FEDORA-2018-f6b7df660d — security update for glibc

stable

glibc-2.28-22.fc29

FEDORA-2018-f6b7df660d created by fweimer 7 years ago for Fedora 29

This update for the glibc package addresses one moderate security vulnerability and a minor defect:

CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido Vranken. (#1654000)
Parallel building of locales led to nondeterminism in the RPM build process. (#1652228)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2018-f6b7df660d

This update has been submitted for testing by fweimer.

7 years ago

This update has been pushed to testing.

7 years ago

renault commented & provided feedback 7 years ago

karma

No regressions found

bojan commented & provided feedback 7 years ago

karma

Works.

besser82 commented & provided feedback 7 years ago

karma

Works great! LGTM! =)

This update has been submitted for batched by bodhi.

7 years ago

dhgutteridge commented & provided feedback 7 years ago

karma

No regressions noted.

This update has been submitted for stable by bodhi.

7 years ago

This update has been pushed to stable.

7 years ago

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

7 years ago

in testing

7 years ago

in stable

7 years ago

Builds

glibc-2.28-22.fc29

BZ#1652228 glibc: Do not use parallel make for building locales

BZ#1654000 CVE-2018-19591 glibc: file descriptor leak in if_nametoindex() in sysdeps/unix/sysv/linux/if_index.c [fedora-all]

glibc-2.28-22.fc29

Automated Test Results

ignored