Fedora 30: glibc FEDORA-2020-c32e4b271c

    Date 05 Feb 2020
    362
    Posted By LinuxSecurity Advisories
    This update incorporates fixes from the upstream glibc 2.29 stable release branch, including a fix for a minor security vulnerability ([`LD_PREFER_MAP_32BIT_EXEC` not ignored in setuid binaries](https://bugzilla.redhat.com/show_bug.cgi?id=1774682)).
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2020-c32e4b271c
    2020-02-06 01:02:41.743855
    --------------------------------------------------------------------------------
    
    Name        : glibc
    Product     : Fedora 30
    Version     : 2.29
    Release     : 28.fc30
    URL         : https://www.gnu.org/software/glibc/
    Summary     : The GNU libc libraries
    Description :
    The glibc package contains standard libraries which are used by
    multiple programs on the system. In order to save disk space and
    memory, as well as to make upgrading easier, common system code is
    kept in one place and shared between programs. This particular package
    contains the most important sets of shared libraries: the standard C
    library and the standard math library. Without these two libraries, a
    Linux system will not function.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    This update incorporates fixes from the upstream glibc 2.29 stable release
    branch, including a fix for a minor security vulnerability
    ([`LD_PREFER_MAP_32BIT_EXEC` not ignored in setuid
    binaries](https://bugzilla.redhat.com/show_bug.cgi?id=1774682)).
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Tue Jan 21 2020 Florian Weimer  - 2.29-28
    - Auto-sync with upstream branch release/2.29/master,
      commit ea6f2c3174232ca7f66ab1524f0d5fedc7b26f23:
    - : Define __CORRECT_ISO_CPP_STRING_H_PROTO for Clang (swbz#25232)
    - x86: Assume --enable-cet if GCC defaults to CET (swbz#25225)
    - libio: Disable vtable validation for pre-2.1 interposed handles (swbz#25203)
    - CVE-2019-19126: LD_PREFER_MAP_32BIT_EXEC not ignored for SUID programs (#1774682)
    * Wed Dec  4 2019 Arjun Shankar  - 2.29-27
    - Rebuild to fix corrupt annobin data in crti.o and crtn.o [BZ# 1779399]
    * Tue Nov 19 2019 Arjun Shankar  - 2.29-26
    - Auto-sync with upstream branch release/2.29/master,
      commit 845278f2c6f93b1bb72c1e61529785740ea05f62:
    - Update Alpha libm-test-ulps
    - Improve performance of strstr
    - Improve performance of memmem
    - alpha: force old OSF1 syscalls for getegid, geteuid and getppid [BZ #24986]
    - Fix RISC-V vfork build with Linux 5.3 kernel headers.
    - Call _dl_open_check after relocation [BZ #24259]
    - support: Export bindir path on support_path
    - nss_db: fix endent wrt NULL mappings [BZ #24695] [BZ #24696]
    - elf: Refuse to dlopen PIE objects [BZ #24323]
    - mips: Force RWX stack for hard-float builds that can run on pre-4.8 kernels
    - Fix alignment of TLS variables for tls variant TLS_TCB_AT_TP [BZ #23403]
    - Fix assertion in malloc.c:tcache_get.
    - Small tcache improvements
    - malloc: Remove unwanted leading whitespace in malloc_info [BZ #24867]
    - malloc: Fix missing accounting of top chunk in malloc_info [BZ #24026]
    - Add glibc.malloc.mxfast tunable
    - malloc: Various cleanups for malloc/tst-mxfast
    - Base max_fast on alignment, not width, of bins (Bug 24903)
    - Linux: Use in-tree copy of SO_ constants for !__USE_MISC [BZ #24532]
    * Tue Oct 29 2019 Patsy Griffin  - 2.29-25
    - Implement --preload option for the dynamic linker.(#1747453)
    * Mon Oct 28 2019 Patsy Griffin  - 2.29-24
    - Remove codecvt vtable. (#1764241)
    * Mon Sep 30 2019 Florian Weimer  - 2.29-23
    - Set the expects flags to clock_nanosleep (#1473680)
    * Wed Sep  4 2019 Florian Weimer  - 2.29-22
    - Avoid relocation-dependent IFUNC resolvers in librt (swbz#24959, #1473680)
    * Tue Sep  3 2019 Florian Weimer  - 2.29-21
    - ld.so: Support moving versioned symbols between sonames (swbz#24741)
    - malloc: Add nptl, htl dependency for the subdirectory (swbz#24757)
    - nptl: Remove vfork IFUNC-based forwarder from libpthread (swbz#20188)
    * Tue Sep  3 2019 Florian Weimer  - 2.29-20
    - Filter "ignore" autofs mount entries in getmntnt (#1748279)
    * Tue Sep  3 2019 Florian Weimer  - 2.29-19
    - Auto-sync with upstream branch release/2.29/master,
      commit 6d8eaf4a25c09256b53efe57d3f77f2f0bd77ede:
    - aarch64: handle STO_AARCH64_VARIANT_PCS
    - aarch64: add STO_AARCH64_VARIANT_PCS and DT_AARCH64_VARIANT_PCS
    - io: Remove copy_file_range emulation (#1724976)
    * Fri Jun 21 2019 Florian Weimer  - 2.29-18
    - Avoid ABI exposure of the NSS service_user type (#1722832)
    * Fri Jun 21 2019 Florian Weimer  - 2.29-17
    - Auto-sync with upstream branch release/2.29/master,
      commit 34fb5f61d3c3f4b8fc616ea259fa19168b58ecd4:
    - During exit, skip wide buffer handling for legacy stdio handles (#1722216)
    * Mon Jun 17 2019 Florian Weimer  - 2.29-16
    - Address conflict between  and  (#1721129)
    * Thu Jun  6 2019 Florian Weimer  - 2.29-15
    - locale: Add LOCPATH diagnostics (#1717492)
    * Wed Jun  5 2019 Florian Weimer  - 2.29-14
    - Delete /usr/lib/locale/locale-archive only on uninstall (#1717367)
    - Do not mark /usr/lib/locale/locale-archive as a configuration file
      because it is always automatically overwritten by build-locale-archive.
    * Wed Jun  5 2019 Florian Weimer  - 2.29-13
    - Fix --without benchtests builds.
    - Auto-sync with upstream branch release/2.29/master,
      commit 2ec0b166bf04e22bb6921a08bb1a1131b57889a1:
    - Use a proper C tokenizer to implement the obsolete typedefs test
    - malloc: Fix warnings in tests with GCC
    - Fix tcache count maximum (swbz#24531)
    - dlfcn: Guard __dlerror_main_freeres with __libc_once_get (once) (swbz#24476)
    - Fix crash in _IO_wfile_sync (#1710460)
    * Thu May  2 2019 Arjun Shankar  - 2.29-12
    - Auto-sync with upstream branch release/2.29/master,
      commit 52b7cd6e9a701bb203023d56e84551943dc6a4c0:
    - malloc: Check for large bin list corruption when inserting unsorted chunk
      (swbz#24216)
    * Fri Apr 26 2019 Florian Weimer  - 2.29-11
    - Auto-sync with upstream branch release/2.29/master,
      commit eaea1dfbe95a31c29adc259100569962cddb6f19:
    - Fix pldd hang (#1361689)
    - malloc: Set and reset all hooks for tracing (swbz#16573)
    * Fri Apr 26 2019 Florian Weimer  - 2.29-10
    - Increase BIND_NOW coverage (#1702671)
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1774682 - CVE-2019-19126 glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1774682
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2020-c32e4b271c' at the command
    line. For more information, refer to the dnf documentation available at
    https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    How do you feel about the elimination of the terms 'blacklist' and 'slave' from the Linux kernel?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/32-how-do-you-feel-about-the-elimination-of-the-terms-blacklist-and-slave-from-the-linux-kernel?task=poll.vote&format=json
    32
    radio
    [{"id":"112","title":"I strongly support this change - racially charged language should not be used in the code and documentation of the kernel and other open-source projects.","votes":"3","type":"x","order":"1","pct":42.86,"resources":[]},{"id":"113","title":"I'm indifferent - this small change will not affect broader issues of racial insensitivity and white privilege.","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"114","title":"I'm opposed to this change - there is no need to change language that has been used for years. It doesn't make sense for people to take offense to terminology used in community projects.","votes":"2","type":"x","order":"3","pct":28.57,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.