FEDORA-2016-0480defc94

security update in Fedora 22 for glibc

Status: stable 3 years ago

This updates addresses a critical security vulnerability in the DNS resolver related to AF_UNSPEC queries with getaddrinfo (CVE-2015-7547). It also includes security fixes for CVE-2015-8777 and CVE-2015-1781. It improves malloc scalability for applications which start and terminate many threads. The output of locale -a is now ASCII-only (previously, it contained ISO-8859-1 characters).

Reboot Required

After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2016-0480defc94

Comments 17

This update has been submitted for testing by fweimer.

fweimer edited this update.

The expected bugs are fixed, build logs did not show any regression, general system behavior appears to be fine.

critpath: +1 #1276112: +1 #970866: +1 #1214152: +1 #1276761: +1 #1184168: +1 #1199525: +1 #1260581: +1

This update has been pushed to testing.

Looks good here. No issues.

karma: +1

critpath: +1

no regressions noted

karma: +1

fweimer edited this update.

New build(s):

  • glibc-2.21-11.fc22

Removed build(s):

  • glibc-2.21-10.fc22

This update has been submitted for testing by fweimer.

Works fine after reboot.

karma: +1 critpath: +1

filiperosset: I guess you need to re-test to get you karma count, because the builds were changed.

works for me

karma: +1

Works before and after reboot and passes the CVE-2015-7547 regression testsuite.

karma: +1 critpath: +1 #1276112: +1 #1308943: +1

fweimer edited this update.

working OK here. haven't confirmed security fix, but no critpath problems.

karma: +1 critpath: +1

This update has been pushed to testing.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
urgent
Karma
+4
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago
modified 3 years ago

Related Bugs 9

00 #970866 Test suite failure: tst-audit2.out
00 #1184168 locale -a output is binary according to grep because of bokmal
00 #1199525 CVE-2015-1781 glibc: buffer overflow in gethostbyname_r() and related functions with misaligned buffer
00 #1214152 CVE-2015-1781 glibc: buffer overflow in gethostbyname_r() and related functions with misaligned buffer [fedora-all]
00 #1260581 CVE-2015-8777 glibc: LD_POINTER_GUARD in the environment is not sanitized
0+1 #1276112 glibc: malloc arena free list can become cyclic
00 #1276761 CVE-2015-8777 glibc: apply additional pointer guard hardening
00 #1293532 CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow
0+1 #1308943 CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow [fedora-all]

Automated Test Results