Stay Secure with the Latest Linux Advisories

security advisoryFedorabug fix

Fedora 27 glibc Update Security Advisory - Moderate Severity

This update fixes minor security bugs (CVE-2017-17426, CVE-2017-15804), contains single-threaded optimizations for `malloc`, and increases compatibility with IBM POWER 9 hardware.. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-fb5e227432 2017-12-19 18:22:41.465710 --------------------------------------------------------------------------------Name : glibc Product : Fedora 27 Version : 2.26 Release : 20.fc27 URL : Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function. --------------------------------------------------------------------------------Update Information: This update fixes minor security bugs (CVE-2017-17426, CVE-2017-15804), contains single-threaded optimizations for `malloc`, and increases compatibility with IBM POWER 9 hardware. --------------------------------------------------------------------------------References: [ 1 ] Bug #1505298 - CVE-2017-15804 glibc: Buffer overflow during unescaping of user names with the ~ operator https://bugzilla.redhat.com/show_bug.cgi?id=1505298 [ 2 ] Bug #1524530 - CVE-2017-17426 glibc: Integer overflow with enabled tcache https://bugzilla.redhat.com/show_bug.cgi?id=1524530 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade glibc' at the command line. For more information, refer to the dnf documentation availableat https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . This release for Fedora 28 resolves several security vulnerabilities and enhances support for Intel's upcoming hardware architectures.. Fedora Security Update, glibc Optimization, Bug Fixes. . LinuxSecurity.com Team

Dec 19, 2017 Fedora