[Oraclevm-errata] OVMSA-2014-0033 Moderate: Oracle VM 3.3 glibc security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Tue Nov 4 09:35:57 PST 2014 

Oracle VM Security Advisory OVMSA-2014-0033

The following updated rpms for Oracle VM 3.3 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
glibc-2.12-1.149.el6.i686.rpm
glibc-2.12-1.149.el6.x86_64.rpm
glibc-common-2.12-1.149.el6.x86_64.rpm
nscd-2.12-1.149.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.3/SRPMS-updates/glibc-2.12-1.149.el6.src.rpm



Description of changes:

[2.12-1.149]
- Remove gconv transliteration loadable modules support (CVE-2014-5119,
   - _nl_find_locale: Improve handling of crafted locale names 
(CVE-2014-0475,

[2.12-1.148]
- Switch gettimeofday from INTUSE to libc_hidden_proto (#1099025).

[2.12-1.147]
- Fix stack overflow due to large AF_INET6 requests (CVE-2013-4458, 
#1111460).
- Fix buffer overflow in readdir_r (CVE-2013-4237, #1111460).

[2.12-1.146]
- Fix memory order when reading libgcc handle (#905941).
- Fix format specifier in malloc_info output (#1027261).
- Fix nscd lookup for innetgr when netgroup has wildcards (#1054846).

[2.12-1.145]
- Add mmap usage to malloc_info output (#1027261).

[2.12-1.144]
- Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (#1087833).

[2.12-1.143]
- [ppc] Add VDSO IFUNC for gettimeofday (#1028285).
- [ppc] Fix ftime gettimeofday internal call returning bogus data 
(#1099025).

[2.12-1.142]
- Also relocate in dependency order when doing symbol dependency testing
   (#1019916).

[2.12-1.141]
- Fix infinite loop in nscd when netgroup is empty (#1085273).
- Provide correct buffer length to netgroup queries in nscd (#1074342).
- Return NULL for wildcard values in getnetgrent from nscd (#1085289).
- Avoid overlapping addresses to stpcpy calls in nscd (#1082379).
- Initialize all of datahead structure in nscd (#1074353).

[2.12-1.140]
- Return EAI_AGAIN for AF_UNSPEC when herrno is TRY_AGAIN (#1044628).

[2.12-1.139]
- Do not fail if one of the two responses to AF_UNSPEC fails (#845218).

[2.12-1.138]
- nscd: Make SELinux checks dynamic (#1025933).

[2.12-1.137]
- Fix race in free() of fastbin chunk (#1027101).

[2.12-1.136]
- Fix copy relocations handling of unique objects (#1032628).

[2.12-1.135]
- Fix encoding name for IDN in getaddrinfo (#981942).

[2.12-1.134]
- Fix return code from getent netgroup when the netgroup is not found 
(#1039988).
- Fix handling of static TLS in dlopen'ed objects (#995972).

[2.12-1.133]
- Don't use alloca in addgetnetgrentX (#1043557).
- Adjust pointers to triplets in netgroup query data (#1043557).

More information about the Oraclevm-errata mailing list