Fedora Linux 8811 Published by

A glibc security update has been released for Fedora 35.



SECURITY: Fedora 35 Update: glibc-2.34-24.fc35


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-560d2bc333
2022-02-04 01:19:29.205278
--------------------------------------------------------------------------------

Name : glibc
Product : Fedora 35
Version : 2.34
Release : 24.fc35
URL :   http://www.gnu.org/software/glibc/
Summary : The GNU libc libraries
Description :
The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.

--------------------------------------------------------------------------------
Update Information:

This update addresses a bugs in the handling of timestamps in the `recvmsg` and
`recvmmsg` on armhpf and i686
([swbz#28349](  https://sourceware.org/bugzilla/show_bug.cgi?id=28349),
[swbz#28350](  https://sourceware.org/bugzilla/show_bug.cgi?id=28350)). A bug in
some optimized versions of `wcsncmp` on x86_64 is fixed
([swbz#28755](  https://sourceware.org/bugzilla/show_bug.cgi?id=28755)). The
update also resolves minor incompatibilities between the `C` and `C.UTF-8`
locales.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Feb 1 2022 Florian Weimer - 2.34-24
- Sync with upstream branch release/2.34/master,
commit 008003dc6e83439c5e04a744b7fd8197df19096e:
- tst-socket-timestamp-compat.c: Check __TIMESIZE [BZ #28837]
- Linux: Only generate 64 bit timestamps for 64 bit time_t recvmsg/recvmmsg
- linux: Fix ancillary 64-bit time timestamp conversion (BZ #28349, BZ#28350)
- support: Add support_socket_so_timestamp_time64
* Tue Feb 1 2022 Florian Weimer - 2.34-23
- Align with glibc 2.35 version of C.UTF-8
* Tue Feb 1 2022 Florian Weimer - 2.34-22
- Sync with upstream branch release/2.34/master,
commit aa601d024424c40ae9a69b0c4e394a70ea0570c8:
- x86: Use CHECK_FEATURE_PRESENT to check HLE [BZ #27398]
- x86: Filter out more Intel CPUs for TSX [BZ #27398]
- Fix glibc 2.34 ABI omission (missing GLIBC_2.34 in dynamic loader)
- x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755]
- x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755]
* Mon Jan 24 2022 Florian Weimer - 2.34-21
- Sync with upstream branch release/2.34/master,
commit 3438bbca90895d32825a52e31a77dc44d273c1c1:
- Linux: Detect user namespace support in io/tst-getcwd-smallbuff
- realpath: Avoid overwriting preexisting error
- CVE-2021-3999: getcwd: Set errno to ERANGE for size == 1
- tst-realpath-toolong: Fix hurd build
- CVE-2021-3998: realpath: ENAMETOOLONG for result larger than PATH_MAX
- stdlib: Fix formatting of tests list in Makefile
- stdlib: Sort tests in Makefile
- support: Add helpers to create paths longer than PATH_MAX
- powerpc: Fix unrecognized instruction errors with recent binutils
- x86: use default cache size if it cannot be determined [BZ #28784]
- CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768)
- sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542)
- CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542)
- socket: Add the __sockaddr_un_set function
- Disable debuginfod in printer tests [BZ #28757]
- Update syscall lists for Linux 5.16
* Wed Jan 19 2022 Florian Weimer - 2.34-20
- More reliable CPU compatibility diagnostics (#2040657)
* Fri Jan 14 2022 Florian Weimer - 2.34-19
- Optionally accelerate sched_getcpu using rseq (#2024347)
* Thu Jan 13 2022 Florian Weimer - 2.34-18
- Backport optimized ELF dependency sorting algorithm (#2032647)
* Thu Jan 13 2022 Florian Weimer - 2.34-17
- Sync with upstream branch release/2.34/master,
commit 2fe2af88abd13ae5636881da2e26f461ecb7dfb5
- i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bug 28771)
- Update syscall lists for Linux 5.15
- powerpc: Fix unrecognized instruction errors with recent GCC
- timezone: test-case for BZ #28707
- timezone: handle truncated timezones from tzcode-2021d and later (BZ #28707)
- Fix subscript error with odd TZif file [BZ #28338]
- AArch64: Check for SVE in ifuncs [BZ #28744]
- intl/plural.y: Avoid conflicting declarations of yyerror and yylex
- Linux: Fix 32-bit vDSO for clock_gettime on powerpc32
- linux: Add sparck brk implementation
- Update sparc libm-test-ulps
- Update hppa libm-test-ulps
- riscv: align stack before calling _dl_init [BZ #28703]
- riscv: align stack in clone [BZ #28702]
- powerpc64[le]: Allocate extra stack frame on syscall.S
- elf: Fix tst-cpu-features-cpuinfo for KVM guests on some AMD systems [BZ #28704]
- nss: Use "files dns" as the default for the hosts database (bug 28700)
- arm: Guard ucontext _rtld_global_ro access by SHARED, not PIC macro
- mips: increase stack alignment in clone to match the ABI
- mips: align stack in clone [BZ #28223]
* Tue Dec 14 2021 Siddhesh Poyarekar - 2.34-16
- Enable PIE by default on all architectures (#1988382)
* Tue Dec 14 2021 Florian Weimer - 2.34-15
- Sync with upstream branch release/2.34/master,
commit 06865865151579d1aa17d38110060a68b85c5d90:
- pthread/tst-cancel28: Fix barrier re-init race condition
- Use $(pie-default) with conformtest
- Run conform/ tests using newly built libc
- nptl: Add one more barrier to nptl/tst-create1
* Fri Dec 10 2021 Florian Weimer - 2.34-13
- x86-64: Remove LD_PREFER_MAP_32BIT_EXEC support (#2029410)
* Fri Dec 10 2021 Florian Weimer - 2.34-12
- Add /usr/bin/ld.so --list-diagnostics (#2023422)
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-560d2bc333' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________