Oracle Errata System Oracle Linux 5.11 2024-09-21T18:49:34 Oracle Linux 7 [2.17-105.0.1] - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. [2.17-105] - Fix up test case for initial-exec fix (#1248208). [2.17-104] - Mark all TLS variables in libc.so as initial-exec (#1248208). [2.17-103] - Apply correct fix for #1195672. [2.17-102] - Remove workaround for kernel netlink bug (#1089836). - Use only 32-bit instructions in optimized 32-bit POWER functions (#1240796). [2.17-101] - Correct the AArch64 ABI baseline for libpthread (#1234622). [2.17-100] - Prevent tst-rec-dlopen from intermittently failing in parallel builds due to a missing makefile dependency (#1225959). [2.17-99] - Increase AArch64 TLS descriptor performance (#1202952). [2.17-98] - Move arch-specific header files from glibc-headers to glibc-devel (#1230328). [2.17-97] - Rebase high-precision timing support for microbenchmark (#1214326). [2.17-96] - Rebase microbenchmarks from upstream for performance testing (#1214326) - Fix running microbenchmark script bench.pl from source (#1084395) [2.17-95] - Enable systemtap support for all architectures (#1225490). [2.17-94] - Fix ruserok API scalability issues (#1216246). [2.17-93] - Backport fixes and enhancements for ppc64 and ppc64le (#1162895). - Correct DT_PPC64_NUM in elf/elf.h. - Correct IBM long double frexpl. - Correct IBM long double nextafterl. [2.17-92] - Backport fixes for various security flaws (#1209107): - Prevent heap buffer overflow in swscanf (CVE-2015-1472, CVE-2015-1473, - Prevent integer overflow in _IO_wstr_overflow (#1195762). - Prevent potential denial of service in internal_fnmatch (#1197730). - Prevent buffer overflow in gethostbyname_r and related functions with misaligned buffer (CVE-2015-1781, #1199525). [2.17-91] - Allow more shared libraries with static TLS to be loaded (#1227699). [2.17-90] - Work around kernel netlink bug on some specialized hardware setup (#1089836). - Fix invalid file descriptor reuse when sending DNS query (CVE-2013-7423, #1194143). - Sync netinet/tcp.h with the kernel (#1219891). [2.17-89] - Avoid deadlock in malloc on backtrace (#1207032). - Actually test iconv modules (#1176906). - Use calloc to allocate xports (#1159169). - Return EAI_AGAIN for AF_UNSPEC when herrno is TRY_AGAIN (#1098042). [2.17-88] - Add librtkaio.abilist generated by make update-abi (#1173238). [2.18-87] - Enhance nscd inotify support (#1193797). [2.17-86] - Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (#1173537). [2.17-85] - Skip logging for DNSSEC responses (#1186620). - Also apply the RHEL6.7 Makerules patch (#1189278). [2.17-84] - Initialize nscd stats data (#1183456). [2.17-83] - Resize DTV if the current DTV isn't big enough (#1189278). [2.17-82] - Backport an alternate implementation of strstr and strcasestr for x86 that doesn't use the stack for temporaries requiring 16-byte alignment (#1150282). [2.17-81] - Fix recursive dlopen() (#1165212). - Correctly size profiling reloc table (#1144133). [2.17-80] - Work around a suspected gcc 4.8 bug (#1064066). [2.17-79] - Restructure spec file to unconditionally apply ppc64le support (#1182355). - Fix test failure in test-ildoubl on ppc64 (#1186491). MODERATE Copyright 2015 Oracle, Inc. CVE-2013-7423 CVE-2015-1472 CVE-2015-1781 CVE-2015-1473 cpe:/a:oracle:linux:7:2:base cpe:/a:oracle:linux:7::optional_archive cpe:/a:oracle:linux:7::latest_archive