FEDORA-2022-9421366d9c created by fweimer 4 months ago for Fedora 35
obsolete

Several bugs have been fixed in this update:

  • #2039674 CVE-2021-3998 Unexpected return value from realpath() could leak data based on the application
  • #2039676 CVE-2021-3999 Off-by-one buffer overflow/underflow in getcwd()
  • #2042014 CVE-2022-23218 Stack-based buffer overflow in svcunix_create via long pathnames
  • #2042018 CVE-2022-23219 Stack-based buffer overflow in sunrpc clnt_create via a long pathname
  • #2033020 Without an /etc/nsswitch.conf file, /etc/hosts is still searched for host data during name lookups after this update.

A new command, /usr/bin/ld.so --list-diagnostics, can be used to print diagnostic information relevant to glibc optimization decisions.

Deeply nested ELF soname dependencies no longer slow down program start, dlopen, dlclose, and program termination with this update.

If the the GLIBC_TUNABLES=glibc.pthread.rseq=1 is set, the rseq kernel feature is used to implement the sched_getcpu function. This results is a significant performance gain on aarch64, where this function is otherwise implemented using a system call.

This update removes support for the LD_PREFER_MAP_32BIT_EXEC environment variable because it was no longer working with the executables produced by current binutils versions.

This update has been submitted for testing by fweimer.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

This update's test gating status has been changed to 'passed'.

4 months ago

This update has been pushed to testing.

4 months ago

This update's test gating status has been changed to 'failed'.

4 months ago
User Icon bojan commented & provided feedback 4 months ago
karma

Works.

User Icon norenh commented & provided feedback 4 months ago
karma

No regressions detected

This update's test gating status has been changed to 'passed'.

4 months ago

This update can be pushed to stable now if the maintainer wishes

4 months ago
User Icon ibims commented & provided feedback 4 months ago
karma

looks ok for me.

This update has been submitted for stable by bodhi.

4 months ago
User Icon andilinux commented & provided feedback 4 months ago
karma

works

User Icon besser82 commented & provided feedback 4 months ago
karma

Works great! LGTM! =)

User Icon atim provided feedback 4 months ago
karma

no issues

FEDORA-2022-9421366d9c ejected from the push because "Cannot find relevant tag for glibc-2.34-21.fc35. None of ['f35-updates', 'f35-updates-pending'] are in ['epel9-next-testing', 'epel7-testing', 'dist-5E-epel-testing', 'f27-modular-updates-testing', 'f34-container-updates-testing', 'eln-updates-testing', 'f30-modular-updates-testing', 'f28-modular-updates-testing', 'f28-container-updates-testing', 'f30-container-updates-testing', 'epel8-testing', 'f30-flatpak-updates-testing', 'f35-container-updates-testing', 'f32-modular-updates-testing', 'f29-modular-updates-testing', 'f29-container-updates-testing', 'f29-flatpak-updates-testing', 'f22-updates-testing', 'f21-updates-testing', 'f25-updates-testing', 'f24-updates-testing', 'f23-updates-testing', 'f26-updates-testing', 'f31-modular-updates-testing', 'dist-6E-epel-testing', 'f32-flatpak-updates-testing', 'f35-flatpak-updates-testing', 'f27-updates-testing', 'f28-updates-testing', 'f30-updates-testing', 'f29-updates-testing', 'epel8-modular-updates-testing', 'f32-updates-testing', 'epel9-testing', 'f31-updates-testing', 'f31-container-updates-testing', 'f31-flatpak-updates-testing', 'f34-updates-testing', 'f34-modular-updates-testing', 'f34-flatpak-updates-testing', 'f36-container-updates-testing', 'f32-container-updates-testing', 'epel8-next-testing', 'f35-updates-testing', 'f35-modular-updates-testing', 'f33-updates-testing', 'f36-updates-testing', 'f33-modular-updates-testing', 'f33-container-updates-testing', 'f33-flatpak-updates-testing']."

4 months ago
User Icon ibims commented & provided feedback 4 months ago

What is wrong here? I have this update received via stable-updates not via testing-updates.

This update has been submitted for stable by fweimer.

4 months ago
User Icon fweimer commented & provided feedback 4 months ago

What is wrong here? I have this update received via stable-updates not via testing-updates.

I'm not entirely sure. If you look at the history here, it was supposedly pushed automatically, but then it was ejected, whatever this means (devel thread about ejected updates, ticket). So I've just pushed it manually.

User Icon ibims commented & provided feedback 4 months ago

You are right. It is a strange thing. Thank you for your answer.

karma

FEDORA-2022-9421366d9c ejected from the push because "Cannot find relevant tag for glibc-2.34-21.fc35. None of ['coreos-pool', 'f35-updates', 'f35-updates-pending'] are in ['epel9-next-testing', 'epel7-testing', 'dist-5E-epel-testing', 'f27-modular-updates-testing', 'f34-container-updates-testing', 'eln-updates-testing', 'f30-modular-updates-testing', 'f28-modular-updates-testing', 'f28-container-updates-testing', 'f30-container-updates-testing', 'epel8-testing', 'f30-flatpak-updates-testing', 'f35-container-updates-testing', 'f32-modular-updates-testing', 'f29-modular-updates-testing', 'f29-container-updates-testing', 'f29-flatpak-updates-testing', 'f22-updates-testing', 'f21-updates-testing', 'f25-updates-testing', 'f24-updates-testing', 'f23-updates-testing', 'f26-updates-testing', 'f31-modular-updates-testing', 'dist-6E-epel-testing', 'f32-flatpak-updates-testing', 'f35-flatpak-updates-testing', 'f27-updates-testing', 'f28-updates-testing', 'f30-updates-testing', 'f29-updates-testing', 'epel8-modular-updates-testing', 'f32-updates-testing', 'epel9-testing', 'f31-updates-testing', 'f31-container-updates-testing', 'f31-flatpak-updates-testing', 'f34-updates-testing', 'f34-modular-updates-testing', 'f34-flatpak-updates-testing', 'f36-container-updates-testing', 'f32-container-updates-testing', 'epel8-next-testing', 'f35-updates-testing', 'f35-modular-updates-testing', 'f33-updates-testing', 'f36-updates-testing', 'f33-modular-updates-testing', 'f33-container-updates-testing', 'f33-flatpak-updates-testing']."

4 months ago
User Icon lruzicka commented & provided feedback 4 months ago
karma

No problems seen.

This update has been submitted for stable by bodhi.

4 months ago

FEDORA-2022-9421366d9c ejected from the push because "Cannot find relevant tag for glibc-2.34-21.fc35. None of ['coreos-pool', 'f35-updates', 'f35-updates-pending'] are in ['epel9-next-testing', 'epel7-testing', 'dist-5E-epel-testing', 'f27-modular-updates-testing', 'f34-container-updates-testing', 'eln-updates-testing', 'f30-modular-updates-testing', 'f28-modular-updates-testing', 'f28-container-updates-testing', 'f30-container-updates-testing', 'epel8-testing', 'f30-flatpak-updates-testing', 'f35-container-updates-testing', 'f32-modular-updates-testing', 'f29-modular-updates-testing', 'f29-container-updates-testing', 'f29-flatpak-updates-testing', 'f22-updates-testing', 'f21-updates-testing', 'f25-updates-testing', 'f24-updates-testing', 'f23-updates-testing', 'f26-updates-testing', 'f31-modular-updates-testing', 'dist-6E-epel-testing', 'f32-flatpak-updates-testing', 'f35-flatpak-updates-testing', 'f27-updates-testing', 'f28-updates-testing', 'f30-updates-testing', 'f29-updates-testing', 'epel8-modular-updates-testing', 'f32-updates-testing', 'epel9-testing', 'f31-updates-testing', 'f31-container-updates-testing', 'f31-flatpak-updates-testing', 'f34-updates-testing', 'f34-modular-updates-testing', 'f34-flatpak-updates-testing', 'f36-container-updates-testing', 'f32-container-updates-testing', 'epel8-next-testing', 'f35-updates-testing', 'f35-modular-updates-testing', 'f33-updates-testing', 'f36-updates-testing', 'f33-modular-updates-testing', 'f33-container-updates-testing', 'f33-flatpak-updates-testing']."

4 months ago
User Icon codonell commented & provided feedback 3 months ago

This build is in STABLE, but bodhi state is buggy due to the in-progress upgrade that happend during the update.

This update has been obsoleted by glibc-2.34-24.fc35.

3 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
8
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
4 months ago
in testing
4 months ago
BZ#2033020 glibc: Reconsider "dns [!UNAVAIL=return] files" default for hosts database
0
0
BZ#2039674 CVE-2021-3998 glibc: Unexpected return value from realpath() could leak data based on the application [fedora-all]
0
0
BZ#2039676 CVE-2021-3999 glibc: Off-by-one buffer overflow/underflow in getcwd() [fedora-all]
0
0
BZ#2042014 CVE-2022-23218 glibc: stack-based buffer overflow in svcunix_create via long pathnames [fedora-all]
0
0
BZ#2042018 CVE-2022-23219 glibc: stack-based buffer overflow in sunrpc clnt_create via a long pathname [fedora-all]
0
0

Automated Test Results