MGASA-2019-0349

Updated glibc packages fixes the following security issue:

On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for a setuid program (CVE-2019-19126).

Other upstream fixes in this update: - Call dlopencheck after relocation [BZ #24259] - support: Export bindir path on supportpath - nssdb: fix endent wrt NULL mappings [BZ #24695] [BZ #24696] - elf: Refuse to dlopen PIE objects [BZ #24323] - Fix alignment of TLS variables for tls variant TLSTCBATTP [BZ #23403] - Fix assertion in malloc.c:tcacheget - Small tcache improvements - malloc: Remove unwanted leading whitespace in mallocinfo [BZ #24867] - malloc: Fix missing accounting of top chunk in mallocinfo [BZ #24026] - Add glibc.malloc.mxfast tunable - malloc: Various cleanups for malloc/tst-mxfast - Base maxfast on alignment, not width, of bins [BZ #24903] - Linux: Use in-tree copy of SO_ constants for !_USEMISC [BZ #24532]