Fedora 35: glibc 2021-16dc1f33af
Summary
The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.
This is a regular glibc maintenance update. It addresses a regression in
`pthread_cancel` (spurious `ESRCH` errors) and fixes a bug where tools like
`top` would not show all CPUs in the system. A minor security issue in the
rarely-used `mq_notify` function is addressed (CVE-2021-38604). Furthermore,
the `C.UTF-8` locale is replaced by its upstream implementation.
* Thu Sep 23 2021 Florian Weimer
- Sync with upstream branch release/2.34/master,
commit 33adeaa3e2b9143c38884bc5aa65ded222ed274e:
- nptl: Avoid setxid deadlock with blocked signals in thread exit [BZ #28361]
- Use support_open_dev_null_range io/tst-closefrom, misc/tst-close_range, and
posix/tst-spawn5 (BZ #28260)
- support: Add support_open_dev_null_range
- nptl: Fix type of pthread_mutexattr_getrobust_np,
pthread_mutexattr_setrobust_np (bug 28036)
- nptl: pthread_kill needs to return ESRCH for old programs (bug 19193)
* Wed Sep 15 2021 Florian Weimer
- Use system CPU count for sysconf(_SC_NPROCESSORS_*) (#1992702)
* Wed Sep 15 2021 Florian Weimer
- Sync with upstream branch release/2.34/master,
commit 4ed990e5b97a61f29f929bdeb36c5b2abb547a64:
- Add MADV_POPULATE_READ and MADV_POPULATE_WRITE from Linux 5.14 to
bits/mman-linux.h
- Update kernel version to 5.14 in tst-mman-consts.py
- Update syscall lists for Linux 5.14
- Use Linux 5.14 in build-many-glibcs.py
- Fix failing nss/tst-nss-files-hosts-long with local resolver
- iconvconfig: Fix behaviour with --prefix [BZ #28199]
- nptl: Fix race between pthread_kill and thread exit (swbz#12889, #1994068)
- nptl: pthread_kill, pthread_cancel should not fail after exit
(swbz#19193, #1994068)
- support: Add support_wait_for_thread_exit
- MIPS: Setup errno for {f,l,}xstat
- x86-64: Use testl to check __x86_string_control
- elf: Fix missing colon in LD_SHOW_AUXV output (swbz#28253, #1995648)
- librt: add test (swbz#28213, #1994264)
- CVE-2021-38604: fix NULL pointer dereference in mq_notify
(swbz#28213, #1994264)
- Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (bug 28182)
- iconv_charmap: Close output file when done
- copy_and_spawn_sgid: Avoid double calls to close()
- gaiconf_init: Avoid double-free in label and precedence lists
- gconv_parseconfdir: Fix memory leak
- ldconfig: avoid leak on empty paths in config file
* Wed Sep 15 2021 Florian Weimer
- Switch to upstream version of C.UTF-8 (#1997589)
[ 1 ] Bug #1993518 - CVE-2021-38604 glibc: NULL pointer dereference in helper_thread() in mq_notify.c while handling NOTIFY_REMOVED messages [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1993518
su -c 'dnf upgrade --advisory FEDORA-2021-16dc1f33af' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
FEDORA-2021-16dc1f33af 2021-09-29 00:16:07.673232 Product : Fedora 35 Version : 2.34 Release : 6.fc35 URL : http://www.gnu.org/software/glibc/ Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. This is a regular glibc maintenance update. It addresses a regression in `pthread_cancel` (spurious `ESRCH` errors) and fixes a bug where tools like `top` would not show all CPUs in the system. A minor security issue in the rarely-used `mq_notify` function is addressed (CVE-2021-38604). Furthermore, the `C.UTF-8` locale is replaced by its upstream implementation. * Thu Sep 23 2021 Florian Weimer - 2.34-6 - Sync with upstream branch release/2.34/master, commit 33adeaa3e2b9143c38884bc5aa65ded222ed274e: - nptl: Avoid setxid deadlock with blocked signals in thread exit [BZ #28361] - Use support_open_dev_null_range io/tst-closefrom, misc/tst-close_range, and posix/tst-spawn5 (BZ #28260) - support: Add support_open_dev_null_range - nptl: Fix type of pthread_mutexattr_getrobust_np, pthread_mutexattr_setrobust_np (bug 28036) - nptl: pthread_kill needs to return ESRCH for old programs (bug 19193) * Wed Sep 15 2021 Florian Weimer - 2.34-5 - Use system CPU count for sysconf(_SC_NPROCESSORS_*) (#1992702) * Wed Sep 15 2021 Florian Weimer - 2.34-4 - Sync with upstream branch release/2.34/master, commit 4ed990e5b97a61f29f929bdeb36c5b2abb547a64: - Add MADV_POPULATE_READ and MADV_POPULATE_WRITE from Linux 5.14 to bits/mman-linux.h - Update kernel version to 5.14 in tst-mman-consts.py - Update syscall lists for Linux 5.14 - Use Linux 5.14 in build-many-glibcs.py - Fix failing nss/tst-nss-files-hosts-long with local resolver - iconvconfig: Fix behaviour with --prefix [BZ #28199] - nptl: Fix race between pthread_kill and thread exit (swbz#12889, #1994068) - nptl: pthread_kill, pthread_cancel should not fail after exit (swbz#19193, #1994068) - support: Add support_wait_for_thread_exit - MIPS: Setup errno for {f,l,}xstat - x86-64: Use testl to check __x86_string_control - elf: Fix missing colon in LD_SHOW_AUXV output (swbz#28253, #1995648) - librt: add test (swbz#28213, #1994264) - CVE-2021-38604: fix NULL pointer dereference in mq_notify (swbz#28213, #1994264) - Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (bug 28182) - iconv_charmap: Close output file when done - copy_and_spawn_sgid: Avoid double calls to close() - gaiconf_init: Avoid double-free in label and precedence lists - gconv_parseconfdir: Fix memory leak - ldconfig: avoid leak on empty paths in config file * Wed Sep 15 2021 Florian Weimer - 2.34-3 - Switch to upstream version of C.UTF-8 (#1997589) [ 1 ] Bug #1993518 - CVE-2021-38604 glibc: NULL pointer dereference in helper_thread() in mq_notify.c while handling NOTIFY_REMOVED messages [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1993518 su -c 'dnf upgrade --advisory FEDORA-2021-16dc1f33af' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Change Log
References
Update Instructions
