FEDORA-2016-b321728d74

security update in Fedora 24 for glibc

Status: stable 3 years ago

This update contains minor security fixes (for CVE-2016-3075, CVE-2016-3706, and CVE-2016-1234) and collects fixes for bugs encountered by Fedora users.

Reboot Required

After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

Comments 11

This update has been submitted for testing by fweimer.

This update has been pushed to testing.

Works

karma: +1

no issues found

karma: +1

fweimer edited this update.

New build(s):

  • glibc-2.23.1-7.fc24

Removed build(s):

  • glibc-2.23.1-6.fc24

This update has been submitted for testing by fweimer.

This update has been pushed to testing.

no regressions noted

karma: +1

This update has been submitted for stable by fweimer.

This update has been pushed to stable.

Is it possible that this release breaks setlocale()? See https://bugzilla.redhat.com/show_bug.cgi?id=1336427 for a full backtrace.

#1335011: +1

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
low
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago
modified 3 years ago

Related Bugs 16

00 #1204521 fr_CH LC_TIME has wrong first day of week
00 #1282011 first_weekday wrong for hr_HR locale
00 #1307234 strfmon_l does not group digits.
00 #1313404 Test suite failure: elf/tst-audit10 and elf/tst-audit4
00 #1315648 CVE-2016-1234 glibc: Stack-based buffer overflow in glob with GLOB_ALTDIRFUNC and crafted directory [fedora-all]
00 #1316972 glibc: NULL pointer dereference in stub resolver with unconnectable name server addresses
00 #1321372 Incorrect first day of the week for es_CL locale
00 #1321861 glibc: "getent group" listing using nss_db fails when entries are long
00 #1321954 CVE-2016-3075 glibc: Stack overflow in nss_dns_getnetbyname_r [fedora-all]
00 #1330888 CVE-2016-3706 glibc: stack (frame) overflow in getaddrinfo() when called with AF_INET, AF_INET6 (incomplete fix for CVE-2013-4458) [fedora-all]
00 #1332912 glibc: nss_hesiod: Heap overflow in get_txt_records
00 #1332914 glibc: Backport nss_dns hardening patches
00 #1332917 glibc: Deadlock between fflush, getdelim, and fork
00 #1333901 glibc: getnameinfo: fix memory leak and incorrect truncation checks
00 #1334289 glibc: ldconfig -X should not remove stale symbolic links
0+1 #1335011 dlsym (RTLD_NEXT)/dlerror fix breaks Adress Sanitizer (ASAN)

Automated Test Results