FEDORA-2018-916dfe0d86

security update in Fedora 28 for glibc

Status: stable 11 months ago

This update ensures that valgrind works again without installing glibc debuginfo packages (#1570246). It also addresses a security vulnerability in the mempcpy implementation for the Intel Xeon Phi processors (CVE-2018-11237, #1581275). Furthermore, the switch to libidn2 uses the final upstream patches (#1452750(.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-916dfe0d86

Comments 9

This update has been submitted for testing by fweimer.

This update has been pushed to testing.

Fixes valgrind, doesn't appear to break anything else.

critpath: +1

No regressions.

karma: +1 critpath: +1

works for me

karma: +1

no regressions noted

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
#1452750 glibc: switch to libidn2
#1570246 glibc: When built with file 5.33, valgrind stops working due to RPM ELF processing [Fedora]
#1581275 CVE-2018-11237 glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 11 months ago
in testing 11 months ago
in stable 11 months ago

Related Bugs 3

00 #1452750 glibc: switch to libidn2
00 #1570246 glibc: When built with file 5.33, valgrind stops working due to RPM ELF processing [Fedora]
00 #1581275 CVE-2018-11237 glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper [fedora-all]

Automated Test Results