Lucene search

K
oraclelinuxOracleLinuxELSA-2016-2573
HistoryNov 09, 2016 - 12:00 a.m.

glibc security, bug fix, and enhancement update

2016-11-0900:00:00
linux.oracle.com
85

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

[2.17-157]

  • Rebuild with updated binutils (#1268008)
    [2.17-156]
  • malloc arena free free list management fix (#1276753)
    [2.17-155]
  • Basic validity check for locale-archive.tmpl (#1350733)
    [2.17-153]
  • Add Intel AVX-512 optimized routines (#1298526).
    [2.17-151]
  • Improve malloc peformance in low-memory situations (#1255822).
    [2.17-150]
  • Improve performance on Intel Knights Landing/Silvermont (#1292018).
    [2.17-149]
  • Improve performance on Intel Purley (#1335286).
    [2.17-148]
  • Support upstream build infrastrucutre changes (#1256317).
    [2.17-147]
  • CVE-2016-3075: Stack overflow in nss_dns_getnetbyname_r (#1321993)
    [2.17-146]
  • s390: Restore signal mask on setcontext/swapcontext (#1249114).
  • s390: Fix backtrace in the presence of makecontext (#1249115).
    [2.17-145]
  • Fix times() handling of EFAULT when buf is NULL (#1308728).
    [2.17-144]
  • Fix sem_post/sem_wait race causing sem_post to return EINVAL (#1027348).
    [2.17-143]
  • Support installing only those locales specified by the RPM macro
    %_install_langs (#1296297).
    [2.17-142]
  • Fix Linux kernel UAPI header synchronization for IPv6 (#1268050).
    [2.17-141]
  • Update BIG5-HKSCS charmap to HKSCS-2008 (#1211823)
    [2.17-140]
  • Remove printf from signal handler in tst-longjump_chk2 (#1346397)
    [2.17-139]
  • Improve libm performance AArch64 (#1302086)
    [2.17-138]
  • Search locale archive again after alias expansion (#971416)
    [2.17-137]
  • Revert IPv6 name server management changes (#1305132)
    [2.17-136]
  • aarch64: Fix bits/stat.h FTM guards (#1221046)
    [2.17-135]
  • aarch64: Fix various minor ABI incompatibilities (#1335925)
    [2.17-134]
  • aarch64: Correct definition of MINSIGSTKSZ/SIGSTKSZ (#1335629)
    [2.17-133]
  • Require libselinux for nscd in non-bootstrap configuration (#1255847).
    [2.17-132]
  • Fix a number of long-standing issues in the TZ parser (#1234449).
    [2.17-131]
  • Remove PER_THREAD preprocessor macro from malloc
  • Use final upstream patch for arena free list fix (#1276753)
    [2.17-130]
  • Prevent the compiler from clobbering floating point and vector
    registers in S390 symbol resolution functions (#1324427).
  • Improve posix_fallocate behavior with NFS file descriptors (#1140250).
    [2.17-129]
  • Remove a race condition from tst-mqueue5.c test to prevent spurious
    failures (#1064063).
    [2.17-128]
  • Prevent a deadlock in gethostbyname_r (#1288613).
    [2.17-127]
  • Use test-skeleton.c in tests (#1298354).
    [2.17-126]
  • Fix inconsistent passwd compensation in nss/bug17079.c (#1293433).
    [2.17-125]
  • Backport tst-getpw enhancement to limit the time the test takes up
    (#1298349).
    [2.17-124]
  • Log system information during build (#1307028).
    [2.17-123]
  • Avoid appending duplicate shift sequences in iconv (#1293916).
    [2.17-122]
  • Reorganize POWER7 and POWER8 support (#1213267).
    • Only build POWER7 runtime for ppc64p7.
    • Only build POWER8 runtime for ppc64le.
    • Configure with --with-cpu=power8 for ppc64le.
    • Configure with --with-cpu=power8 for ppc.
    • Configure with --with-cpu=power7 for ppc64 default runtime.
      [2.17-121]
  • Build require gcc-c++ for the C++ tests.
  • Add --with/–without controls for building glibc (#1255847)
    • Support --without testsuite option to disable testing after build.
    • Support --without benchtests option to disable microbenchmarks
      (placeholder for upstream compatibility only)
    • Update --with bootstrap to disable valgrind, documentation,
      selinux, and nss-crypt during bootstrap.
    • Support --without werror to disable building with -Werror.
    • Support --without docs to disable build requirement on texinfo.
    • Support --with valgrind to enable testing with valgrind.
      [2.17-120]
  • Make minor compatibility adjustments in headers (#1268050).
    [2.17-119]
  • Avoid aliasing issue in tst-rec-dlopen (#1292224)
    [2.17-118]
  • Suppress expected backtrace in tst-malloc-backtrace (#1276631).
    [2.17-117]
  • Avoid ld.so crash when audit modules provide path (#1211100)
    [2.17-116]
  • Avoid ‘monstartup: out of memory’ error on powerpc64le (#1249102).
    [2.17-115]
  • Configure --with-cpu=power8 on powerpc64 to generate POWER8
    instructions for POWER8 runtime (#1183088, #1213267).
    [2.17-114]
  • Add enhanced and optimized support for IBM z13 systems (#1268008).
    [2.17-113]
  • Prevent the malloc arena free list form turning cyclic (#1276753).
    [2.17-112]
  • Backported POWER8 optimizations for math and string functions (#1240351).
    [2.17-111]
  • Fix NULL pointer dereference in stub resolver with unconnectable name
    server addresses (#1320596).
    [2.17-110]
  • Fix memory leak in ftell for wide-oriented streams (#1310530).
    [2.17-109]
  • Avoid race condition in _int_free involving fastbins (#1305406).
    [2.17-108]
  • Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296031).
  • Fix madvise performance issues (#1284959).
  • Avoid ‘monstartup: out of memory’ error on powerpc64le (#1249102).
  • Update malloc testing for 32-bit POWER (#1293976).
    [2.17-107]
  • Fix CVE-2015-5229: calloc() may return non-zero memory (#1293976).

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%