Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 33 glibc Update FEDORA-2021-3f4132bb56 Critical Overflow Issue

fedora
Calendar Grey July 19, 2021
Dist Fedora Esm H88
Fedora 33 has issued an important update to fix glibc overflow vulnerabilities linked to advisory FEDORA-2021-3f4132bb56, boosting system security
Auto-sync with upstream branch release/2.32/master Upstream commit: 27e892f6608e9d0da71884bb1422a735f6062850 - wordexp: handle overflow in positional parameter number (swb...

Summary

The glibc package contains standard libraries which are used by

multiple programs on the system. In order to save disk space and

memory, as well as to make upgrading easier, common system code is

kept in one place and shared between programs. This particular package

contains the most important sets of shared libraries: the standard C

library and the standard math library. Without these two libraries, a

Linux system will not function.

Auto-sync with upstream branch release/2.32/master Upstream commit:

27e892f6608e9d0da71884bb1422a735f6062850 - wordexp: handle overflow in

positional parameter number (swbz#28011, CVE-2021-35942) - Preserve .symtab

in libc.so.6 and the main shared objects (#1975895)

* Tue Jul 13 2021 Florian Weimer - 2.32-10

- Preserve .symtab in libc.so.6 and the main shared objects (#1975859)

* Wed Jul 7 2021 Patsy Griffin - 2.32-9

- Auto-sync with upstream branch release/2.32/master,

commit 27e892f6608e9d0da71884bb1422a735f6062850.

- wordexp: handle overflow in positional parameter number (bug 28011)

[ 1 ] Bug #1975895 - glibc: Preserve symtab in libc.so.6 and other critical shared objects

https://bugzilla.redhat.com/show_bug.cgi?id=1975895

[ 2 ] Bug #1977976 - CVE-2021-35942 glibc: Arbitrary read in wordexp() [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1977976

su -c 'dnf upgrade --advisory FEDORA-2021-3f4132bb56' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory critical issue Fedora package update glibc overflow

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 33
Version: 2.32
Release: 10.fc33
URL:
Summary: The GNU libc libraries

Topics%20covered

Topics Covered

security advisory critical issue Fedora package update glibc overflow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here