stable

glibc-2.41-16.fc42

FEDORA-2026-a2f3af8a86 created by fberat a month ago for Fedora 42

This update switches the currency symbol for Bulgaria to the Euro.

Furthermore, it addresses several security vulnerabilities:

  • A crash when wordexp is used with WRDE_REUSE (CVE-2025-15281)
  • Information leakage from the stack if getnetbyaddr is called for the zero address (CVE-2026-0915)
  • An integer overflow in memalign and related functions if they are called with out-of-bounds size/alignment combinations (CVE-2026-0861)
  • LD_PROFILE is now ignored with a warning if LD_PROFILE_OUTPUT is not specified, rather than using the insecure /var/tmp default.

The changes updates from the upstream stable release branch are applied:

  • nptl: Optimize trylock for high cache contention workloads (BZ #33704) (Sunil K Pandey)
  • sprof: fix -Wformat warnings on 32-bit hosts (Collin Funk)
  • sprof: check pread size and offset for overflow (DJ Delorie)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2026-a2f3af8a86

This update has been submitted for testing by fberat.

a month ago

This update's test gating status has been changed to 'waiting'.

a month ago

This update's test gating status has been changed to 'waiting'.

a month ago

This update's test gating status has been changed to 'passed'.

a month ago
User Icon nixuser commented & provided feedback a month ago
karma

Seems OK on 42 also.

This update has been pushed to testing.

a month ago

This update's test gating status has been changed to 'failed'.

a month ago

This update's test gating status has been changed to 'waiting'.

3 weeks ago

This update's test gating status has been changed to 'passed'.

3 weeks ago

fweimer edited this update.

New build(s):

  • glibc-2.41-16.fc42

Removed build(s):

  • glibc-2.41-13.fc42

Karma has been reset.

3 weeks ago

This update has been submitted for testing by fweimer.

3 weeks ago

This update has been pushed to testing.

3 weeks ago
User Icon nixuser commented & provided feedback 3 weeks ago
karma

New release seems to be working just fine here.

User Icon derekenz commented & provided feedback 2 weeks ago
karma

Works

This update can be pushed to stable now if the maintainer wishes

2 weeks ago

This update has been submitted for stable by fweimer.

2 weeks ago

This update has been pushed to stable.

2 weeks ago
User Icon geraldosimiao provided feedback 2 weeks ago
karma

Please log in to add feedback.

Metadata
Type
security
Severity
low
Karma
3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
a month ago
in testing
3 weeks ago
in stable
2 weeks ago
modified
3 weeks ago
approved
2 weeks ago
Builds
1
glibc-2.41-16.fc42
BZ#2429016 glibc: Bulgaria joined the eurozone
0
0
BZ#2430076 CVE-2026-0861 glibc: Integer overflow in memalign leads to heap corruption [fedora-42]
0
0
BZ#2430319 CVE-2026-0915 glibc: glibc: Information disclosure via zero-valued network query [fedora-42]
0
0
BZ#2431279 CVE-2025-15281 glibc: wordexp with WRDE_REUSE and WRDE_APPEND may return uninitialized memory [fedora-42]
0
0
glibc-2.41-16.fc42

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 25.11.3 on bodhi-web-16-6gf9l.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy