Fedora 27: glibc Security Update 2018-9c88c32d15 2018-9c88c32d15
Summary
The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.
This updates contains various updates from the upstream glibc 2.26 release
branch, including minor fixes for the `realpath` function and the i386 `memmove`
implementation. Starting with this update, glibc will no longer re-exec systemd
during glibc updates (RHBZ#1579225).
* Fri May 18 2018 Florian Weimer
- Do not run telinit u on upgrades (#1579225)
- Auto-sync with upstream branch release/2.26/master,
commit af7519f7b35024224c163e32a89fb247b0c446fc:
- Fix path length overflow in realpath (swbz#22786)
- Fix stack overflow with huge PT_NOTE segment (swbz#20419)
- Fix signed integer overflow in random_r (swbz#17343)
- i386: Fix i386 sigaction sa_restorer initialization (swbz#21269)
- nscd: Fix netgroup cache keys (swbz#22342)
- Fix i386 memmove issue (swbz#22644)
- Fix crash in resolver on memory allocation failure (swbz#23005)
- getlogin_r: return early when linux sentinel value is set (swbz#23024)
- resolv: Fully initialize struct mmsghdr in send_dg (swbz#23037)
* Fri Mar 2 2018 Florian Weimer
- Restore unwind tables on POWER (#1550914)
* Thu Mar 1 2018 Florian Weimer
- Auto-sync with upstream branch release/2.26/master,
commit d300041c533a3d837c9f37a099bcc95466860e98:
- CVE-2018-6485, CVE-2018-6551: Fix integer overflows in internal
memalign and malloc (#1542102, #1542119)
- powerpc: Fix syscalls during early process initialization (swbz#22685)
- math: Provide a C++ version of iseqsig (swbz#22377)
- aarch: Rewrite elf_machine_load_address using _DYNAMIC symbol
- x86-64: Properly align La_x86_64_retval to VEC_SIZE (swbz#22715)
* Wed Jan 17 2018 Florian Weimer
- Build depend on python3, not python
* Mon Jan 15 2018 Florian Weimer
- PTHREAD_STACK_MIN is too small on x86-64 (#1527887)
- Auto-sync with upstream branch release/2.26/master,
commit 247c1ddd309e3f4135045eab554f3817b7d765be.
* Mon Jan 15 2018 Florian Weimer
- CVE-2018-1000001: Make getcwd fail if it cannot obtain an absolute path
(#1533837)
- CVE-2017-16997: Check for empty tokens before dynamic string token
expansion in the dynamic linker (#1526866)
- Auto-sync with upstream branch release/2.26/master,
commit fabef2edbc29424a8048bdd60eba1a201f95682b:
- elf: do not substitute dst in $LD_LIBRARY_PATH twice (swbz#22627)
* Mon Jan 15 2018 Florian Weimer
- Add BuildRequires: cpp (for rpcgen)
* Fri Dec 22 2017 Florian Weimer
- bash no longer has job control under systemd-nspawn (via mock) (#1468837)
- Auto-sync with upstream branch release/2.26/master,
commit 069c3dd05abc91fced6e1e119e425c361ad97644:
- CVE-2017-1000409: Count in expanded path in _dl_init_path (#1524867)
- CVE-2017-1000408: Compute correct array size in _dl_init_paths (#1524867)
* Wed Dec 6 2017 Florian Weimer
- Auto-sync with upstream branch release/2.26/master,
commit 73a92363619e52c458146e903dfb9b1ba823aa40:
- malloc: Fix -Werror compilation failure with -O3 (swbz#22052)
* Wed Dec 6 2017 Florian Weimer
- Auto-sync with upstream branch release/2.26/master,
commit df8c219cb987cfe85c550efa693a1383a11e38aa:
- CVE-2017-17426: malloc: Fix integer overflow in tcache (swbz#22375)
- CVE-2017-15804: glob: Fix overflow in GLOB_TILDE unescaping (swbz#22332)
- malloc: Add single-threaded path to _int_malloc
- powerpc: Update AT_HWCAP2 bits
- malloc: Abort on heap corruption, without a backtrace (swbz#21754)
- Don't use IFUNC resolver for longjmp or system in libpthread (swbz#21041)
- powerpc: Replace lxvd2x/stxvd2x with lvx/stvx in P7's memcpy/memmove
* Sat Nov 18 2017 Florian Weimer
- Auto-sync with upstream branch release/2.26/master,
commit 2767ebd8bc34c8b632ea737296200a86f57289ad:
- crypt: Use NSPR header files in addition to NSS header files (#1489339)
- malloc: Use relaxed atomics for have_fastchunks
- malloc: Inline tcache functions
- x86-64: Regenerate libm-test-ulps for AVX512 mathvec tests
* Mon Nov 13 2017 Florian Weimer
- Auto-sync with upstream branch release/2.26/master,
commit a81c1156c1a9a6161d49b295a09a4e4cff7a88d0:
- posix: Fix improper assert in Linux posix_spawn (swbz#22273)
- posix: Do not use WNOHANG in waitpid call for Linux posix_spawn
- posix: Fix compat glob code on s390 and alpha
- posix: Consolidate Linux glob implementation
- Fix range check in do_tunable_update_val
- Let signbit use the builtin in C++ mode with gcc < 6.x (swbz#22296)
- x86-64: Don't set GLRO(dl_platform) to NULL (swbz#22299)
- x86-64: Use fxsave/xsave/xsavec in _dl_runtime_resolve (swbz#21265)
* Thu Nov 2 2017 Florian Weimer
- x86: Add x86_64 to x86-64 HWCAP (#1506802)
[ 1 ] Bug #1579225 - glibc: Do not run telinit u on upgrades
https://bugzilla.redhat.com/show_bug.cgi?id=1579225
su -c 'dnf upgrade --advisory FEDORA-2018-9c88c32d15' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5RMR2PFPYN7ONQ44CPR3PJG2POML5QW/
FEDORA-2018-9c88c32d15 2018-05-23 15:57:57.554427 Product : Fedora 27 Version : 2.26 Release : 28.fc27 URL : http://www.gnu.org/software/glibc/ Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. This updates contains various updates from the upstream glibc 2.26 release branch, including minor fixes for the `realpath` function and the i386 `memmove` implementation. Starting with this update, glibc will no longer re-exec systemd during glibc updates (RHBZ#1579225). * Fri May 18 2018 Florian Weimer - 2.26-28 - Do not run telinit u on upgrades (#1579225) - Auto-sync with upstream branch release/2.26/master, commit af7519f7b35024224c163e32a89fb247b0c446fc: - Fix path length overflow in realpath (swbz#22786) - Fix stack overflow with huge PT_NOTE segment (swbz#20419) - Fix signed integer overflow in random_r (swbz#17343) - i386: Fix i386 sigaction sa_restorer initialization (swbz#21269) - nscd: Fix netgroup cache keys (swbz#22342) - Fix i386 memmove issue (swbz#22644) - Fix crash in resolver on memory allocation failure (swbz#23005) - getlogin_r: return early when linux sentinel value is set (swbz#23024) - resolv: Fully initialize struct mmsghdr in send_dg (swbz#23037) * Fri Mar 2 2018 Florian Weimer - 2.26-27 - Restore unwind tables on POWER (#1550914) * Thu Mar 1 2018 Florian Weimer - 2.26-26 - Auto-sync with upstream branch release/2.26/master, commit d300041c533a3d837c9f37a099bcc95466860e98: - CVE-2018-6485, CVE-2018-6551: Fix integer overflows in internal memalign and malloc (#1542102, #1542119) - powerpc: Fix syscalls during early process initialization (swbz#22685) - math: Provide a C++ version of iseqsig (swbz#22377) - aarch: Rewrite elf_machine_load_address using _DYNAMIC symbol - x86-64: Properly align La_x86_64_retval to VEC_SIZE (swbz#22715) * Wed Jan 17 2018 Florian Weimer - 2.26-25 - Build depend on python3, not python * Mon Jan 15 2018 Florian Weimer - 2.26-24 - PTHREAD_STACK_MIN is too small on x86-64 (#1527887) - Auto-sync with upstream branch release/2.26/master, commit 247c1ddd309e3f4135045eab554f3817b7d765be. * Mon Jan 15 2018 Florian Weimer - 2.26-23 - CVE-2018-1000001: Make getcwd fail if it cannot obtain an absolute path (#1533837) - CVE-2017-16997: Check for empty tokens before dynamic string token expansion in the dynamic linker (#1526866) - Auto-sync with upstream branch release/2.26/master, commit fabef2edbc29424a8048bdd60eba1a201f95682b: - elf: do not substitute dst in $LD_LIBRARY_PATH twice (swbz#22627) * Mon Jan 15 2018 Florian Weimer - 2.26-22 - Add BuildRequires: cpp (for rpcgen) * Fri Dec 22 2017 Florian Weimer - 2.26-21 - bash no longer has job control under systemd-nspawn (via mock) (#1468837) - Auto-sync with upstream branch release/2.26/master, commit 069c3dd05abc91fced6e1e119e425c361ad97644: - CVE-2017-1000409: Count in expanded path in _dl_init_path (#1524867) - CVE-2017-1000408: Compute correct array size in _dl_init_paths (#1524867) * Wed Dec 6 2017 Florian Weimer - 2.26-20 - Auto-sync with upstream branch release/2.26/master, commit 73a92363619e52c458146e903dfb9b1ba823aa40: - malloc: Fix -Werror compilation failure with -O3 (swbz#22052) * Wed Dec 6 2017 Florian Weimer - 2.26-19 - Auto-sync with upstream branch release/2.26/master, commit df8c219cb987cfe85c550efa693a1383a11e38aa: - CVE-2017-17426: malloc: Fix integer overflow in tcache (swbz#22375) - CVE-2017-15804: glob: Fix overflow in GLOB_TILDE unescaping (swbz#22332) - malloc: Add single-threaded path to _int_malloc - powerpc: Update AT_HWCAP2 bits - malloc: Abort on heap corruption, without a backtrace (swbz#21754) - Don't use IFUNC resolver for longjmp or system in libpthread (swbz#21041) - powerpc: Replace lxvd2x/stxvd2x with lvx/stvx in P7's memcpy/memmove * Sat Nov 18 2017 Florian Weimer - 2.26-18 - Auto-sync with upstream branch release/2.26/master, commit 2767ebd8bc34c8b632ea737296200a86f57289ad: - crypt: Use NSPR header files in addition to NSS header files (#1489339) - malloc: Use relaxed atomics for have_fastchunks - malloc: Inline tcache functions - x86-64: Regenerate libm-test-ulps for AVX512 mathvec tests * Mon Nov 13 2017 Florian Weimer - 2.26-17 - Auto-sync with upstream branch release/2.26/master, commit a81c1156c1a9a6161d49b295a09a4e4cff7a88d0: - posix: Fix improper assert in Linux posix_spawn (swbz#22273) - posix: Do not use WNOHANG in waitpid call for Linux posix_spawn - posix: Fix compat glob code on s390 and alpha - posix: Consolidate Linux glob implementation - Fix range check in do_tunable_update_val - Let signbit use the builtin in C++ mode with gcc < 6.x (swbz#22296) - x86-64: Don't set GLRO(dl_platform) to NULL (swbz#22299) - x86-64: Use fxsave/xsave/xsavec in _dl_runtime_resolve (swbz#21265) * Thu Nov 2 2017 Florian Weimer - 2.26-16 - x86: Add x86_64 to x86-64 HWCAP (#1506802) [ 1 ] Bug #1579225 - glibc: Do not run telinit u on upgrades https://bugzilla.redhat.com/show_bug.cgi?id=1579225 su -c 'dnf upgrade --advisory FEDORA-2018-9c88c32d15' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M5RMR2PFPYN7ONQ44CPR3PJG2POML5QW/
Change Log
References
Update Instructions
