[Oraclevm-errata] OVMSA-2017-0051 Moderate: Oracle VM 3.4 glibc security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed Mar 29 13:02:59 PDT 2017 

Oracle VM Security Advisory OVMSA-2017-0051

The following updated rpms for Oracle VM 3.4 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
glibc-2.12-1.209.0.1.el6.i686.rpm
glibc-2.12-1.209.0.1.el6.x86_64.rpm
glibc-common-2.12-1.209.0.1.el6.x86_64.rpm
glibc-devel-2.12-1.209.0.1.el6.x86_64.rpm
glibc-headers-2.12-1.209.0.1.el6.x86_64.rpm
nscd-2.12-1.209.0.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.4/SRPMS-updates/glibc-2.12-1.209.0.1.el6.src.rpm



Description of changes:

[2.12-1.209.0.1]
- Update newmode size to fix a possible corruption

[2.12-1.209]
- Fix AF_INET6 getaddrinfo with nscd (#1416496)

[2.12-1.208]
- Update tests for struct sockaddr_storage changes (#1338673)

[2.12-1.207]
- Use FL_CLOEXEC in internal calls to fopen (#1012343).

[2.12-1.206]
- Fix CVE-2015-8779 glibc: Unbounded stack allocation in catopen function
   (#1358015).

[2.12-1.205]
- Make padding in struct sockaddr_storage explicit (#1338673)

[2.12-1.204]
- Fix detection of Intel FMA hardware (#1384281).

[2.12-1.203]
- Add support for el_GR at euro, ur_IN, and wal_ET locales (#1101858).

[2.12-1.202]
- Change malloc/tst-malloc-thread-exit.c to use fewer threads and
   avoid timeout (#1318380).

[2.12-1.201]
- df can fail on some systems (#1307029).

[2.12-1.200]
- Log uname, cpuinfo, meminfo during build (#1307029).

[2.12-1.199]
- Draw graphs for heap and stack only if MAXSIZE_HEAP and MAXSIZE_STACK
   are non-zero (#1331304).

[2.12-1.198]
- Avoid unneeded calls to __check_pf in getadddrinfo (#1270950)

[2.12-1.197]
- Fix CVE-2015-8778 glibc: Integer overflow in hcreate and hcreate_r
   (#1358013).

[2.12-1.196]
- Fix CVE-2015-8776 glibc: Segmentation fault caused by passing
   out-of-range data to strftime() (#1358011).

[2.12-1.195]
- tzdata-update: Ignore umask setting (#1373646)

[2.12-1.194]
- CVE-2014-9761: Fix unbounded stack allocation in nan* (#1358014)

[2.12-1.193]
- Avoid using uninitialized data in getaddrinfo (#1223095)

[2.12-1.192]
- Update fix for CVE-2015-7547 (#1296029).

[2.12-1.191]
- Create helper threads with enough stack for POSIX AIO and timers 
(#1299319).

[2.12-1.190]
- Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296029).
- Update malloc free_list cyclic fix (#1264189).
- Update tzdata-update changes (#1200555).

[2.12-1.189]
- Avoid redundant shift character in iconv output at block boundary 
(#1293914).

[2.12-1.188]
- Clean up testsuite results when testing with newer kernels (#1293464).

[2.12-1.187]
- Do not rewrite /etc/localtime if it is a symbolic link.  (#1200555)

[2.12-1.186]
- Support long lines in /etc/hosts (#1020263).

[2.12-1.185]
- Avoid aliasing warning in tst-rec-dlopen (#1291444)

[2.12-1.184]
- Don't touch user-controlled stdio locks in forked child (#1275384).

[2.12-1.183]
- Increase the limit of shared libraries that can use static TLS (#1198802).

[2.12-1.182]
- Avoid PLT in libm for feupdateenv (#1186104).
- Allow PLT entry in libc for _Unwind_Find_FDE on s390/s390x (#1186104).

[2.12-1.181]
- Provide /etc/gai.conf only in the glibc package.  (#1223818)

[2.12-1.180]
- Change first day of the week to Monday for the ca_ES locale.  (#1011900)

[2.12-1.179]
- Update BIG5-HKSCS charmap to HKSCS-2008.  (#1211748)

[2.12-1.178]
- Rename Oriya locale to Odia.  (#1091334)

[2.12-1.177]
- Avoid hang in gethostbyname_r due to missing mutex unlocking (#1192621)

[2.12-1.176]
- Avoid ld.so crash when audit modules provide path (#1211098)

[2.12-1.175]
- Suppress expected backtrace in tst-malloc-backtrace (#1276633)

[2.12-1.174]
- Avoid PLT for memmem (#1186104).

[2.12-1.173]
- Fix up a missing dependency in the Makefile (#1219627).

[2.12-1.172]
- Reduce lock contention in __tz_convert (#1244585).

[2.12-1.171]
- Prevent the malloc arena free list from becoming cyclic (#1264189)

[2.12-1.170]
- Remove legacy IA64 support (#1246145).

[2.12-1.169]
- Check for NULL arena pointer in _int_pvalloc (#1246656).
- Don't change no_dyn_threshold on mallopt failure (#1246660).

[2.12-1.168]
- Unlock main arena after allocation in calloc (#1245731).
- Enable robust malloc change again (#1245731).
- Fix perturbing in malloc on free and simply perturb_byte (#1245731).
- Don't fall back to mmap prematurely (#1245731).

[-2.12-1.167]
- The malloc deadlock avoidance support has been temporarily removed 
since it
   triggers deadlocks in certain applications (#1243824).

More information about the Oraclevm-errata mailing list