Synopsis

glibc security update

Type/Severity

Security Advisory: Low

Topic

Updated glibc packages that address several bugs and implement some
enhancements are now available.

Description

The GNU libc packages (known as glibc) contain the standard C libraries
used by applications.

This errata fixes several bugs in the GNU C Library.

Fixes include (in addition to enclosed Bugzilla entries):

• fixed 32-bit atomic operations on 64-bit powerpc
  
• fixed -m32 -I /usr/include/nptl compilation on AMD64
  
• NPTL should now be usable in C++ code or -pedantic -std=c89 C
  
• rwlocks are now available also in the _POSIX_C_SOURCE=200112L namespace
  
• pthread_once is no longer throw(), as the callback routine might throw
  
• pthread_create now correctly returns EAGAIN when thread couldn't be
  created because of lack of memory
  
• fixed NPTL stack freeing in case of pthread_create failure with detached
  thread
  
• fixed pthread_mutex_timedlock on i386 and AMD64
  
• Itanium gp saving fix in linuxthreads
  
• fixed s390/s390x unwinding tests done during cancellation if stack frames
  are small
  
• fixed fnmatch(3) backslash handling
  
• fixed out of memory behaviour of syslog(3)
  
• resolver ID randomization
  
• fixed fim (NaN, NaN)
  
• glob(3) fixes for dangling symlinks
  
• catchsegv fixed to work with both 32-bit and 64-bit binaries on x86-64,
  s390x and ppc
  
• fixed reinitialization of _res when using NPTL stack cache
  
• updated bug reporting instructions, removed glibcbug script
  
• fixed infinite loop in iconv with some options
  
• fixed inet_aton return value
  
• CPU friendlier busy waiting in linuxthreads on EM64T and IA-64
  
• avoid blocking/masking debug signal in linuxthreads
  
• fixed locale program output when neither LC_ALL nor LANG is set
  
• fixed using of unitialized memory in localedef
  
• fixed mntent_r escape processing
  
• optimized mtrace script
  
• linuxthread_db fixes on ppc64
  
• cfi instructions in x86-64 linuxthreads vfork
  
• some _POSIX_C_SOURCE=200112L namespace fixes
  

All users of glibc should upgrade to these updated packages, which resolve
these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

• Red Hat Enterprise Linux Server 3 x86_64
• Red Hat Enterprise Linux Server 3 ia64
• Red Hat Enterprise Linux Server 3 i386
• Red Hat Enterprise Linux Workstation 3 x86_64
• Red Hat Enterprise Linux Workstation 3 ia64
• Red Hat Enterprise Linux Workstation 3 i386
• Red Hat Enterprise Linux Desktop 3 x86_64
• Red Hat Enterprise Linux Desktop 3 i386
• Red Hat Enterprise Linux for IBM z Systems 3 s390x
• Red Hat Enterprise Linux for IBM z Systems 3 s390
• Red Hat Enterprise Linux for Power, big endian 3 ppc

Fixes

• BZ - 103415 - Weird string in date printing
• BZ - 116428 - RHEL3 U4: statfs64
• BZ - 118574 - malloc exhausts memory to fast in mulithreaded program
• BZ - 123583 - getnameinfo does not use /etc/hosts for lookup of V4MAPPED addresses
• BZ - 127606 - __builtin_expect's prototype does not expect int args; assert feeds it just that
• BZ - 130254 - glibc's traceback() fails when called from an exception handler
• BZ - 132204 - glibc-nis-performance.patch causes gdm to hang
• BZ - 132654 - LTC10984 - 1.3.1 Linux JVM hanging on RedHat EL 3 update 3
• BZ - 132816 - glibc in RHEL 3 needs to have syslog.c updated to cvs version 1.42
• BZ - 135234 - Problem with gethostbyaddr with latest UDP
• BZ - 136318 - CAN-2004-0968 temporary file vulnerabilities in catchsegv script
• BZ - 136726 - RHEL3 U5: execvp fails if ENODEV encountered during PATH search

CVEs

• CVE-2004-0968

References

(none)

This erratum does not contain any packages.