FEDORA-2017-2c63df4fe3 created by fweimer 3 years ago for Fedora 26
stable

This update addresses various minor issues in the glibc package:

  • The DNS stub resolver now picks up changes to /etc/resolv.conf automatically (#1374239).
  • The DNS stub resolver supports an unlimited number of search domains (#168253).
  • CVE-2015-5180, a segmentation fault potentially affecting applications which use the DNS stub resolver in an unusual way, has been fixed (#1251403).
  • /var/db/Makefile is now shipped in the nss_db package (#1498900).
  • The IBM858 character set is now supported (#1416405).
  • The compat NSS service module is again part of the main glibc package (#1400538).
  • A pointer alignment/endianess issue was fixed in the NSS group merging implementation (#1471985).

Reboot Required
After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-2c63df4fe3

This update has been submitted for testing by fweimer.

3 years ago

This update has been pushed to testing.

3 years ago
User Icon cserpentis commented & provided feedback 3 years ago
karma

works for me

fweimer edited this update.

New build(s):

  • glibc-2.25-12.fc26

Removed build(s):

  • glibc-2.25-11.fc26

Karma has been reset.

3 years ago

This update has been submitted for testing by fweimer.

3 years ago

This update has been pushed to testing.

3 years ago
User Icon bojan commented & provided feedback 3 years ago
karma

Everything still seems to work.

User Icon nucleo commented & provided feedback 3 years ago
karma

Error:

Problem 1: package libcrypt-2.25-10.fc26.i686 requires glibc(x86-32) = 2.25-10.fc26, but none of the providers can be installed

  • cannot install both glibc-2.25-12.fc26.i686 and glibc-2.25-10.fc26.i686

  • cannot install both glibc-2.25-10.fc26.i686 and glibc-2.25-12.fc26.i686

  • cannot install the best update candidate for package libcrypt-2.25-10.fc26.i686

  • cannot install the best update candidate for package glibc-2.25-10.fc26.i686

Problem 2: package pam-1.3.0-2.fc26.i686 requires libcrypt.so.1, but none of the providers can be installed

  • libcrypt-2.25-10.fc26.i686 has inferior architecture

  • libcrypt-2.25-6.fc26.i686 has inferior architecture

  • cannot install both libcrypt-2.25-12.fc26.x86_64 and libcrypt-2.25-10.fc26.x86_64

  • package libcrypt-nss-2.25-12.fc26.i686 conflicts with libcrypt provided by libcrypt-2.25-12.fc26.x86_64

  • cannot install both libcrypt-2.25-10.fc26.x86_64 and libcrypt-2.25-12.fc26.x86_64

  • package libcrypt-nss-2.25-10.fc26.i686 conflicts with libcrypt provided by libcrypt-2.25-12.fc26.x86_64

  • cannot install both libcrypt-2.25-6.fc26.x86_64 and libcrypt-2.25-12.fc26.x86_64

  • package libcrypt-nss-2.25-6.fc26.i686 conflicts with libcrypt provided by libcrypt-2.25-12.fc26.x86_64

  • cannot install the best update candidate for package pam-1.3.0-2.fc26.i686

  • cannot install the best update candidate for package libcrypt-2.25-10.fc26.x86_64

Problem 3: package cups-libs-1:2.2.2-7.fc26.i686 requires libcrypt.so.1, but none of the providers can be installed

  • package libcrypt-nss-2.25-12.fc26.i686 conflicts with libcrypt provided by libcrypt-2.25-12.fc26.x86_64

  • package libcrypt-2.25-10.fc26.i686 requires glibc(x86-32) = 2.25-10.fc26, but none of the providers can be installed

  • problem with installed package libcrypt-2.25-10.fc26.x86_64

  • libcrypt-nss-2.25-10.fc26.i686 has inferior architecture

  • package libcrypt-2.25-6.fc26.i686 requires glibc(x86-32) = 2.25-6.fc26, but none of the providers can be installed

  • libcrypt-nss-2.25-6.fc26.i686 has inferior architecture

  • glibc-2.25-10.fc26.i686 has inferior architecture

  • package libcrypt-2.25-10.fc26.x86_64 requires glibc(x86-64) = 2.25-10.fc26, but none of the providers can be installed

  • package libcrypt-nss-2.25-10.fc26.x86_64 requires glibc(x86-64) = 2.25-10.fc26, but none of the providers can be installed

  • glibc-2.25-6.fc26.i686 has inferior architecture

  • package libcrypt-nss-2.25-6.fc26.x86_64 requires glibc(x86-64) = 2.25-6.fc26, but none of the providers can be installed

  • cannot install both glibc-2.25-12.fc26.x86_64 and glibc-2.25-10.fc26.x86_64

  • cannot install both glibc-2.25-10.fc26.x86_64 and glibc-2.25-12.fc26.x86_64

  • cannot install both glibc-2.25-6.fc26.x86_64 and glibc-2.25-12.fc26.x86_64

  • cannot install the best update candidate for package glibc-2.25-10.fc26.x86_64

  • cannot install the best update candidate for package cups-libs-1:2.2.2-7.fc26.i686

Problem 4: problem with installed package libcrypt-2.25-10.fc26.i686

  • package libcrypt-2.25-10.fc26.i686 requires glibc(x86-32) = 2.25-10.fc26, but none of the providers can be installed

  • package glibc-2.25-10.fc26.i686 requires glibc-common = 2.25-10.fc26, but none of the providers can be installed

  • cannot install both glibc-common-2.25-12.fc26.x86_64 and glibc-common-2.25-10.fc26.x86_64

  • cannot install both glibc-common-2.25-10.fc26.x86_64 and glibc-common-2.25-12.fc26.x86_64

  • cannot install the best update candidate for package glibc-common-2.25-10.fc26.x86_64

(try to add '--allowerasing' to command line to replace conflicting packages or '--skip-broken' to skip uninstallable packages)

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

3 years ago
User Icon pwalter commented & provided feedback 3 years ago
karma

Works

User Icon hwti commented & provided feedback 3 years ago

It seems the x86_64 fedora-update-testing doesn't have libcrypt-nss-2.26-14.fc27.i686, unlike the x86_64 fedora repo which has libcrypt-nss-2.26-8.fc27.i686. However, it has both libcrypt-2.26-14.fc27, so the update worked for we with --allowerasing (it removed both libcrypt-nss and switched to libcrypt).

User Icon hwti commented & provided feedback 3 years ago

Sorry, wrong update. f26 doesn't seem to have the issue, but @nucleo's comment suggested an issue similar to f27.

User Icon nucleo commented & provided feedback 3 years ago
karma

This time update installed without this issue.

This update has been submitted for batched by fweimer.

3 years ago
User Icon trobotham commented & provided feedback 3 years ago
karma

Works

BZ#1471985 glibc: Incorrect pointer alignment in NSS group merge result construction
BZ#1498900 glibc: /var/db/Makefile should be shipped in nss_db, not nss_hesiod
BZ#1400538 glibc: nss_compat should be shipped in the glibc package
BZ#1416405 glibc: add ibm-858 to list of charsets for iconv
BZ#1251403 CVE-2015-5180 glibc: DNS resolver NULL pointer dereference with crafted record type [fedora-all]
BZ#1374239 glibc: Detect and apply /etc/resolv.conf changes in libresolv
BZ#168253 glibc: support an arbitrary number of search domains in the stub resolver

This update has been submitted for stable by bodhi.

3 years ago

This update has been pushed to stable.

3 years ago
User Icon anonymous commented & provided feedback 2 years ago

Has the fix for "The DNS stub resolver now picks up changes to /etc/resolv.conf automatically (#1374239)." made it into RHEL 6 and 7?


Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#168253 glibc: support an arbitrary number of search domains in the stub resolver
0
1
BZ#1251403 CVE-2015-5180 glibc: DNS resolver NULL pointer dereference with crafted record type [fedora-all]
0
1
BZ#1374239 glibc: Detect and apply /etc/resolv.conf changes in libresolv
0
1
BZ#1400538 glibc: nss_compat should be shipped in the glibc package
0
1
BZ#1416405 glibc: add ibm-858 to list of charsets for iconv
0
1
BZ#1471985 glibc: Incorrect pointer alignment in NSS group merge result construction
0
1
BZ#1498900 glibc: /var/db/Makefile should be shipped in nss_db, not nss_hesiod
0
1

Automated Test Results