FEDORA-2018-f27586cce9

security update in Fedora 27 for glibc

Status: testing 4 months ago

This update for the glibc package addresses one moderate security vulnerability and several defects.

  • CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido Vranken. (#1654000)
  • Failure to create the helper thread for getaddrinfo_a/libanl could result in a crash. (#1646381)
  • On certain Haswell-class Intel CPUs, string function feature flags could be set incorrectly, leading to a suboptimal choice of string functions. (#1641980)
  • Parallel building of locales led to nondeterminism in the RPM build process. (#1652228)
  • Various minor bug fixes from the upstream 2.26 release branch were imported as part of this update (swbz#17630, swbz#22446, swbz#22463, swbz#22447, swbz#23562, swbz#23579, swbz#22753).

How to install

sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2018-f27586cce9

Comments 10

This update has been submitted for testing by fweimer.

fweimer edited this update.

This update has been pushed to testing.

karma: +1 critpath: +1

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

Installs fine. Reboot fine. All functionality working.

karma: +1 critpath: +1 #1652228: +1

works for me in a VM

karma: +1

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

Looks good! And now i migrate to the recent Version of fedora ;-)

karma: +1 critpath: +1

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
#1641980 glibc: Incorrect analysis of x86 CPU features selects wrong string functions
#1646381 glibc: Crash in getaddrinfo_a when thread creation fails
#1652228 glibc: Do not use parallel make for building locales
#1653993 CVE-2018-19591 glibc: file descriptor leak in if_nametoindex() in sysdeps/unix/sysv/linux/if_index.c
#1654000 CVE-2018-19591 glibc: file descriptor leak in if_nametoindex() in sysdeps/unix/sysv/linux/if_index.c [fedora-all]
Content Type
RPM
Status
testing
Test Gating
Request
stable
Submitted by
Update Type
security
Update Severity
medium
Karma
+4
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 4 months ago
in testing 4 months ago
modified 4 months ago

Related Bugs 5

00 #1641980 glibc: Incorrect analysis of x86 CPU features selects wrong string functions
00 #1646381 glibc: Crash in getaddrinfo_a when thread creation fails
0+1 #1652228 glibc: Do not use parallel make for building locales
00 #1653993 CVE-2018-19591 glibc: file descriptor leak in if_nametoindex() in sysdeps/unix/sysv/linux/if_index.c
00 #1654000 CVE-2018-19591 glibc: file descriptor leak in if_nametoindex() in sysdeps/unix/sysv/linux/if_index.c [fedora-all]

Automated Test Results