glibc-2.17-317.el7
エラータID: AXSA:2020-551:04
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.
Security Fix(es):
* glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 7.9 Release Notes linked from the References section.
CVE-2019-19126
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
Update packages.
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.
N/A
SRPMS
- glibc-2.17-317.el7.src.rpm
MD5: a33c85d8347b110dc6ff84f6c540e120
SHA-256: 26c2c5d0e5d0a1dd53b8572c84f1ed53d7eafaad18d90d31db36097f7be8d413
Size: 25.19 MB
Asianux Server 7 for x86_64
- glibc-2.17-317.el7.x86_64.rpm
MD5: acc03806d6651835fe9c9bbb5e8655c2
SHA-256: 5dfe82b52083b6764655fe28aebc0757e4f5f7bbee6046a1dc236f6ec20cfacf
Size: 3.64 MB - glibc-common-2.17-317.el7.x86_64.rpm
MD5: e3c1c0f73515142503dbb49940ebcea2
SHA-256: 30bd9a3c620c71fcda6eba2c1d7de5a106f68cc6d758720bea408ec7e0277a0a
Size: 11.50 MB - glibc-devel-2.17-317.el7.x86_64.rpm
MD5: debdc2720f04a0883e9d93926d08d069
SHA-256: 53e7f66450ef8fad3e21c6878067f74c7666c22e58163e8117dcecd4e56ea693
Size: 1.07 MB - glibc-headers-2.17-317.el7.x86_64.rpm
MD5: 8fe484c4fd15e2d7237a3821d1be2e7c
SHA-256: e144d2a72f8e5fe55f7f3bf550eae783d8634697cf4ac5aec0af11e0bbc261b9
Size: 688.92 kB - glibc-utils-2.17-317.el7.x86_64.rpm
MD5: 185c19c5516f308df0f0fe8e791b5a79
SHA-256: d528664bda84a4c454a49a14f51599cdc2b752a7fa710c336c8c082ae7a70161
Size: 227.27 kB - nscd-2.17-317.el7.x86_64.rpm
MD5: f6dab70187650b3a3aea55f61c86e0c5
SHA-256: e9aa650c722adf4ec1093ac96d723f11c9c34c34304bce877ce04c04a0674f61
Size: 286.74 kB - glibc-2.17-317.el7.i686.rpm
MD5: 1eed58178693a76b157c37eddc1e0821
SHA-256: decf41fcee6d03a9c82301f20d34fa51e6589dd11621a5168f641780d4e3da8e
Size: 4.26 MB - glibc-devel-2.17-317.el7.i686.rpm
MD5: 03406e0b83055e01f7a2bf3dda6af3f7
SHA-256: b5bc9a5c3eeca2607287f8cc942699e781208d0810d7a950643a023dc499ce0b
Size: 1.08 MB