- Issued:
- 2012-02-20
- Updated:
- 2012-02-20
RHBA-2012:0260 - Bug Fix Advisory
Synopsis
glibc bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated glibc packages that fix multiple bugs are now available for Red Hat
Enterprise Linux 5.
Description
The glibc packages provide the standard C and standard math libraries used by
multiple programs on the system. Without these libraries, the Linux system
cannot function correctly.
This update fixes the following bugs:
- Priviously, glibc incorrectly computed the amount of memory needed by
strcoll_l and strxfrm functions. As a consequence, a stack overflow could occur,
especially in multi-threaded applications with small stack sizes. This update
fixes the memory usage computations and avoids the stack overflows. (BZ#585433)
- Prior to this update, glibc used an incorrect matching algorithm in the
strptime function. As a result, strptime could misparse months in certain
locales including Polish and Vietnamese. This update corrects the matching
algorithm in strptime. (BZ#657570)
- Priviously, the glibc locale information was wrong for certain French, Spanish
and German locales. As a result, incorrect numeric output could be reported.
This update corrects the information. (BZ#675259)
- Prior to this update, nss_nis client code in glibc attempted to read the
passwd.adjunct table for certain usernames. This typically required more
privileges than a normal user has and thus errors were logged on the The Network
Information Service (NIS) server. This update changes glibc to only refer to
passwd.adjunct when it is actually necessary. (BZ#678318)
- Priviously, the dl_debug_state RT_CONSISTENT incorrectly occurred before
applying dynamic relocations. As a result, debugging tools could not correctly
monitor this call. This update adds systemtap-probes at a superset of the
locations where the dl_debug_state was called. (BZ#711924)
- Prior to this update, glibc did not initialize the robust futex list after a
fork. As a result, shared robust mutexes were not cleaned up when the child
exited. This update ensures that the robust futex list is correctly initialized
after a fork system call. (BZ#711531)
- Prior to this update, glibc returned incorrect error codes from the
pthread_create. This could lead some programs to incorrectly issue an error for
a transient failure, such as a temporary out of memory condition. This update
ensures glibc returns the correct error code when memory allocation fails in
pthread_create. (BZ#707998)
- Prior to this update, the system configuration option _SC_NPROCESSORS_CONF
returned the total number of active processors configured rather than the total
number of configured processors. This update changes glibc to query system
configurations to get the number of configured processors correctly. (BZ#706894)
- Prior to this update, getpwent could incorrectly query NIS when using the
nss_compat option. This could lead to incorrect results (missing entries) for
calls to getpwent. This update changes glibc to only query the NIS domain when
needed. (BZ#703345)
- Prior to this update, the dynamic loader generated an incorrect ordering for
initialization according to the ELF specification. This could result in
incorrect ordering of DSO constructors and destructors. With this update,
dependency resolution has been fixed(BZ#729661)
- Prior to this update, the libresolv routines were not compiled with the stack
protector enabled. As a consequence, a buffer overflow attack vector could occur
if the libresolv routines had potential stack overflows. This update turns on
the stack protector mechanisms for libresolv. (BZ#756453)
- Prior to this update, the futimes function rounded values rather than truncate
them. As a consequence, file modification, access, or creation times could be
incorrect. This update correctly truncates values and gives the correct file
modification, access & creation times. (BZ#758252)
All users of glibc are advised to upgrade to these updated packages, which fix
these bugs.
Solution
Before applying this update, make sure all previously-released errata relevant
to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 531160 - ldd Vulnerable to Social Engineering Exploits
- BZ - 585433 - String functions use stack allocations when they should use heap causing stack overflow with certain string sizes.
- BZ - 657570 - strptime()'s '%b' descriptor should be greedy
- BZ - 675259 - incorrect numeric settings for French, Spanish, and German locales
- BZ - 678318 - nss_nis client generates refused connect to procedure ypproc_match errors on NIS server
- BZ - 707998 - When resources lack, pthread_create() does not return EAGAIN as per documentation, but ENOMEM.
