Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 519
Alerts This Week
Warning Icon 1 519

Fedora 23: 2015-7174c4d68d Moderate: Glibc Function Security Update

fedora
Calendar Grey December 6, 2015
Dist Fedora Esm H88
Fedora 23 glibc upgrade boosts file compatibility, eliminates vulnerable security variables, and strengthens pointer protection.
This update re-adds large file support to the `openat` function, removes support for the `LD_POINTER_GUARD` environment variable (which could be used to weaken security protections...

Summary

The glibc package contains standard libraries which are used by

multiple programs on the system. In order to save disk space and

memory, as well as to make upgrading easier, common system code is

kept in one place and shared between programs. This particular package

contains the most important sets of shared libraries: the standard C

library and the standard math library. Without these two libraries, a

Linux system will not function.

Update Information:

This update re-adds large file support to the `openat` function, removes support for the `LD_POINTER_GUARD` environment variable (which could be used to weaken security protections in `AT_SECURE`/SUID binaries), and adds function pointer obfuscation to the TLS destructor list.

Change Log

References


[ 1 ] Bug #1276761 - glibc: apply additional pointer guard hardening https://bugzilla.redhat.com/show_bug.cgi?id=1276761 [ 2 ] Bug #1288662 - openat() && write() broken on i386 with _FILE_OFFSET_BITS 64 https://bugzilla.redhat.com/show_bug.cgi?id=1288662

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update glibc' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: glibc
Product: Fedora 23
Version: 2.22
Release: 6.fc23
URL:
Summary: The GNU libc libraries

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.