FEDORA-2018-c1ef35a4f9

security update in Fedora 27 for glibc

Status: testing 19 days ago

This update removes a misleading comment from the documentation of the abort function (#1615608). A minor security vulnerability, CVE-2018-11237, a buffer overflow in mempcpy for Xeon Phi (#1581275) has been addressed.

The update also fixes the waiters-after-spinning case in the pthread_cond_broadcast function (#1622669). Two bugs in the CPUID processing on x86 are also fixed (upstream bugs 23456 and 23459). The verification of vtables for stdio is improved (upstream bugs 23236 and 23313). A test case under a non-free license is removed (upstream bug 23363). The if_nametoindex now checks the length of interface names (upstream bug 22442). getifaddrs no longer returns interfaces with NULL names (upstream bug 23171). C++ compatibility of iseqsig has been improved (upstream bug 23171). A kernel header interaction issue related to struct timespec was addressed (upstream bug 23349).

Comments 4

This update has been submitted for testing by fweimer.

This update has been pushed to testing.

Works here.

karma: +1 critpath: +1

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
#1581275 CVE-2018-11237 glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper [fedora-all]
#1615608 Remove abort() warning in manual.
#1622669 glibc: Fix waiters-after-spinning case in pthread_cond_broadcast
Content Type
RPM
Status
testing
Test Gating
Submitted by
Update Type
security
Update Severity
low
Karma
+1
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 20 days ago
in testing 19 days ago

Related Bugs 3

00 #1581275 CVE-2018-11237 glibc: Buffer overflow in __mempcpy_avx512_no_vzeroupper [fedora-all]
00 #1615608 Remove abort() warning in manual.
00 #1622669 glibc: Fix waiters-after-spinning case in pthread_cond_broadcast

Automated Test Results