- BZ - 711924 - _dl_debug_state() RT_CONSISTENT called too early
- BZ - 756453 - libresolv is not compiled with the stack protector enabled
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
glibc-2.5-81.src.rpm | SHA-256: 36222e557e8d1fb5333c0de578645b54484f5698d7c220dcc15c35666386316b |
x86_64 | |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-2.5-81.x86_64.rpm | SHA-256: c155e835f0b0cc2f633510df1909b4212c4688bd130ce4d9ca419783187749e7 |
glibc-common-2.5-81.x86_64.rpm | SHA-256: 865d74ba6a93fc4fd83139d143755d3564df239a6704b2ab7c7ac3e08030ef33 |
glibc-devel-2.5-81.i386.rpm | SHA-256: 4deef7f0a96234a607dff99f6a66b700b7aa719ae03c65f3c40001c7cd4e1e07 |
glibc-devel-2.5-81.x86_64.rpm | SHA-256: c500403147b3494e682e64e36c7f7d3c8493ffde62da1ed1e67dd1d8eff3590e |
glibc-headers-2.5-81.x86_64.rpm | SHA-256: a02e88d7e554012bc46b563364b5962fe8cc95490bd90eb0d8cd413a7c4e9fd9 |
glibc-utils-2.5-81.x86_64.rpm | SHA-256: 71f4f41c1963400ffa5205acb2bb4b79411ec072169d69657318e65647e09c73 |
nscd-2.5-81.x86_64.rpm | SHA-256: 53df25a7a81b2064b215859642946dbb3ff4ceed30281f42cdd9cabe35b86315 |
ia64 | |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-2.5-81.ia64.rpm | SHA-256: 8803863ad3c73be3bdd8de7a4f689c5fdb5fad9f5a665c0bd46c6f82e2b061ed |
glibc-common-2.5-81.ia64.rpm | SHA-256: d392f5143f1d2614b094358171c1f1c331e6499971f939ca33818e411eedd2bc |
glibc-devel-2.5-81.ia64.rpm | SHA-256: 2fa3b9c2b50adba7efe001200c08a0919af83b235e04dc62bc5e7605daa3ebec |
glibc-headers-2.5-81.ia64.rpm | SHA-256: d2fdd2a9d61cde2e68b943d68beb50c66231f3bf8a56425899125b87b52a9169 |
glibc-utils-2.5-81.ia64.rpm | SHA-256: 4a6812989b3b7364886ade8d9d4b40376ec01350a4de3f34aeb68657ab51c9d5 |
nscd-2.5-81.ia64.rpm | SHA-256: 264d676bc9744b918dc7724f193b37c95cbe914871e69d0dd55dbf833ee05d5a |
i386 | |
glibc-2.5-81.i386.rpm | SHA-256: 21f07b438bce5cd62ed4355e0075bf6e16e989ea6ee4894faf8a9f92d9553d1d |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-common-2.5-81.i386.rpm | SHA-256: 23fe55a5e929215d6c154777e25fb124ed73893f7b3602a07ee848a3bb278b7e |
glibc-devel-2.5-81.i386.rpm | SHA-256: 4deef7f0a96234a607dff99f6a66b700b7aa719ae03c65f3c40001c7cd4e1e07 |
glibc-headers-2.5-81.i386.rpm | SHA-256: aa65fe4a74bb5b7239ceb2666a8bc78eb3fc8d09964da1c507d8aac898063224 |
glibc-utils-2.5-81.i386.rpm | SHA-256: c758de67b86fd11e2a13d85417685004b7e485e21409d3e8c7d549cbb9c7fb6f |
nscd-2.5-81.i386.rpm | SHA-256: c8f4dcc1d7f763efff245dfe599de6efe07cae7a93a597375ce818830bdcb527 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
glibc-2.5-81.src.rpm | SHA-256: 36222e557e8d1fb5333c0de578645b54484f5698d7c220dcc15c35666386316b |
x86_64 | |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-2.5-81.x86_64.rpm | SHA-256: c155e835f0b0cc2f633510df1909b4212c4688bd130ce4d9ca419783187749e7 |
glibc-common-2.5-81.x86_64.rpm | SHA-256: 865d74ba6a93fc4fd83139d143755d3564df239a6704b2ab7c7ac3e08030ef33 |
glibc-devel-2.5-81.i386.rpm | SHA-256: 4deef7f0a96234a607dff99f6a66b700b7aa719ae03c65f3c40001c7cd4e1e07 |
glibc-devel-2.5-81.x86_64.rpm | SHA-256: c500403147b3494e682e64e36c7f7d3c8493ffde62da1ed1e67dd1d8eff3590e |
glibc-headers-2.5-81.x86_64.rpm | SHA-256: a02e88d7e554012bc46b563364b5962fe8cc95490bd90eb0d8cd413a7c4e9fd9 |
glibc-utils-2.5-81.x86_64.rpm | SHA-256: 71f4f41c1963400ffa5205acb2bb4b79411ec072169d69657318e65647e09c73 |
nscd-2.5-81.x86_64.rpm | SHA-256: 53df25a7a81b2064b215859642946dbb3ff4ceed30281f42cdd9cabe35b86315 |
i386 | |
glibc-2.5-81.i386.rpm | SHA-256: 21f07b438bce5cd62ed4355e0075bf6e16e989ea6ee4894faf8a9f92d9553d1d |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-common-2.5-81.i386.rpm | SHA-256: 23fe55a5e929215d6c154777e25fb124ed73893f7b3602a07ee848a3bb278b7e |
glibc-devel-2.5-81.i386.rpm | SHA-256: 4deef7f0a96234a607dff99f6a66b700b7aa719ae03c65f3c40001c7cd4e1e07 |
glibc-headers-2.5-81.i386.rpm | SHA-256: aa65fe4a74bb5b7239ceb2666a8bc78eb3fc8d09964da1c507d8aac898063224 |
glibc-utils-2.5-81.i386.rpm | SHA-256: c758de67b86fd11e2a13d85417685004b7e485e21409d3e8c7d549cbb9c7fb6f |
nscd-2.5-81.i386.rpm | SHA-256: c8f4dcc1d7f763efff245dfe599de6efe07cae7a93a597375ce818830bdcb527 |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
glibc-2.5-81.src.rpm | SHA-256: 36222e557e8d1fb5333c0de578645b54484f5698d7c220dcc15c35666386316b |
x86_64 | |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-2.5-81.x86_64.rpm | SHA-256: c155e835f0b0cc2f633510df1909b4212c4688bd130ce4d9ca419783187749e7 |
glibc-common-2.5-81.x86_64.rpm | SHA-256: 865d74ba6a93fc4fd83139d143755d3564df239a6704b2ab7c7ac3e08030ef33 |
glibc-devel-2.5-81.i386.rpm | SHA-256: 4deef7f0a96234a607dff99f6a66b700b7aa719ae03c65f3c40001c7cd4e1e07 |
glibc-devel-2.5-81.x86_64.rpm | SHA-256: c500403147b3494e682e64e36c7f7d3c8493ffde62da1ed1e67dd1d8eff3590e |
glibc-headers-2.5-81.x86_64.rpm | SHA-256: a02e88d7e554012bc46b563364b5962fe8cc95490bd90eb0d8cd413a7c4e9fd9 |
glibc-utils-2.5-81.x86_64.rpm | SHA-256: 71f4f41c1963400ffa5205acb2bb4b79411ec072169d69657318e65647e09c73 |
nscd-2.5-81.x86_64.rpm | SHA-256: 53df25a7a81b2064b215859642946dbb3ff4ceed30281f42cdd9cabe35b86315 |
i386 | |
glibc-2.5-81.i386.rpm | SHA-256: 21f07b438bce5cd62ed4355e0075bf6e16e989ea6ee4894faf8a9f92d9553d1d |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-common-2.5-81.i386.rpm | SHA-256: 23fe55a5e929215d6c154777e25fb124ed73893f7b3602a07ee848a3bb278b7e |
glibc-devel-2.5-81.i386.rpm | SHA-256: 4deef7f0a96234a607dff99f6a66b700b7aa719ae03c65f3c40001c7cd4e1e07 |
glibc-headers-2.5-81.i386.rpm | SHA-256: aa65fe4a74bb5b7239ceb2666a8bc78eb3fc8d09964da1c507d8aac898063224 |
glibc-utils-2.5-81.i386.rpm | SHA-256: c758de67b86fd11e2a13d85417685004b7e485e21409d3e8c7d549cbb9c7fb6f |
nscd-2.5-81.i386.rpm | SHA-256: c8f4dcc1d7f763efff245dfe599de6efe07cae7a93a597375ce818830bdcb527 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
glibc-2.5-81.src.rpm | SHA-256: 36222e557e8d1fb5333c0de578645b54484f5698d7c220dcc15c35666386316b |
s390x | |
glibc-2.5-81.s390.rpm | SHA-256: 5382e08a88c695707d967a61cc71bdb38dafab79f008f4d25cdcc8889f71ab71 |
glibc-2.5-81.s390x.rpm | SHA-256: 6ae0e5aa833a7c972ddb443197ce98b14a300842e15035f3f0245e9cb8f06906 |
glibc-common-2.5-81.s390x.rpm | SHA-256: ea23494dbf4e95b3337869123fcec6be6dfaae48ebfc7d7a1a6fde899108e6fe |
glibc-devel-2.5-81.s390.rpm | SHA-256: 2a480db4c42bc8e227b58a7370f379ae38d67507b12f82568e58602bed19c8df |
glibc-devel-2.5-81.s390x.rpm | SHA-256: 66979d9c9cd31342a7b0151c157d1d33cbe235610fd5ac782b626be1f030be13 |
glibc-headers-2.5-81.s390x.rpm | SHA-256: 04edc67974981ed8ba313158cb163a153f20e2dc0fee3a0c479b9275f1794407 |
glibc-utils-2.5-81.s390x.rpm | SHA-256: c137464ab58016604c21a113815422fbfee02be9fdea6ad75443328d06628d57 |
nscd-2.5-81.s390x.rpm | SHA-256: 46cf9d80fb7131b482db95196b0b0ceba99b027c1e24761f4ff1ff7260af71f2 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
glibc-2.5-81.src.rpm | SHA-256: 36222e557e8d1fb5333c0de578645b54484f5698d7c220dcc15c35666386316b |
ppc | |
glibc-2.5-81.ppc.rpm | SHA-256: 515ade5a0f572b85e2539f0622fe82b0ac5289b98ea21922dc3a451fdfcddd2d |
glibc-2.5-81.ppc64.rpm | SHA-256: f3b360dc80539dfe1b88a0d4c8a8e6cb6e459a102cedb12226cf2ac160ac8c40 |
glibc-common-2.5-81.ppc.rpm | SHA-256: 8a435a2cb232c0d8eecaccf466cc4e4efd6ee295cabf2bc64a03f650b90c6dbc |
glibc-devel-2.5-81.ppc.rpm | SHA-256: 0de4c75d7e07490e2a60a8e15052d0dd7ed066220170d33363dee3b459dd8424 |
glibc-devel-2.5-81.ppc64.rpm | SHA-256: 98ffaa844eb22c23268ad3ba64ccd1ebd327231ae205de4740ae03cd5471110f |
glibc-headers-2.5-81.ppc.rpm | SHA-256: b5cdf3629ae866773c74d3b840d5cf63f189765a5ecd7e640b43cefbf63661b6 |
glibc-utils-2.5-81.ppc.rpm | SHA-256: 041b699becf7857cc0cf2e44097bd457a1c0e62a5bbe7ae1734497da5505d4b6 |
nscd-2.5-81.ppc.rpm | SHA-256: f2394a3ce37af7cf29f5dc34bcb10669663b132f511b7eb1616e686411892863 |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
glibc-2.5-81.src.rpm | SHA-256: 36222e557e8d1fb5333c0de578645b54484f5698d7c220dcc15c35666386316b |
x86_64 | |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-2.5-81.x86_64.rpm | SHA-256: c155e835f0b0cc2f633510df1909b4212c4688bd130ce4d9ca419783187749e7 |
glibc-common-2.5-81.x86_64.rpm | SHA-256: 865d74ba6a93fc4fd83139d143755d3564df239a6704b2ab7c7ac3e08030ef33 |
glibc-devel-2.5-81.i386.rpm | SHA-256: 4deef7f0a96234a607dff99f6a66b700b7aa719ae03c65f3c40001c7cd4e1e07 |
glibc-devel-2.5-81.x86_64.rpm | SHA-256: c500403147b3494e682e64e36c7f7d3c8493ffde62da1ed1e67dd1d8eff3590e |
glibc-headers-2.5-81.x86_64.rpm | SHA-256: a02e88d7e554012bc46b563364b5962fe8cc95490bd90eb0d8cd413a7c4e9fd9 |
glibc-utils-2.5-81.x86_64.rpm | SHA-256: 71f4f41c1963400ffa5205acb2bb4b79411ec072169d69657318e65647e09c73 |
nscd-2.5-81.x86_64.rpm | SHA-256: 53df25a7a81b2064b215859642946dbb3ff4ceed30281f42cdd9cabe35b86315 |
i386 | |
glibc-2.5-81.i386.rpm | SHA-256: 21f07b438bce5cd62ed4355e0075bf6e16e989ea6ee4894faf8a9f92d9553d1d |
glibc-2.5-81.i686.rpm | SHA-256: 7fd4fbc2c70216c3e8bc990398a87e797c855233d572a4de3582279a44a4dda7 |
glibc-common-2.5-81.i386.rpm | SHA-256: 23fe55a5e929215d6c154777e25fb124ed73893f7b3602a07ee848a3bb278b7e |
glibc-devel-2.5-81.i386.rpm | SHA-256: 4deef7f0a96234a607dff99f6a66b700b7aa719ae03c65f3c40001c7cd4e1e07 |
glibc-headers-2.5-81.i386.rpm | SHA-256: aa65fe4a74bb5b7239ceb2666a8bc78eb3fc8d09964da1c507d8aac898063224 |
glibc-utils-2.5-81.i386.rpm | SHA-256: c758de67b86fd11e2a13d85417685004b7e485e21409d3e8c7d549cbb9c7fb6f |
nscd-2.5-81.i386.rpm | SHA-256: c8f4dcc1d7f763efff245dfe599de6efe07cae7a93a597375ce818830bdcb527 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.