[ALSA-2021:1585] Moderate: glibc security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2021-08-11
Description:
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix(es): * glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding (CVE-2019-25013) * glibc: regular-expression match via proceed_next_node in posix/regexec.c leads to heap-based buffer over-read (CVE-2019-9169) * glibc: assertion failure in ISO-2022-JP-3 gconv module related to combining characters (CVE-2021-3326) * glibc: iconv program can hang when invoked with the -c option (CVE-2016-10228) * glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop (CVE-2020-27618) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
i686 glibc-nss-devel-2.28-151.el8.i686.rpm 2822d0623798d01ca715ca58b0a945458076fe061ee5d7d359851e000e0ae6bb
i686 nss_hesiod-2.28-151.el8.i686.rpm 54fa67272d984c8129bda7a5fb96a590194cae1a53e3b29c92bde4abf5116556
i686 glibc-static-2.28-151.el8.i686.rpm c020b1add5cff9d208b1d130b08935404c7e4131c61f36a8b7a596f87f342a95
x86_64 glibc-benchtests-2.28-151.el8.x86_64.rpm 43f2ad16da1d1ba5ac0abf9bc2a21438d0a20567002cb56e11c2d3383484ce81
x86_64 nss_hesiod-2.28-151.el8.x86_64.rpm 95eae731e4b3ac372de3f5fcba61919c57de140a2a586aa2256d045f6f665efc
x86_64 glibc-static-2.28-151.el8.x86_64.rpm b9ae48f593fbc6377e9b09483fecbb433f8f7c218c0b7d21ad578cfeb623c77f
x86_64 glibc-nss-devel-2.28-151.el8.x86_64.rpm cf02e82989091960fddf6f0341d2a352e461d21f0e68b196e21c756f79c2e1bd
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.