- Issued:
- 2015-07-22
- Updated:
- 2015-07-22
RHBA-2015:1286 - glibc bug fix and enhancement update
Synopsis
glibc bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Topic
Updated glibc packages that fix several bugs and add various enhancements are now available for Red Hat Enterprise Linux 6.
Description
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name server cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.
This update fixes these bugs:
-
This update of the name service cache daemon (nscd) adds a system of inotify-based monitoring and stat-based backup monitoring for nscd configuration files, so that nscd now correctly detects changes to its configuration and reloads the data. This prevents nscd from returning stale data. (BZ#859965)
-
A defect in the library could cause the list of returned netgroups to be truncated if one of the netgroups in the tree was empty. This error could result in application crashes or undefined behavior. The library has been fixed to handle empty netgroups correctly and to return the complete list of requested netgroups. (BZ#1085312)
-
The gethostby* functions generated syslog messages for every unrecognized record type, even if the resolver options explicitly selected extra data. The library has been fixed to avoid generating logging messages when the user explicitly or implicitly requested the data. The number of syslog messages in DNSSEC-enabled systems related to calls to gethostby* is now reduced. (BZ#1088301)
-
A defect in glibc could cause uninitialized bytes to be sent via a socket between the nscd client and server. When the application was analyzed using Valgrind, it reported a problem which could be confusing and misleading. The library has been fixed to initialize all bytes sent via the socket operation. Valgrind no longer reports problems with the nscd client. (BZ#1091915)
-
A defect in the reinitialization of thread local structures could result in a too-small thread local storage structure which could lead to unexpected termination of an application. The thread library has been fixed to reinitialize the thread local storage structure correctly to prevent applications from crashing when they reuse thread stacks. (BZ#1116050)
-
The times function provided by glibc did not allow users to use a NULL value for the buffer, and applications passing a NULL could terminate unexpectedly. The library has been fixed to accept a NULL value for the buffer and return the expected results from the kernel system call. (BZ#1124204)
-
The getaddrinfo(3) function has been improved to return a valid response when an address lookup using the getaddrinfo(3) function for AF_UNSPEC is performed on a defective DNS server. (BZ#1138769)
-
When using NetApp filers as NFS servers, the rpc.statd service could terminate unexpectedly. The glibc API segmentation violation in the server Remote Procedure Call (RPC) code that was causing this crash has been corrected, and the problem no longer occurs. (BZ#1159167)
-
When a system with a large .rhosts file used the rsh shell to connect to a rlogind server, the authentication could time out. This update adjusts the ruserok(3) function, so that it first performs user matching in order to avoid demanding DNS lookups. As a result, rlogind authentication with large .rhosts files is faster and no longer times out. (BZ#1217186)
In addition, this update adds these enhancements:
-
The dlopen(3) function of the library, which is used to load dynamic libraries, can now be called recursively (a dlopen(3) function can be called while another dlopen(3) function is already in process). This update prevents crashes or aborts in applications that need to use the dlopen(3) function in this way. (BZ#1154563)
-
The glibc dynamic loader now supports Intel AVX-512 extensions. This update allows the dynamic loader to save and restore AVX-512 registers as required, thus preventing AVX-512-enabled applications from failing because of audit modules that also use AVX-512. (BZ#1195453)
Users of glibc are advised to upgrade to these updated packages, which fix these bugs and add these enhancements.
Solution
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Retired Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- glibc-common-2.12-1.166.el6.i686.rpm
- glibc-headers-2.12-1.166.el6.ppc64.rpm
- glibc-devel-2.12-1.166.el6.ppc64.rpm
- glibc-static-2.12-1.166.el6.s390x.rpm
- glibc-devel-2.12-1.166.el6.s390x.rpm
- glibc-debuginfo-common-2.12-1.166.el6.i686.rpm
- glibc-2.12-1.166.el6.x86_64.rpm
- glibc-2.12-1.166.el6.ppc.rpm
- glibc-devel-2.12-1.166.el6.ppc.rpm
- glibc-debuginfo-2.12-1.166.el6.s390.rpm
- glibc-devel-2.12-1.166.el6.x86_64.rpm
- glibc-common-2.12-1.166.el6.s390x.rpm
- glibc-2.12-1.166.el6.src.rpm
- glibc-headers-2.12-1.166.el6.x86_64.rpm
- glibc-debuginfo-2.12-1.166.el6.s390x.rpm
- glibc-debuginfo-2.12-1.166.el6.ppc.rpm
- glibc-utils-2.12-1.166.el6.x86_64.rpm
- glibc-debuginfo-2.12-1.166.el6.i686.rpm
- glibc-debuginfo-common-2.12-1.166.el6.s390x.rpm
- glibc-2.12-1.166.el6.s390.rpm
- glibc-static-2.12-1.166.el6.i686.rpm
- glibc-2.12-1.166.el6.i686.rpm
- glibc-static-2.12-1.166.el6.ppc64.rpm
- glibc-debuginfo-2.12-1.166.el6.ppc64.rpm
- glibc-utils-2.12-1.166.el6.ppc64.rpm
- glibc-static-2.12-1.166.el6.s390.rpm
- glibc-utils-2.12-1.166.el6.i686.rpm
- nscd-2.12-1.166.el6.ppc64.rpm
- nscd-2.12-1.166.el6.i686.rpm
- glibc-common-2.12-1.166.el6.x86_64.rpm
- glibc-devel-2.12-1.166.el6.i686.rpm
- glibc-debuginfo-common-2.12-1.166.el6.ppc.rpm
- glibc-static-2.12-1.166.el6.ppc.rpm
- glibc-2.12-1.166.el6.ppc64.rpm
- glibc-headers-2.12-1.166.el6.i686.rpm
- glibc-debuginfo-common-2.12-1.166.el6.ppc64.rpm
- glibc-debuginfo-common-2.12-1.166.el6.s390.rpm
- glibc-devel-2.12-1.166.el6.s390.rpm
- glibc-debuginfo-common-2.12-1.166.el6.x86_64.rpm
- glibc-headers-2.12-1.166.el6.s390x.rpm
- nscd-2.12-1.166.el6.s390x.rpm
- glibc-2.12-1.166.el6.s390x.rpm
- glibc-utils-2.12-1.166.el6.s390x.rpm
- glibc-debuginfo-2.12-1.166.el6.x86_64.rpm
- glibc-common-2.12-1.166.el6.ppc64.rpm
- glibc-static-2.12-1.166.el6.x86_64.rpm
- nscd-2.12-1.166.el6.x86_64.rpm
Fixes
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.