glibc-2.12-1.212.3.1.AXS4
エラータID: AXSA:2021-1437:03
The glibc packages provide the standard C libraries (libc), POSIX thread
libraries (libpthread), standard math libraries (libm), and the name service
cache daemon (nscd) used by multiple programs on the system. Without these
libraries, the Linux system cannot function correctly.
Security Fix(es):
glibc: buffer over-read in iconv when processing invalid multi-byte input
sequences in the EUC-KR encoding (CVE-2019-25013)
glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl
functions (CVE-2020-10029)
glibc: stack-based buffer overflow if the input to any of the printf family
of functions is an 80-bit long double with a non-canonical bit pattern
(CVE-2020-29573)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.
CVE-2019-25013
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
CVE-2020-10029
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
CVE-2020-29573
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
Bug Fix(es):
glibc: 64bit_strstr_via_64bit_strstr_sse2_unaligned detection fails with
large device and inode numbers
glibc: Performance regression in ebizzy benchmark
Update packages.
The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read.
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
N/A
SRPMS
- glibc-2.12-1.212.3.1.AXS4.src.rpm
MD5: 25a6e99c0b32b883625a94426552ec3b
SHA-256: 1374c8c97851c579d5cfb7c4ff737d6d92f497a285dba96448f5b1058a91ae83
Size: 15.99 MB
Asianux Server 4 for x86
- glibc-2.12-1.212.3.1.AXS4.i686.rpm
MD5: 556be8efc83b22288bdf9a857e290d5d
SHA-256: 32fa23d50598ccd8c067c9b3f1866bc7dece1494088bbd5fe5fd582bc47e3555
Size: 4.36 MB - glibc-common-2.12-1.212.3.1.AXS4.i686.rpm
MD5: c1edf9368160b31b5d770375a0e523f2
SHA-256: 5c81adafad1236c83b324da04b3d45db4797d5a0b5d719a397cdebad37ca5ad8
Size: 14.22 MB - glibc-devel-2.12-1.212.3.1.AXS4.i686.rpm
MD5: 2c04d9b2d12e7ebe7b67c11e38edcff1
SHA-256: 017c83c10d016391e4309601b312a8794238bc66b5828182130f839b57fe55e0
Size: 0.97 MB - glibc-headers-2.12-1.212.3.1.AXS4.i686.rpm
MD5: e65c1b40c6aa0848ca1de258354a7cd5
SHA-256: 1e7d15c8570e4a7152c139d9182d9fd556b5ba31fcc282cf011fd24a242780fc
Size: 627.80 kB - glibc-utils-2.12-1.212.3.1.AXS4.i686.rpm
MD5: 682e261e75c04a4a02e1a7d67afcda93
SHA-256: e327d495ad15d031298116b9d6b6f18df64f12b2b6a53ce1be535e6c3dab4226
Size: 176.05 kB - nscd-2.12-1.212.3.1.AXS4.i686.rpm
MD5: 8c92257ff28c58b0e736f6e9fb2cf3b8
SHA-256: 3052901a6bcf3871abb9555b5e5ae3910bb4590e1a79ec07ed5efb38770d4959
Size: 230.72 kB
Asianux Server 4 for x86_64
- glibc-2.12-1.212.3.1.AXS4.x86_64.rpm
MD5: 58f052468f452744f5ea3132d795e0c3
SHA-256: 009b4d8f1cb0a9c914d1d10659e9e27d0b8070fd5a4224b14faa67d6e859ccef
Size: 3.82 MB - glibc-common-2.12-1.212.3.1.AXS4.x86_64.rpm
MD5: f0d95b9993a038994b0b5977091a3c76
SHA-256: 85784789445e188b589d66d4863fdf654d61ff1c93f61f18adad6b5b9c92c38e
Size: 14.23 MB - glibc-devel-2.12-1.212.3.1.AXS4.x86_64.rpm
MD5: d734e0d0c66da714e6131c4db4ed3bec
SHA-256: eb3e151b72ec748286d0ec1c506a43a866f0431a42af5c7c689f6620ffc709ad
Size: 0.97 MB - glibc-headers-2.12-1.212.3.1.AXS4.x86_64.rpm
MD5: 6ad4eec8c942598b44fd1e555b07ce0b
SHA-256: e76bdeddf941932510a55e051bc698f5af28bd41d539a02371728bfc94c59150
Size: 619.36 kB - glibc-utils-2.12-1.212.3.1.AXS4.x86_64.rpm
MD5: ce7d68786e365079ae4af637aef21ee2
SHA-256: 900db9bc6086a314bf67ce635663c9d3b477a0ee28b1528006db8b50cf0b664d
Size: 174.00 kB - nscd-2.12-1.212.3.1.AXS4.x86_64.rpm
MD5: c9ec0b51e2069e6a401709f23ffc2f04
SHA-256: 760e2eeb702f18a3f18b906798881c86051684f50f88992267ab6dd520826060
Size: 231.89 kB - glibc-2.12-1.212.3.1.AXS4.i686.rpm
MD5: 556be8efc83b22288bdf9a857e290d5d
SHA-256: 32fa23d50598ccd8c067c9b3f1866bc7dece1494088bbd5fe5fd582bc47e3555
Size: 4.36 MB - glibc-devel-2.12-1.212.3.1.AXS4.i686.rpm
MD5: 2c04d9b2d12e7ebe7b67c11e38edcff1
SHA-256: 017c83c10d016391e4309601b312a8794238bc66b5828182130f839b57fe55e0
Size: 0.97 MB
日本語