FEDORA-2018-f27586cce9 — security update for glibc — Fedora Updates System

obsolete stable

glibc-2.26-32.fc27

FEDORA-2018-f27586cce9 created by fweimer 6 years ago for Fedora 27

This update for the glibc package addresses one moderate security vulnerability and several defects.

CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido Vranken. (#1654000)
Failure to create the helper thread for getaddrinfo_a/libanl could result in a crash. (#1646381)
On certain Haswell-class Intel CPUs, string function feature flags could be set incorrectly, leading to a suboptimal choice of string functions. (#1641980)
Parallel building of locales led to nondeterminism in the RPM build process. (#1652228)
Various minor bug fixes from the upstream 2.26 release branch were imported as part of this update (swbz#17630, swbz#22446, swbz#22463, swbz#22447, swbz#23562, swbz#23579, swbz#22753).

This update has been submitted for testing by fweimer.

fweimer edited this update.

This update has been pushed to testing.

sezeroz provided feedback 6 years ago

karma

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

codonell commented & provided feedback 6 years ago

karma

Installs fine. Reboot fine. All functionality working.

BZ#1652228 glibc: Do not use parallel make for building locales

cserpentis commented & provided feedback 6 years ago

karma

works for me in a VM

This update has been submitted for batched by bodhi.

This update has been submitted for stable by bodhi.

ibims commented & provided feedback 6 years ago

karma

Looks good! And now i migrate to the recent Version of fedora ;-)

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

4

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

3

Stable by Time

disabled

Thresholds

Minimum Karma

+2

Minimum Testing

14 days

Dates

submitted

6 years ago

in testing

6 years ago

modified

6 years ago

Builds

1

glibc-2.26-32.fc27

BZ#1641980 glibc: Incorrect analysis of x86 CPU features selects wrong string functions

0

0

BZ#1646381 glibc: Crash in getaddrinfo_a when thread creation fails

0

0

BZ#1652228 glibc: Do not use parallel make for building locales

0

1

BZ#1653993 CVE-2018-19591 glibc: file descriptor leak in if_nametoindex() in sysdeps/unix/sysv/linux/if_index.c

0

0

BZ#1654000 CVE-2018-19591 glibc: file descriptor leak in if_nametoindex() in sysdeps/unix/sysv/linux/if_index.c [fedora-all]

0

0

glibc-2.26-32.fc27

Automated Test Results

ignored

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.5.1 on bodhi-web-276-nxm75.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

• Composes • Legal • Privacy policy •