This update addresses two security vulnerabilities:
$ORIGIN
rpaths/runpaths do not cause the dynamic linker to search the current directory, potentially leading to privilege escalation. (#1526866).getcwd
would sometimes return a non-absolute path, confusing the realpath
function, leading to privilege escalation in conjunction with user namespaces. (#1533837) In addition, this update changes the thread stack size accounting to provide additional stack space compared to previous glibc versions. For some applications (nptd
in particular), the PTHREAD_STACK_MIN
stack size was too small on x86-64 machines with AVX-512 support (#1527887).
sudo dnf upgrade --refresh --advisory=FEDORA-2018-7714b514e2
Please login to add feedback.
This update has been submitted for testing by fweimer.
System operates without any conspicuous issues.
Successfully passed all custom kernel compilations.
This update has been pushed to testing.
works
wfm
This update has been submitted for batched by bodhi.
Works
works for me; ntpd is now happy on Silver 4114 Xeon CPU where it was previously dumping core
Works fine for me on x86_64.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.