OVMSA-2016-0013 - glibc security update
Type: | SECURITY |
Severity: | CRITICAL |
Release Date: | 2016-02-16 |
Description
[2.12-1.166.7]
- Update fix for CVE-2015-7547 (#1296028).
[2.12-1.166.6]
- Create helper threads with enough stack for POSIX AIO and timers (#1301625).
[2.12-1.166.5]
- Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296028).
[2.12-1.166.4]
- Support loading more libraries with static TLS (#1291270).
[2.12-1.166.3]
- Check for NULL arena pointer in _int_pvalloc (#1256890).
- Don't change no_dyn_threshold on mallopt failure (#1256891).
[2.12-1.166.2]
- Unlock main arena after allocation in calloc (#1256812).
- Enable robust malloc change again (#1256812).
- Fix perturbing in malloc on free and simply perturb_byte (#1256812).
- Don't fall back to mmap prematurely (#1256812).
[-2.12-1.166.1]
- The malloc deadlock avoidance support has been temporarily removed since it
triggers deadlocks in certain applications (#1244002).
[2.12-1.166]
- Fix ruserok() check to reject, not skip, negative user checks (#1217186).
[2.12-1.165]
- Optimize ruserok() function for large ~/.rhosts (#1217186).
[2.12-1.164]
- Fix crash in valloc due to the backtrace deadlock fix (#1207236).
[2.12-1.163]
- Fix buffer overflow in gethostbyname_r with misaligned buffer
(#1209376, CVE-2015-1781).
[2.12-1.162]
- Avoid deadlock in malloc on backtrace (#1066724).
[2.12-1.161]
- Support running applications that use Intel AVX-512 (#1195453).
[2.12-1.160]
- Silence logging of record type mismatch for DNSSEC records (#1088301).
[2.12-1.159]
- Shrink heap on free when vm.overcommit_memory == 2 (#867679).
[2.12-1.158]
- Enhance nscd to detect any configuration file changes (#859965).
- Fix __times() handling of EFAULT when buf is NULL (#1124204).
- Fix memory leak with dlopen() and thread-local storage variables (#978098).
- Prevent getaddrinfo from writing DNS queries to random fd (CVE-2013-7423,
- Implement userspace half of in6.h header coordination (#1053178).
- Correctely size relocation cache used by profiler (#1144132).
- Fix reuse of cached stack leading to bounds overrun of DTV (#1116050).
[2.12-1.157]
- Return failure in getnetgrent only when all netgroups have been searched
(#1085312).
- Fix valgrind warning in nscd_stats (#1091915).
[2.12-1.156]
- Initialize xports array (#1159167).
- Fix tst-default-attr test to not fail on powerpc (#1023306).
[2.12-1.155]
- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183534).
[2.12-1.154]
- Fix typo in nscd/selinux.c (#1125307).
- Actually run test-iconv modules (#1176907).
[2.12-1.153]
- Fix recursive dlopen() (#1154563).
[2.12-1.152]
- Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040, #1172044).
[2.12-1.151]
- Fix wordexp() to honour WRDE_NOCMD (CVE-2014-7817, #1171296).
[2.12-1.150]
- Fix typo in res_send and res_query (#rh1138769).
Related CVEs
Updated Packages
Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
Oracle VM 3.3 (x86_64) | glibc-2.12-1.166.el6_7.7.src.rpm | 7d6a5ceaeb782d22af51e24399af2772 | OVMSA-2018-0235 |
| glibc-2.12-1.166.el6_7.7.i686.rpm | 3873965d2412721a5371e5a3817954d9 | OVMSA-2018-0235 |
| glibc-2.12-1.166.el6_7.7.x86_64.rpm | 18338e62e840e78c112929857f0d0948 | OVMSA-2018-0235 |
| glibc-common-2.12-1.166.el6_7.7.x86_64.rpm | 45e6916bb50b39764f52fde711368f49 | OVMSA-2018-0235 |
| nscd-2.12-1.166.el6_7.7.x86_64.rpm | 0addc63c450ca655cf90a249d06d1c41 | OVMSA-2018-0235 |
|
Oracle VM 3.4 (x86_64) | glibc-2.12-1.166.el6_7.7.src.rpm | 7d6a5ceaeb782d22af51e24399af2772 | OVMSA-2018-0235 |
| glibc-2.12-1.166.el6_7.7.i686.rpm | 3873965d2412721a5371e5a3817954d9 | OVMSA-2018-0235 |
| glibc-2.12-1.166.el6_7.7.x86_64.rpm | 18338e62e840e78c112929857f0d0948 | OVMSA-2018-0235 |
| glibc-common-2.12-1.166.el6_7.7.x86_64.rpm | 45e6916bb50b39764f52fde711368f49 | OVMSA-2018-0235 |
| nscd-2.12-1.166.el6_7.7.x86_64.rpm | 0addc63c450ca655cf90a249d06d1c41 | OVMSA-2018-0235 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team