduced and fixed in patch related to OraBug 35318841.
Reviewed-by: Jose E. Marchesi
April-21-2023 Cupertino Miranda
- OraBug 35318841 Glibc tunable to disable huge pages on pthread_create stacks
Reviewed-by: Jose E. Marchesi
December-19-2022 Cupertino Miranda
- OraBug 34909902 vDSO timer functions support on i686
Reviewed-by: Jose E. Marchesi
May-18-2022 Patrick McGehearty
- Forward-port Oracle patches to 2.17-326.
Reviewed-by: Jose E. Marchesi
April-26-2022 Patrick McGehearty
- OraBug 33968985 Security Patches
This release fixes CVE-2022-23219, CVE-2022-23218, and CVE-2021-3999
Reviewed-by: Jose E. Marchesi
October-12-2021 Patrick McGehearty
- Merge el7 u9 errata4 patch with Oracle patches
Review-exception: Simple merge
- Merge el7 u9 errata patches with Oracle patches
Review-exception: Simple merge
- Adding three arm specific patches to allow glibc x86 tree to be used for
- ILOM and other arm builds
Reviewed-by: Jose E. Marchesi
- Merge el7 u8 patches with Oracle patches
Review-exception: Simple merge
- Adding Mike Fabian's C.utf-8 patch (C.utf-8 is a unicode-aware version
of the C locale)
Orabug 29784239.
Reviewed-by: Jose E. Marchesi
- Remove glibc-ora28641867.patch as duplicate of glibc-rh1705899-4.patch
- Make _IO_funlockfile match __funlockfile and _IO_flockfile match __flockfile
Both should test
if ((stream->_flags & _IO_USER_LOCK) == 0)
_IO_lock_lock (*stream->_lock);
OraBug 28481550.
Reviewed-by: Jose E. Marchesi
- Modify glibc-ora28849085.patch so it works with RHCK kernels.
Orabug 28849085.
- Reviewed-by: Egeyar Bagcioglu
- Use NLM_F_SKIP_STATS in uek2 and RTEXT_FILTER_SKIP_STATS in uek4 in getifaddrs.
- Orabug 28849085
- Reviewed-by: Patrick McGehearty
- Mention CVE numbers in the .spec file for CVE-2015-8983 and CVE-2015-8984.
- Orabug 25558067.
- Reviewed-by: Egeyar Bagcioglu
- Regenerate plural.c
- OraBug 28806294.
- Reviewed-by: Jose E. Marchesi
- intl: Port to Bison 3.0
- Backport of upstream gettext commit 19f23e290a5e4a82b9edf9f5a4f8ab6192871be9
- OraBug 28806294.
- Reviewed-by: Patrick McGehearty
- Fix dbl-64/wordsize-64 remquo (bug 17569).
- Backport of upstream d9afe48d55a412e76b0dcb28335fd4b390fe07ae
- OraBug 19570749.
- Reviewed-by: Jose E. Marchesi
- libio: Disable vtable validation in case of interposition.
- Backport of upstream c402355dfa7807b8e0adb27c009135a7e2b9f1b0.
- OraBug 28641867.
- Reviewed-by: Egeyar Bagcioglu
- Include-linux-falloc.h-in-bits-fcntl-linux.h
- Defines FALLOC_FL_PUNSH_HOLE, FALLOC_FL_KEEP_SIZE,
FALLOC_FL_COLLAPSE_RANGE, and FALLOC_FL_ZERO_RANGE
- OraBug 28483336
- Add MAP_SHARED_VALIDATE and MAP_SYNC flags to
- sysdeps/unix/sysv/linux/x86/bits/mman.h
- OraBug 28389572
- Update bits/siginfo.h with Linux hwpoison SIGBUS changes.
- Adds new SIGBUS error codes for hardware poison signals, syncing with
the current kernel headers (v3.9).
- It also adds si_trapno field for alpha.
- New values: BUS_MCEERR_AR, BUS_MCEERR_AO
- OraBug 28124569
Related CVEs
| CVE-2025-4802 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (x86_64) | glibc-2.17-326.0.11.ksplice1.el7_9.3.src.rpm | b66679fb39c2d7b20c7cf2da0afef67869ef0e0b4ad922fec02b6cc125193faf | - | ol7_x86_64_userspace_ksplice_ELS |
| glibc-2.17-326.0.11.ksplice1.el7_9.3.i686.rpm | e484e877071b4309add550aa73a6b1d56ed425a808522571c08eef3250eb1c57 | - | ol7_x86_64_userspace_ksplice_ELS | |
| glibc-2.17-326.0.11.ksplice1.el7_9.3.x86_64.rpm | c17cb65b134f23d6e2807613dd12e259e4b929d23a10e3421fabffcd0106a6db | - | ol7_x86_64_userspace_ksplice_ELS | |
| glibc-common-2.17-326.0.11.ksplice1.el7_9.3.x86_64.rpm | 566aa73ca563ae1cf366a4ca7c1187d1746c903c0afba86b5ed5dd5c02100916 | - | ol7_x86_64_userspace_ksplice_ELS | |
| glibc-devel-2.17-326.0.11.ksplice1.el7_9.3.i686.rpm | bdef9afd71afa8467f5e6b5ab3b7cdb7882a5c6c9eb97385afbc00d9a4e058b2 | - | ol7_x86_64_userspace_ksplice_ELS | |
| glibc-devel-2.17-326.0.11.ksplice1.el7_9.3.x86_64.rpm | 14fbc84905f05a46fef645d22ecb4ff62810ca15d98aa3fa1e6122d72511a3cb | - | ol7_x86_64_userspace_ksplice_ELS | |
| glibc-headers-2.17-326.0.11.ksplice1.el7_9.3.x86_64.rpm | 878ad927969c48fb9401ded638200a4397f43dffb87b59ce5dd0290d446ee8ab | - | ol7_x86_64_userspace_ksplice_ELS | |
| glibc-static-2.17-326.0.11.ksplice1.el7_9.3.i686.rpm | b781f69e38e9df029d217a4eef8cbb10ce401b9837fb738c5e406e48253faa3d | - | ol7_x86_64_userspace_ksplice_ELS | |
| glibc-static-2.17-326.0.11.ksplice1.el7_9.3.x86_64.rpm | 7d95fb72f0c8c733b732932d19d761c1dc48a38850c5e782d1abcfb1f2406aed | - | ol7_x86_64_userspace_ksplice_ELS | |
| glibc-utils-2.17-326.0.11.ksplice1.el7_9.3.x86_64.rpm | 291233f6bf3d9382e135ec7090054ec7faa77a241fc2cac5597a7b02f1c0873c | - | ol7_x86_64_userspace_ksplice_ELS | |
| nscd-2.17-326.0.11.ksplice1.el7_9.3.x86_64.rpm | 5091f5c36dcece26a5203f55d9bc71cfa4694c7b887022cc8389e623c41852c4 | - | ol7_x86_64_userspace_ksplice_ELS | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
