Synopsis: Moderate: glibc security and bug fix update
Advisory ID: SLSA-2021:0348-1
Issue Date: 2021-02-02
CVE Numbers: CVE-2020-10029
CVE-2020-29573
CVE-2019-25013
—
Security Fix(es):
* glibc: buffer over-read in iconv when processing invalid multi-byte
input sequences in the EUC-KR encoding (CVE-2019-25013)
* glibc: stack corruption from crafted input in cosl, sinl, sincosl, and
tanl functions (CVE-2020-10029)
* glibc: stack-based buffer overflow if the input to any of the printf
family of functions is an 80-bit long double with a non-canonical bit
pattern (CVE-2020-29573)
Bug Fix(es):
* glibc: 64bit_strstr_via_64bit_strstr_sse2_unaligned detection fails with
large device and inode numbers
* glibc: Performance regression in ebizzy benchmark
—
SL7
x86_64
glibc-2.17-322.el7_9.i686.rpm
glibc-2.17-322.el7_9.x86_64.rpm
glibc-common-2.17-322.el7_9.x86_64.rpm
glibc-debuginfo-2.17-322.el7_9.i686.rpm
glibc-debuginfo-2.17-322.el7_9.x86_64.rpm
glibc-debuginfo-common-2.17-322.el7_9.i686.rpm
glibc-debuginfo-common-2.17-322.el7_9.x86_64.rpm
glibc-devel-2.17-322.el7_9.i686.rpm
glibc-devel-2.17-322.el7_9.x86_64.rpm
glibc-headers-2.17-322.el7_9.x86_64.rpm
glibc-utils-2.17-322.el7_9.x86_64.rpm
nscd-2.17-322.el7_9.x86_64.rpm
glibc-static-2.17-322.el7_9.i686.rpm
glibc-static-2.17-322.el7_9.x86_64.rpm
– Scientific Linux Development Team
