RHBA-2011:0646 - Bug Fix Advisory

Topic

Updated coreutils packages that fix several bugs are now available.

Description

The coreutils package contains the core GNU utilities. It is the
combination of the old GNU fileutils, sh-utils, and textutils packages.

These updated packages fix the following bugs:

• The su utility was previously not built with PIE and RELRO enabled,

as they were in Red Hat Enterprise Linux 5. In this update, it is built
as a PIE executable and is using RELRO protection. (BZ#630017)

• Previously, when reading a line longer than 16KiB, the tac utility

reallocated its primary buffer. Before exiting, the tac utility tried
to free the already freed original buffer, which caused a utility crash
after a double free error displayed. This was fixed and the tac utility
no longer frees an already freed buffer. (BZ#628212)

• Previously, the hardware control flow, DTRDSR, was implemented via

TC{SG}ETX. This was changed to TC{SG}ET ioctl, which caused the CDTRDSR
support in stty to fail. This was fixed to allow stty to correctly handle
CDTRDSR control flow. (BZ#598631)

• Previously, the internalization patch for coreutils had an unsafe

initialization of char* bufops that left bufops uninitialized or
initialized to NULL on the first usage. This behavior called memmove
from an incorrect address, namely from address 0 and size 0. This is now
fixed and bufops is correctly initialized for the first use. (BZ#683799)

• Previously, when the multibyte LC_TIME differed from LC_CTYPE, an

assertion failure caused the sort utility to crash irrespective of the
parameters provided to it. This is fixed to prevent a crash when the sort
utility is run and now works as expected. (BZ#649224)

• Previously, the information page about 8-bit octal values did not

mention checking if the value was lower than 256. Due to this, when a
command like "/bin/echo -e '\0610'" was used, the results were not
accurate. This is now fixed to provide more accurate information about
the behavior of octal values. (BZ#660033)

• Previously, when the dd utility used pipes, it read and wrote partial

blocks. When the size of the block written was shorter than the specified
maximum output block size, the "oflag=direct" would turn off, which
resulted in degraded I/O performance. The workaround for this behavior,
which involves the addition of "iflag=fullblock" is now available in the
information documentation. (BZ#614605)

• Previously, the coreutils information page was not sufficiently

clear about behavior when multiple parent and leaf node directories are
created. This is now fixed to incorporate additional information in the
coreutils information page about the @option mode and its behavior when
combined with the --parents option. (BZ609262)

• Previously, documentation for tail command's --sleep-interval option

did not outline the results of inotify support. This is now fixed and
the documentation states that with inotify support, the --sleep-interval
option is only relevant when the tail command reverts to the old
polling-based method. (BZ#662900)

All coreutils users are advised to upgrade to these updated packages,
which resolve these issues.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for IBM z Systems 6 s390x
• Red Hat Enterprise Linux for Power, big endian 6 ppc64
• Red Hat Enterprise Linux for Scientific Computing 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x

Fixes

• BZ - 598631 - stty incorrectly reports cdtrdsr
• BZ - 609262 - mkdir info page update
• BZ - 614605 - [Intel 6.1 Bug] direct IO with dd seems broken compared to RHEL 5.4
• BZ - 628212 - tac has a double-free bug (input line longer than 16KiB)
• BZ - 649224 - [abrt] sort - segfault with LC_TIME different from other multibyte locales
• BZ - 660033 - "echo -e '\0610'" behaves unexpectedly - info doc change
• BZ - 662900 - [6.0] Document rare usefulness of tail command's option --sleep-interval due inotify support
• BZ - 683799 - Unsafe initialization of bufpos in i18n patch

CVEs

(none)

References

(none)