MGASA-2023-0270

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0270.html

Import Source

https://advisories.mageia.org/MGASA-2023-0270.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2023-0270

Related

Published

2023-09-27T16:31:30Z

Modified

2023-09-27T14:45:23Z

Summary

Updated glibc packages fix security and other bugs

Details

getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806)

Stack read overflow with large TCP responses in no-aaaa mode (CVE-2023-4527)

elf: Introduce to dlcallfini elf: Do not run constructors for proxy objects elf: Always call destructors in reverse constructor order [BZ #30785] elf: Remove unused ltextend field from struct linkmap elf: Move linitcallednext to old place of ltextend in link map elf: Fix slow tls access after dlopen [BZ #19924] intl: Treat C.UTF-8 locale like C locale [BZ# 16621] x86: Increase nontemporalthreshold to roughly "sizeofL3 / 4" x86: Fix slight bug in sharedperthread cache size calculation x86: Use 3/4*sizeof(per-thread-L3) as low bound for NT threshold x86: Fix incorrect scope of setting sharedperthread [BZ #30745]

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / glibc

Package

Name: glibc
Purl: pkg:rpm/mageia/glibc?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.36-49.mga9

Ecosystem specific

{
    "section": "core"
}