LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

February 2016

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA February 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Critical: glibc on SL6.x i386/x86_64
From:	Pat Riehecky <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Tue, 16 Feb 2016 19:59:37 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (60 lines)

Synopsis:          Critical: glibc security and bug fix update

Advisory ID:       SLSA-2016:0175-1

Issue Date:        2016-02-16

CVE Numbers:       CVE-2015-7547

--



A stack-based buffer overflow was found in the way the libresolv library

performed dual A/AAAA DNS queries. A remote attacker could create a

specially crafted DNS response which could cause libresolv to crash or,

potentially, execute code with the permissions of the user running the

library. Note: this issue is only exposed when libresolv is called from

the nss_dns NSS service module. (CVE-2015-7547)



This update also fixes the following bugs:



* The dynamic loader has been enhanced to allow the loading of more shared

libraries that make use of static thread local storage. While static

thread local storage is the fastest access mechanism it may also prevent

the shared library from being loaded at all since the static storage space

is a limited and shared process-global resource. Applications which would

previously fail with "dlopen: cannot load any more object with static TLS"

should now start up correctly.



* A bug in the POSIX realtime support would cause asynchronous I/O or

certain timer API calls to fail and return errors in the presence of large

thread-local storage data that exceeded PTHREAD_STACK_MIN in size

(generally 16 KiB). The bug in librt has been corrected and the impacted

APIs no longer return errors when large thread-local storage data is

present in the application.

--



SL6

  x86_64

    glibc-2.12-1.166.el6_7.7.i686.rpm

    glibc-2.12-1.166.el6_7.7.x86_64.rpm

    glibc-common-2.12-1.166.el6_7.7.x86_64.rpm

    glibc-debuginfo-2.12-1.166.el6_7.7.i686.rpm

    glibc-debuginfo-2.12-1.166.el6_7.7.x86_64.rpm

    glibc-debuginfo-common-2.12-1.166.el6_7.7.i686.rpm

    glibc-debuginfo-common-2.12-1.166.el6_7.7.x86_64.rpm

    glibc-devel-2.12-1.166.el6_7.7.i686.rpm

    glibc-devel-2.12-1.166.el6_7.7.x86_64.rpm

    glibc-headers-2.12-1.166.el6_7.7.x86_64.rpm

    glibc-utils-2.12-1.166.el6_7.7.x86_64.rpm

    nscd-2.12-1.166.el6_7.7.x86_64.rpm

    glibc-static-2.12-1.166.el6_7.7.i686.rpm

    glibc-static-2.12-1.166.el6_7.7.x86_64.rpm

  i386

    glibc-2.12-1.166.el6_7.7.i686.rpm

    glibc-common-2.12-1.166.el6_7.7.i686.rpm

    glibc-debuginfo-2.12-1.166.el6_7.7.i686.rpm

    glibc-debuginfo-common-2.12-1.166.el6_7.7.i686.rpm

    glibc-devel-2.12-1.166.el6_7.7.i686.rpm

    glibc-headers-2.12-1.166.el6_7.7.i686.rpm

    glibc-utils-2.12-1.166.el6_7.7.i686.rpm

    nscd-2.12-1.166.el6_7.7.i686.rpm

    glibc-static-2.12-1.166.el6_7.7.i686.rpm



- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV