- Issued:
- 2013-09-30
- Updated:
- 2013-09-30
RHBA-2013:1308 - glibc bug fix update
Synopsis
glibc bug fix update
Type/Severity
Bug Fix Advisory (none)
Topic
Updated glibc packages that fix several bugs are now available for Red Hat Enterprise Linux 5.
Description
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.
This update also fixes the following bugs:
-
The library uses the compat_call() function which in turn uses the getgrent_r() function which is reentrant safe, but not thread safe. As a result, if multiple threads call getgrent_r() using compat_call(), they may race against each other, resulting in some groups not being properly reported. With this update, locking was added to the compat_call() function to prevent multiple threads from racing. All groups are now properly reported. (BZ#706571)
-
A library security mechanism failed to correctly run the initialization function of dynamically-loaded character conversion routines. Consequently, glibc could sometimes terminate unexpectedly with a segmentation fault when attempting to use one dynamically-loaded character conversion routine. The library security mechanism has been fixed to correctly run the initialization function. After this update, the aforementioned problem no longer occurs in this situation. (BZ#816647)
-
Various bugs in the wide character version of the fseek() function resulted in the internal FILE offset field being set incorrectly in wide character streams. As a result, the offset returned by the ftell() function was incorrect, and sometimes, data could be overwritten. The ftell() function was fixed to correctly set the internal FILE offset field for wide characters. The ftell() and fseek() functions now handle offsets for wide characters correctly. (BZ#835828)
-
A fix to prevent logic errors in various mathematical functions, including exp(), exp2(), expf(), exp2f(), pow(), sin(), tan(), and rint(), caused by inconsistent results when the functions were used with the non-default rounding mode, creates performance regressions for certain inputs. The performance regressions have been analyzed and the core routines have been optimized to improve performance. (BZ#861871)
-
A defect in the nscd daemon caused it to cache results for DNS entries with a TTL value of zero. This caused DNS lookups to return stale results. The nscd daemon has been fixed to correctly respect DNS TTL entries of zero. The nscd daemon no longer cache DNS entries with a TTL of zero and lookups for those entries return the correct and current results. (BZ#929035)
-
A defect in the library localization routines resulted in unexpected termination of the application in low-memory conditions. The affected routines have been fixed to correctly detect and report errors when a low-memory condition prevents their correct operation. Applications running under low-memory conditions no longer terminate unexpectedly while calling localization routines. (BZ#957089)
Users of glibc are advised to upgrade to these updated packages, which fix these bugs.
Solution
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- glibc-2.5-118.s390.rpm
- glibc-debuginfo-common-2.5-118.i386.rpm
- glibc-common-2.5-118.ppc.rpm
- glibc-2.5-118.i686.rpm
- glibc-common-2.5-118.s390x.rpm
- glibc-2.5-118.ia64.rpm
- glibc-debuginfo-2.5-118.i386.rpm
- glibc-headers-2.5-118.x86_64.rpm
- glibc-common-2.5-118.ia64.rpm
- glibc-devel-2.5-118.ia64.rpm
- nscd-2.5-118.ia64.rpm
- glibc-debuginfo-2.5-118.i686.rpm
- glibc-devel-2.5-118.s390x.rpm
- glibc-debuginfo-2.5-118.x86_64.rpm
- glibc-debuginfo-2.5-118.s390x.rpm
- glibc-debuginfo-2.5-118.s390.rpm
- nscd-2.5-118.ppc.rpm
- glibc-headers-2.5-118.ia64.rpm
- nscd-2.5-118.s390x.rpm
- nscd-2.5-118.x86_64.rpm
- glibc-2.5-118.ppc64.rpm
- glibc-2.5-118.x86_64.rpm
- glibc-utils-2.5-118.ppc.rpm
- glibc-devel-2.5-118.x86_64.rpm
- glibc-headers-2.5-118.s390x.rpm
- glibc-headers-2.5-118.ppc.rpm
- glibc-2.5-118.ppc.rpm
- glibc-2.5-118.i386.rpm
- glibc-2.5-118.s390x.rpm
- glibc-devel-2.5-118.s390.rpm
- glibc-headers-2.5-118.i386.rpm
- glibc-utils-2.5-118.x86_64.rpm
- glibc-common-2.5-118.i386.rpm
- glibc-utils-2.5-118.ia64.rpm
- glibc-common-2.5-118.x86_64.rpm
- glibc-utils-2.5-118.s390x.rpm
- nscd-2.5-118.i386.rpm
- glibc-devel-2.5-118.i386.rpm
- glibc-debuginfo-2.5-118.ia64.rpm
- glibc-2.5-118.src.rpm
- glibc-devel-2.5-118.ppc64.rpm
- glibc-debuginfo-2.5-118.ppc.rpm
- glibc-utils-2.5-118.i386.rpm
- glibc-devel-2.5-118.ppc.rpm
- glibc-debuginfo-2.5-118.ppc64.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.