--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-df41d584d0
2024-10-28 01:03:30.677266
--------------------------------------------------------------------------------

Name        : glibc
Product     : Fedora 39
Version     : 2.38
Release     : 19.fc39
URL         : http://www.gnu.org/software/glibc/
Summary     : The GNU libc libraries
Description :
The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.

--------------------------------------------------------------------------------
Update Information:

Auto-sync with upstream branch release/2.38/master
Add BuildRequires:gzip for compressed character maps and info files.
Upstream commit: 4dd8641461463b667b5503ab0ea4abcf261378a9
Add crt1-2.0.o for glibc 2.0 compatibility tests
libio: Attempt wide backup free only for non-legacy code
nptl: Use  facilities in tst-setuid3
posix: Use  facilities in tst-truncate and tst-truncate64
ungetc: Fix backup buffer leak on program exit [BZ #27821]
ungetc: Fix uninitialized read when putting into unused streams [BZ #27821]
Make tst-ungetc use libsupport
stdio-common: Add test for vfscanf with matches longer than INT_MAX [BZ #27650]
support: Add FAIL test failure helper
x86: Fix bug in strchrnul-evex512 [BZ #32078]
Fix name space violation in fortify wrappers (bug 32052)
resolv: Fix tst-resolv-short-response for older GCC (bug 32042)
Update syscall lists for Linux 6.5
Add mremap tests
mremap: Update manual entry
linux: Update the mremap C implementation [BZ #31968]
resolv: Track single-request fallback via _res._flags (bug 31476)
resolv: Do not wait for non-existing second DNS response after error (bug 30081)
resolv: Allow short error responses to match any query (bug 31890)
Linux: Make __rseq_size useful for feature detection (bug 31965)
elf: Make dl-rseq-symbols Linux only
nptl: fix potential merge of __rseq_* relro symbols
s390x: Fix segfault in wcsncmp [BZ #31934]
misc: Add support for Linux uio.h RWF_NOAPPEND flag
i386: Disable Intel Xeon Phi tests for GCC 15 and above (BZ 31782)
Force DT_RPATH for --enable-hardcoded-path-in-tests
resolv: Fix some unaligned accesses in resolver [BZ #30750]
nscd: Use time_t for return type of addgetnetgrentX
elf: Also compile dl-misc.os with $(rtld-early-cflags)
CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in
addgetnetgrentX (bug 31680)
CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug
31678)
CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX
(bug 31678)
CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
i386: ulp update for SSE2 --disable-multi-arch configurations
nptl: Fix tst-cancel30 on kernels without ppoll_time64 support
login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701)
login: Check default sizes of structs utmp, utmpx, lastlog
sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Oct 10 2024 Carlos O'Donell  - 2.38-19
- Add BuildRequires:gzip for compressed character maps and info files.
- Auto-sync with upstream branch release/2.38/master,
  commit 4dd8641461463b667b5503ab0ea4abcf261378a9:
- Add crt1-2.0.o for glibc 2.0 compatibility tests
- libio: Attempt wide backup free only for non-legacy code
- nptl: Use  facilities in tst-setuid3
- posix: Use  facilities in tst-truncate and tst-truncate64
- ungetc: Fix backup buffer leak on program exit [BZ #27821]
- ungetc: Fix uninitialized read when putting into unused streams [BZ #27821]
- Make tst-ungetc use libsupport
- stdio-common: Add test for vfscanf with matches longer than INT_MAX [BZ #27650]
- support: Add FAIL test failure helper
- x86: Fix bug in strchrnul-evex512 [BZ #32078]
- Fix name space violation in fortify wrappers (bug 32052)
- resolv: Fix tst-resolv-short-response for older GCC (bug 32042)
- Update syscall lists for Linux 6.5
- Add mremap tests
- mremap: Update manual entry
- linux: Update the mremap C implementation [BZ #31968]
- resolv: Track single-request fallback via _res._flags (bug 31476)
- resolv: Do not wait for non-existing second DNS response after error (bug 30081)
- resolv: Allow short error responses to match any query (bug 31890)
- Linux: Make __rseq_size useful for feature detection (bug 31965)
- elf: Make dl-rseq-symbols Linux only
- nptl: fix potential merge of __rseq_* relro symbols
- s390x: Fix segfault in wcsncmp [BZ #31934]
- misc: Add support for Linux uio.h RWF_NOAPPEND flag
- i386: Disable Intel Xeon Phi tests for GCC 15 and above (BZ 31782)
- Force DT_RPATH for --enable-hardcoded-path-in-tests
- resolv: Fix some unaligned accesses in resolver [BZ #30750]
- nscd: Use time_t for return type of addgetnetgrentX
- elf: Also compile dl-misc.os with $(rtld-early-cflags)
- CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680)
- CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678)
- CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678)
- CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
- i386: ulp update for SSE2 --disable-multi-arch configurations
- nptl: Fix tst-cancel30 on kernels without ppoll_time64 support
- login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701)
- login: Check default sizes of structs utmp, utmpx, lastlog
- sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-df41d584d0' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

-- 
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 39: glibc 2024-df41d584d0 Security Advisory Updates

October 28, 2024
Auto-sync with upstream branch release/2.38/master Add BuildRequires:gzip for compressed character maps and info files

Summary

The glibc package contains standard libraries which are used by

multiple programs on the system. In order to save disk space and

memory, as well as to make upgrading easier, common system code is

kept in one place and shared between programs. This particular package

contains the most important sets of shared libraries: the standard C

library and the standard math library. Without these two libraries, a

Linux system will not function.

Update Information:

Auto-sync with upstream branch release/2.38/master Add BuildRequires:gzip for compressed character maps and info files. Upstream commit: 4dd8641461463b667b5503ab0ea4abcf261378a9 Add crt1-2.0.o for glibc 2.0 compatibility tests libio: Attempt wide backup free only for non-legacy code nptl: Use facilities in tst-setuid3 posix: Use facilities in tst-truncate and tst-truncate64 ungetc: Fix backup buffer leak on program exit [BZ #27821] ungetc: Fix uninitialized read when putting into unused streams [BZ #27821] Make tst-ungetc use libsupport stdio-common: Add test for vfscanf with matches longer than INT_MAX [BZ #27650] support: Add FAIL test failure helper x86: Fix bug in strchrnul-evex512 [BZ #32078] Fix name space violation in fortify wrappers (bug 32052) resolv: Fix tst-resolv-short-response for older GCC (bug 32042) Update syscall lists for Linux 6.5 Add mremap tests mremap: Update manual entry linux: Update the mremap C implementation [BZ #31968] resolv: Track ...

Change Log

* Thu Oct 10 2024 Carlos O'Donell - 2.38-19 - Add BuildRequires:gzip for compressed character maps and info files. - Auto-sync with upstream branch release/2.38/master, commit 4dd8641461463b667b5503ab0ea4abcf261378a9: - Add crt1-2.0.o for glibc 2.0 compatibility tests - libio: Attempt wide backup free only for non-legacy code - nptl: Use facilities in tst-setuid3 - posix: Use facilities in tst-truncate and tst-truncate64 - ungetc: Fix backup buffer leak on program exit [BZ #27821] - ungetc: Fix uninitialized read when putting into unused streams [BZ #27821] - Make tst-ungetc use libsupport - stdio-common: Add test for vfscanf with matches longer than INT_MAX [BZ #27650] - support: Add FAIL test failure helper - x86: Fix bug in strchrnul-evex512 [BZ #32078] - Fix name space violation in fortify wrappers (bug 32052) - resolv: Fix tst-resolv-short-response for older GCC (bug 32042) - Update syscall lists for Linux 6.5 - Add mremap tests - mremap: Update manual entry - linux: Update the mremap C implementation [BZ #31968] - resolv: Track single-request fallback via _res._flags (bug 31476) - resolv: Do not wait for non-existing second DNS response after error (bug 30081) - resolv: Allow short error responses to match any query (bug 31890) - Linux: Make __rseq_size useful for feature detection (bug 31965) - elf: Make dl-rseq-symbols Linux only - nptl: fix potential merge of __rseq_* relro symbols - s390x: Fix segfault in wcsncmp [BZ #31934] - misc: Add support for Linux uio.h RWF_NOAPPEND flag - i386: Disable Intel Xeon Phi tests for GCC 15 and above (BZ 31782) - Force DT_RPATH for --enable-hardcoded-path-in-tests - resolv: Fix some unaligned accesses in resolver [BZ #30750] - nscd: Use time_t for return type of addgetnetgrentX - elf: Also compile dl-misc.os with $(rtld-early-cflags) - CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680) - CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678) - CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678) - CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677) - i386: ulp update for SSE2 --disable-multi-arch configurations - nptl: Fix tst-cancel30 on kernels without ppoll_time64 support - login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701) - login: Check default sizes of structs utmp, utmpx, lastlog - sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)

References

Fedora Update Notification FEDORA-2024-df41d584d0 2024-10-28 01:03:30.677266 Name : glibc Product : Fedora 39 Version : 2.38 Release : 19.fc39 URL : http://www.gnu.org/software/glibc/ Summary : The GNU libc libraries Description : The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets of shared libraries: the standard C library and the standard math library. Without these two libraries, a Linux system will not function.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-df41d584d0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : glibc
Product : Fedora 39
Version : 2.38
Release : 19.fc39
URL : http://www.gnu.org/software/glibc/
Summary : The GNU libc libraries

Related News

The End of the Road for Linux 6.11: A Call to Upgrade to Kernel 6.12
3 - 5 min read
The Linux kernel community recently issued an EOL announcement regarding the 6.11 kernel series, urging sysadmins to upgrade quickly to 6.12 . This
A Linux Admin
3 - 6 min read
As 2025 approaches, we Linux admins are facing new and often unseen cloud-native security obstacles. While skilled at mitigating known risks,
Leveraging Insights from the Linux Foundation
3 - 5 min read
The Linux Foundation's recent Census III report provides critical insights for Linux administrators, information security professionals, and anyone
Chrome 131 Released: Emergency Security Update Fixes Over a Dozen Significant Vulns
3 - 6 min read
Google recently unveiled a critical security update to their popular web browser, Google Chrome, addressing over a dozen significant security
From Wayland Fixes to Security Boosts: Examining Qt 6.8.1
3 - 6 min read
The recent Qt 6.8.1 release brings significant updates and improvements, strengthening its reputation as a secure and reliable application
Exploring Arch Linux 2024.12.01: Security Implications & Notable Enhancements for Linux Admins
3 - 6 min read
The Arch Linux 2024.12.01 ISO release marks an impressive milestone, offering cutting-edge updates that enhance functionality, streamline
Deck the Halls with Enhanced Security: Linux Kernel 6.13
3 - 5 min read
As Linux admins and infosec professionals prepare for the holiday season, there's much cause for celebration this year! Linus Torvalds recently made
Lessons from Bootkitty: Securing Linux Systems Against UEFI Intrusions
3 - 5 min read
New Linux security threats mark critical junctures that challenge existing policies and test security protocols to their limit. One such milestone

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved