Wednesday, February 17, 2016

ELSA-2016-0176 Critical: Oracle Linux 7 glibc security and bug fix update

Oracle Linux Security Advisory ELSA-2016-0176 http://linux.oracle.com/errata/ELSA-2016-0176.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:


  • x86_64: glibc-2.17-106.0.1.el7_2.4.i686.rpm
  • x86_64: glibc-2.17-106.0.1.el7_2.4.x86_64.rpm
  • x86_64: glibc-common-2.17-106.0.1.el7_2.4.x86_64.rpm
  • x86_64: glibc-devel-2.17-106.0.1.el7_2.4.i686.rpm
  • x86_64: glibc-devel-2.17-106.0.1.el7_2.4.x86_64.rpm
  • x86_64: glibc-headers-2.17-106.0.1.el7_2.4.x86_64.rpm
  • x86_64: glibc-static-2.17-106.0.1.el7_2.4.i686.rpm
  • x86_64: glibc-static-2.17-106.0.1.el7_2.4.x86_64.rpm
  • x86_64: glibc-utils-2.17-106.0.1.el7_2.4.x86_64.rpm
  • x86_64: nscd-2.17-106.0.1.el7_2.4.x86_64.rpm
  • SRPMS: http://oss.oracle.com/ol7/SRPMS-updates/glibc-2.17-106.0.1.el7_2.4.src.rpm

Description of changes:

  • [2.17-106.0.1.4] Remove strstr and strcasestr implementations using sse4.2 instructions.
  • [2.17-106.0.1.4] Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and
  •    1818483b15d22016b0eae41d37ee91cc87b37510 backported.
  • [2.17-106.4] Revert problematic libresolv change, not needed for the CVE-2015-7547 fix (#1296030).
  • [2.17-106.3] Fix CVE-2015-7547: getaddrinfo() stack-based buffer overflow (#1296030).
  • [2.17-106.3] Fix madvise performance issues (#1298930).
  • [2.17-106.3] Avoid "monstartup: out of memory" error on powerpc64le (#1298956).
  • [2.17-106.2] Fix CVE-2015-5229: calloc() may return non-zero memory (#1296453).


Post a Comment