Stay Connected:

OVMSA-2017-0051

OVMSA-2017-0051 - glibc security update

Type:SECURITY
Impact:MODERATE
Release Date:2017-03-29

Description


[2.12-1.209.0.1]
- Update newmode size to fix a possible corruption

[2.12-1.209]
- Fix AF_INET6 getaddrinfo with nscd (#1416496)

[2.12-1.208]
- Update tests for struct sockaddr_storage changes (#1338673)

[2.12-1.207]
- Use FL_CLOEXEC in internal calls to fopen (#1012343).

[2.12-1.206]
- Fix CVE-2015-8779 glibc: Unbounded stack allocation in catopen function
(#1358015).

[2.12-1.205]
- Make padding in struct sockaddr_storage explicit (#1338673)

[2.12-1.204]
- Fix detection of Intel FMA hardware (#1384281).

[2.12-1.203]
- Add support for el_GR@euro, ur_IN, and wal_ET locales (#1101858).

[2.12-1.202]
- Change malloc/tst-malloc-thread-exit.c to use fewer threads and
avoid timeout (#1318380).

[2.12-1.201]
- df can fail on some systems (#1307029).

[2.12-1.200]
- Log uname, cpuinfo, meminfo during build (#1307029).

[2.12-1.199]
- Draw graphs for heap and stack only if MAXSIZE_HEAP and MAXSIZE_STACK
are non-zero (#1331304).

[2.12-1.198]
- Avoid unneeded calls to __check_pf in getadddrinfo (#1270950)

[2.12-1.197]
- Fix CVE-2015-8778 glibc: Integer overflow in hcreate and hcreate_r
(#1358013).

[2.12-1.196]
- Fix CVE-2015-8776 glibc: Segmentation fault caused by passing
out-of-range data to strftime() (#1358011).

[2.12-1.195]
- tzdata-update: Ignore umask setting (#1373646)

[2.12-1.194]
- CVE-2014-9761: Fix unbounded stack allocation in nan* (#1358014)

[2.12-1.193]
- Avoid using uninitialized data in getaddrinfo (#1223095)

[2.12-1.192]
- Update fix for CVE-2015-7547 (#1296029).

[2.12-1.191]
- Create helper threads with enough stack for POSIX AIO and timers (#1299319).

[2.12-1.190]
- Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296029).
- Update malloc free_list cyclic fix (#1264189).
- Update tzdata-update changes (#1200555).

[2.12-1.189]
- Avoid redundant shift character in iconv output at block boundary (#1293914).

[2.12-1.188]
- Clean up testsuite results when testing with newer kernels (#1293464).

[2.12-1.187]
- Do not rewrite /etc/localtime if it is a symbolic link. (#1200555)

[2.12-1.186]
- Support long lines in /etc/hosts (#1020263).

[2.12-1.185]
- Avoid aliasing warning in tst-rec-dlopen (#1291444)

[2.12-1.184]
- Don't touch user-controlled stdio locks in forked child (#1275384).

[2.12-1.183]
- Increase the limit of shared libraries that can use static TLS (#1198802).

[2.12-1.182]
- Avoid PLT in libm for feupdateenv (#1186104).
- Allow PLT entry in libc for _Unwind_Find_FDE on s390/s390x (#1186104).

[2.12-1.181]
- Provide /etc/gai.conf only in the glibc package. (#1223818)

[2.12-1.180]
- Change first day of the week to Monday for the ca_ES locale. (#1011900)

[2.12-1.179]
- Update BIG5-HKSCS charmap to HKSCS-2008. (#1211748)

[2.12-1.178]
- Rename Oriya locale to Odia. (#1091334)

[2.12-1.177]
- Avoid hang in gethostbyname_r due to missing mutex unlocking (#1192621)

[2.12-1.176]
- Avoid ld.so crash when audit modules provide path (#1211098)

[2.12-1.175]
- Suppress expected backtrace in tst-malloc-backtrace (#1276633)

[2.12-1.174]
- Avoid PLT for memmem (#1186104).

[2.12-1.173]
- Fix up a missing dependency in the Makefile (#1219627).

[2.12-1.172]
- Reduce lock contention in __tz_convert (#1244585).

[2.12-1.171]
- Prevent the malloc arena free list from becoming cyclic (#1264189)

[2.12-1.170]
- Remove legacy IA64 support (#1246145).

[2.12-1.169]
- Check for NULL arena pointer in _int_pvalloc (#1246656).
- Don't change no_dyn_threshold on mallopt failure (#1246660).

[2.12-1.168]
- Unlock main arena after allocation in calloc (#1245731).
- Enable robust malloc change again (#1245731).
- Fix perturbing in malloc on free and simply perturb_byte (#1245731).
- Don't fall back to mmap prematurely (#1245731).

[-2.12-1.167]
- The malloc deadlock avoidance support has been temporarily removed since it
triggers deadlocks in certain applications (#1243824).


Related CVEs


CVE-2015-8778
CVE-2015-8779
CVE-2015-8776
CVE-2014-9761

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle VM 3.3 (x86_64) glibc-2.12-1.209.0.1.el6.src.rpm0c90af4bfa7d343fdbee5b2ad70822f9db719c537eb34ac0e66de97ced191f57OVMBA-2021-0032ovm3_x86_64_3.3_patch
glibc-2.12-1.209.0.1.el6.i686.rpm45bfa3f0df8c0b77a173aa99995f34b965bf9b1cfd0617a09b5c402e4bd4fd94OVMBA-2021-0032ovm3_x86_64_3.3_patch
glibc-2.12-1.209.0.1.el6.x86_64.rpm05a5d38e727ea1af61a35cc760417ef367406503a8a130058656f355ed583f46OVMBA-2021-0032ovm3_x86_64_3.3_patch
glibc-common-2.12-1.209.0.1.el6.x86_64.rpm1ea5f1233b558b2a6de0b4b9d91a28fc4ca6f8dd1b200b8b73655a5ef799b4f8OVMBA-2021-0032ovm3_x86_64_3.3_patch
nscd-2.12-1.209.0.1.el6.x86_64.rpma1252051fa86c2c77dbefccd4b5975502cecbf9fd7c996676be39ccc6d42c41bOVMBA-2021-0032ovm3_x86_64_3.3_patch
Oracle VM 3.4 (x86_64) glibc-2.12-1.209.0.1.el6.src.rpm0c90af4bfa7d343fdbee5b2ad70822f9db719c537eb34ac0e66de97ced191f57OVMBA-2021-0032ovm34_x86_64_latest
glibc-2.12-1.209.0.1.el6.i686.rpm45bfa3f0df8c0b77a173aa99995f34b965bf9b1cfd0617a09b5c402e4bd4fd94OVMBA-2021-0032ovm34_x86_64_latest
glibc-2.12-1.209.0.1.el6.x86_64.rpm05a5d38e727ea1af61a35cc760417ef367406503a8a130058656f355ed583f46OVMBA-2021-0032ovm34_x86_64_latest
glibc-common-2.12-1.209.0.1.el6.x86_64.rpm1ea5f1233b558b2a6de0b4b9d91a28fc4ca6f8dd1b200b8b73655a5ef799b4f8OVMBA-2021-0032ovm34_x86_64_latest
glibc-devel-2.12-1.209.0.1.el6.x86_64.rpm6edbfcd11fec5bf9c93f9fee5f66204f31339544a0bea465e482f28ea3ac0ad5OVMBA-2021-0032ovm34_x86_64_latest
glibc-headers-2.12-1.209.0.1.el6.x86_64.rpmeaa8561786a55655387ea59040420ab0878ee8767fa21467dfaf70facdadfb13OVMBA-2021-0032ovm34_x86_64_latest
nscd-2.12-1.209.0.1.el6.x86_64.rpma1252051fa86c2c77dbefccd4b5975502cecbf9fd7c996676be39ccc6d42c41bOVMBA-2021-0032ovm34_x86_64_latest



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights