This update addresses two security vulnerabilities:
glob
and glob64
function. (#1505298, RHBZ##1504807)$ORIGIN
rpaths/runpaths do not cause the dynamic linker to search the current directory, potentially leading to privilege escalation. (#1526866).getcwd
would sometimes return a non-absolute path, confusing the realpath
function, leading to privilege escalation in conjunction with user namespaces. (#1533837) In addition, this update replaces the dynamic linker trampoline on x86-64 with a version which uses the XSAVE
instruction if it is available. This improves compatibility with future hardware and compilers which do not follow the x86-64 ABI. This update also adjusts the thread stack size accounting to provide additional stack space compared to previous glibc versions (to avoid introducing #1527887).
Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:
sudo dnf upgrade --refresh --advisory=FEDORA-2018-8e27ad96ed
Please login to add feedback.
This update has been submitted for testing by fweimer.
This update has been pushed to testing.
no regressions noted
works for me
no regressions noted
This update has been submitted for batched by bodhi.
This update has been submitted for stable by bodhi.
This update has been pushed to stable.