glibc-2.17-317.el7

エラータID: AXSA:2020-551:04

Release date: 
Saturday, October 3, 2020 - 14:01
Subject: 
glibc-2.17-317.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Low
Description: 

The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.

Security Fix(es):

* glibc: LD_PREFER_MAP_32BIT_EXEC not ignored in setuid binaries (CVE-2019-19126)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 7.9 Release Notes linked from the References section.

CVE-2019-19126
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. glibc-2.17-317.el7.src.rpm
    MD5: a33c85d8347b110dc6ff84f6c540e120
    SHA-256: 26c2c5d0e5d0a1dd53b8572c84f1ed53d7eafaad18d90d31db36097f7be8d413
    Size: 25.19 MB

Asianux Server 7 for x86_64
  1. glibc-2.17-317.el7.x86_64.rpm
    MD5: acc03806d6651835fe9c9bbb5e8655c2
    SHA-256: 5dfe82b52083b6764655fe28aebc0757e4f5f7bbee6046a1dc236f6ec20cfacf
    Size: 3.64 MB
  2. glibc-common-2.17-317.el7.x86_64.rpm
    MD5: e3c1c0f73515142503dbb49940ebcea2
    SHA-256: 30bd9a3c620c71fcda6eba2c1d7de5a106f68cc6d758720bea408ec7e0277a0a
    Size: 11.50 MB
  3. glibc-devel-2.17-317.el7.x86_64.rpm
    MD5: debdc2720f04a0883e9d93926d08d069
    SHA-256: 53e7f66450ef8fad3e21c6878067f74c7666c22e58163e8117dcecd4e56ea693
    Size: 1.07 MB
  4. glibc-headers-2.17-317.el7.x86_64.rpm
    MD5: 8fe484c4fd15e2d7237a3821d1be2e7c
    SHA-256: e144d2a72f8e5fe55f7f3bf550eae783d8634697cf4ac5aec0af11e0bbc261b9
    Size: 688.92 kB
  5. glibc-utils-2.17-317.el7.x86_64.rpm
    MD5: 185c19c5516f308df0f0fe8e791b5a79
    SHA-256: d528664bda84a4c454a49a14f51599cdc2b752a7fa710c336c8c082ae7a70161
    Size: 227.27 kB
  6. nscd-2.17-317.el7.x86_64.rpm
    MD5: f6dab70187650b3a3aea55f61c86e0c5
    SHA-256: e9aa650c722adf4ec1093ac96d723f11c9c34c34304bce877ce04c04a0674f61
    Size: 286.74 kB
  7. glibc-2.17-317.el7.i686.rpm
    MD5: 1eed58178693a76b157c37eddc1e0821
    SHA-256: decf41fcee6d03a9c82301f20d34fa51e6589dd11621a5168f641780d4e3da8e
    Size: 4.26 MB
  8. glibc-devel-2.17-317.el7.i686.rpm
    MD5: 03406e0b83055e01f7a2bf3dda6af3f7
    SHA-256: b5bc9a5c3eeca2607287f8cc942699e781208d0810d7a950643a023dc499ce0b
    Size: 1.08 MB