Synopsis
glibc security update
Type/Severity
Security Advisory: Low
Topic
Updated glibc packages that address several bugs and implement some
enhancements are now available.
Description
The GNU libc packages (known as glibc) contain the standard C libraries
used by applications.
This errata fixes several bugs in the GNU C Library.
Fixes include (in addition to enclosed Bugzilla entries):
- fixed 32-bit atomic operations on 64-bit powerpc
- fixed -m32 -I /usr/include/nptl compilation on AMD64
- NPTL should now be usable in C++ code or -pedantic -std=c89 C
- rwlocks are now available also in the _POSIX_C_SOURCE=200112L namespace
- pthread_once is no longer throw(), as the callback routine might throw
- pthread_create now correctly returns EAGAIN when thread couldn't be
created because of lack of memory
- fixed NPTL stack freeing in case of pthread_create failure with detached
thread
- fixed pthread_mutex_timedlock on i386 and AMD64
- Itanium gp saving fix in linuxthreads
- fixed s390/s390x unwinding tests done during cancellation if stack frames
are small
- fixed fnmatch(3) backslash handling
- fixed out of memory behaviour of syslog(3)
- resolver ID randomization
- fixed fim (NaN, NaN)
- glob(3) fixes for dangling symlinks
- catchsegv fixed to work with both 32-bit and 64-bit binaries on x86-64,
s390x and ppc
- fixed reinitialization of _res when using NPTL stack cache
- updated bug reporting instructions, removed glibcbug script
- fixed infinite loop in iconv with some options
- fixed inet_aton return value
- CPU friendlier busy waiting in linuxthreads on EM64T and IA-64
- avoid blocking/masking debug signal in linuxthreads
- fixed locale program output when neither LC_ALL nor LANG is set
- fixed using of unitialized memory in localedef
- fixed mntent_r escape processing
- optimized mtrace script
- linuxthread_db fixes on ppc64
- cfi instructions in x86-64 linuxthreads vfork
- some _POSIX_C_SOURCE=200112L namespace fixes
All users of glibc should upgrade to these updated packages, which resolve
these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
Affected Products
-
Red Hat Enterprise Linux Server 3 x86_64
-
Red Hat Enterprise Linux Server 3 ia64
-
Red Hat Enterprise Linux Server 3 i386
-
Red Hat Enterprise Linux Workstation 3 x86_64
-
Red Hat Enterprise Linux Workstation 3 ia64
-
Red Hat Enterprise Linux Workstation 3 i386
-
Red Hat Enterprise Linux Desktop 3 x86_64
-
Red Hat Enterprise Linux Desktop 3 i386
-
Red Hat Enterprise Linux for IBM z Systems 3 s390x
-
Red Hat Enterprise Linux for IBM z Systems 3 s390
-
Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
- BZ - 103415 - Weird string in date printing
- BZ - 116428 - RHEL3 U4: statfs64
- BZ - 118574 - malloc exhausts memory to fast in mulithreaded program
- BZ - 123583 - getnameinfo does not use /etc/hosts for lookup of V4MAPPED addresses
- BZ - 127606 - __builtin_expect's prototype does not expect int args; assert feeds it just that
- BZ - 130254 - glibc's traceback() fails when called from an exception handler
- BZ - 132204 - glibc-nis-performance.patch causes gdm to hang
- BZ - 132654 - LTC10984 - 1.3.1 Linux JVM hanging on RedHat EL 3 update 3
- BZ - 132816 - glibc in RHEL 3 needs to have syslog.c updated to cvs version 1.42
- BZ - 135234 - Problem with gethostbyaddr with latest UDP
- BZ - 136318 - CAN-2004-0968 temporary file vulnerabilities in catchsegv script
- BZ - 136726 - RHEL3 U5: execvp fails if ENODEV encountered during PATH search
CVEs
References
(none)
Vulmon