OVMSA-2017-0051
- ULN >
- Oracle Linux Errata repository >
- OVMSA-2017-0051
OVMSA-2017-0051 - glibc security update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2017-03-29 |
Description
[2.12-1.209.0.1]
- Update newmode size to fix a possible corruption
[2.12-1.209]
- Fix AF_INET6 getaddrinfo with nscd (#1416496)
[2.12-1.208]
- Update tests for struct sockaddr_storage changes (#1338673)
[2.12-1.207]
- Use FL_CLOEXEC in internal calls to fopen (#1012343).
[2.12-1.206]
- Fix CVE-2015-8779 glibc: Unbounded stack allocation in catopen function
(#1358015).
[2.12-1.205]
- Make padding in struct sockaddr_storage explicit (#1338673)
[2.12-1.204]
- Fix detection of Intel FMA hardware (#1384281).
[2.12-1.203]
- Add support for el_GR@euro, ur_IN, and wal_ET locales (#1101858).
[2.12-1.202]
- Change malloc/tst-malloc-thread-exit.c to use fewer threads and
avoid timeout (#1318380).
[2.12-1.201]
- df can fail on some systems (#1307029).
[2.12-1.200]
- Log uname, cpuinfo, meminfo during build (#1307029).
[2.12-1.199]
- Draw graphs for heap and stack only if MAXSIZE_HEAP and MAXSIZE_STACK
are non-zero (#1331304).
[2.12-1.198]
- Avoid unneeded calls to __check_pf in getadddrinfo (#1270950)
[2.12-1.197]
- Fix CVE-2015-8778 glibc: Integer overflow in hcreate and hcreate_r
(#1358013).
[2.12-1.196]
- Fix CVE-2015-8776 glibc: Segmentation fault caused by passing
out-of-range data to strftime() (#1358011).
[2.12-1.195]
- tzdata-update: Ignore umask setting (#1373646)
[2.12-1.194]
- CVE-2014-9761: Fix unbounded stack allocation in nan* (#1358014)
[2.12-1.193]
- Avoid using uninitialized data in getaddrinfo (#1223095)
[2.12-1.192]
- Update fix for CVE-2015-7547 (#1296029).
[2.12-1.191]
- Create helper threads with enough stack for POSIX AIO and timers (#1299319).
[2.12-1.190]
- Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296029).
- Update malloc free_list cyclic fix (#1264189).
- Update tzdata-update changes (#1200555).
[2.12-1.189]
- Avoid redundant shift character in iconv output at block boundary (#1293914).
[2.12-1.188]
- Clean up testsuite results when testing with newer kernels (#1293464).
[2.12-1.187]
- Do not rewrite /etc/localtime if it is a symbolic link. (#1200555)
[2.12-1.186]
- Support long lines in /etc/hosts (#1020263).
[2.12-1.185]
- Avoid aliasing warning in tst-rec-dlopen (#1291444)
[2.12-1.184]
- Don't touch user-controlled stdio locks in forked child (#1275384).
[2.12-1.183]
- Increase the limit of shared libraries that can use static TLS (#1198802).
[2.12-1.182]
- Avoid PLT in libm for feupdateenv (#1186104).
- Allow PLT entry in libc for _Unwind_Find_FDE on s390/s390x (#1186104).
[2.12-1.181]
- Provide /etc/gai.conf only in the glibc package. (#1223818)
[2.12-1.180]
- Change first day of the week to Monday for the ca_ES locale. (#1011900)
[2.12-1.179]
- Update BIG5-HKSCS charmap to HKSCS-2008. (#1211748)
[2.12-1.178]
- Rename Oriya locale to Odia. (#1091334)
[2.12-1.177]
- Avoid hang in gethostbyname_r due to missing mutex unlocking (#1192621)
[2.12-1.176]
- Avoid ld.so crash when audit modules provide path (#1211098)
[2.12-1.175]
- Suppress expected backtrace in tst-malloc-backtrace (#1276633)
[2.12-1.174]
- Avoid PLT for memmem (#1186104).
[2.12-1.173]
- Fix up a missing dependency in the Makefile (#1219627).
[2.12-1.172]
- Reduce lock contention in __tz_convert (#1244585).
[2.12-1.171]
- Prevent the malloc arena free list from becoming cyclic (#1264189)
[2.12-1.170]
- Remove legacy IA64 support (#1246145).
[2.12-1.169]
- Check for NULL arena pointer in _int_pvalloc (#1246656).
- Don't change no_dyn_threshold on mallopt failure (#1246660).
[2.12-1.168]
- Unlock main arena after allocation in calloc (#1245731).
- Enable robust malloc change again (#1245731).
- Fix perturbing in malloc on free and simply perturb_byte (#1245731).
- Don't fall back to mmap prematurely (#1245731).
[-2.12-1.167]
- The malloc deadlock avoidance support has been temporarily removed since it
triggers deadlocks in certain applications (#1243824).
Related CVEs
| CVE-2014-9761 |
| CVE-2015-8776 |
| CVE-2015-8778 |
| CVE-2015-8779 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle VM 3.3 (x86_64) | glibc-2.12-1.209.0.1.el6.src.rpm | 635cedbf6910098c85f88d7bd56939ea | OVMSA-2018-0235 |
| glibc-2.12-1.209.0.1.el6.i686.rpm | 52beda2c229e092e7d7607b172547c4e | OVMSA-2018-0235 | |
| glibc-2.12-1.209.0.1.el6.x86_64.rpm | 601464d83b3b64e034a743d2db9ecddb | OVMSA-2018-0235 | |
| glibc-common-2.12-1.209.0.1.el6.x86_64.rpm | ed466bae5fe89eae5e88d02baac7c410 | OVMSA-2018-0235 | |
| nscd-2.12-1.209.0.1.el6.x86_64.rpm | 301a7bebb8185dc5edc73af5ac78d746 | OVMSA-2018-0235 | |
| Oracle VM 3.4 (x86_64) | glibc-2.12-1.209.0.1.el6.src.rpm | 635cedbf6910098c85f88d7bd56939ea | OVMSA-2018-0235 |
| glibc-2.12-1.209.0.1.el6.i686.rpm | 52beda2c229e092e7d7607b172547c4e | OVMSA-2018-0235 | |
| glibc-2.12-1.209.0.1.el6.x86_64.rpm | 601464d83b3b64e034a743d2db9ecddb | OVMSA-2018-0235 | |
| glibc-common-2.12-1.209.0.1.el6.x86_64.rpm | ed466bae5fe89eae5e88d02baac7c410 | OVMSA-2018-0235 | |
| glibc-devel-2.12-1.209.0.1.el6.x86_64.rpm | a139ee00be5e2127e71455a931a5f967 | OVMSA-2018-0235 | |
| glibc-headers-2.12-1.209.0.1.el6.x86_64.rpm | 0738d746c130a92353a63d76d34ed12c | OVMSA-2018-0235 | |
| nscd-2.12-1.209.0.1.el6.x86_64.rpm | 301a7bebb8185dc5edc73af5ac78d746 | OVMSA-2018-0235 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
