[El-errata] ELSA-2015-0090 Critical: Oracle Linux 5 glibc security update

Tue Jan 27 18:19:47 PST 2015

Oracle Linux Security Advisory ELSA-2015-0090

https://rhn.redhat.com/errata/RHSA-2015-0090.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
glibc-2.5-123.0.1.el5_11.1.i386.rpm
glibc-2.5-123.0.1.el5_11.1.i686.rpm
glibc-common-2.5-123.0.1.el5_11.1.i386.rpm
glibc-devel-2.5-123.0.1.el5_11.1.i386.rpm
glibc-headers-2.5-123.0.1.el5_11.1.i386.rpm
glibc-utils-2.5-123.0.1.el5_11.1.i386.rpm
nscd-2.5-123.0.1.el5_11.1.i386.rpm

x86_64:
glibc-2.5-123.0.1.el5_11.1.i686.rpm
glibc-2.5-123.0.1.el5_11.1.x86_64.rpm
glibc-common-2.5-123.0.1.el5_11.1.x86_64.rpm
glibc-devel-2.5-123.0.1.el5_11.1.i386.rpm
glibc-devel-2.5-123.0.1.el5_11.1.x86_64.rpm
glibc-headers-2.5-123.0.1.el5_11.1.x86_64.rpm
glibc-utils-2.5-123.0.1.el5_11.1.x86_64.rpm
nscd-2.5-123.0.1.el5_11.1.x86_64.rpm

ia64:
glibc-2.5-123.0.1.el5_11.1.i686.rpm
glibc-2.5-123.0.1.el5_11.1.ia64.rpm
glibc-common-2.5-123.0.1.el5_11.1.ia64.rpm
glibc-devel-2.5-123.0.1.el5_11.1.ia64.rpm
glibc-headers-2.5-123.0.1.el5_11.1.ia64.rpm
glibc-utils-2.5-123.0.1.el5_11.1.ia64.rpm
nscd-2.5-123.0.1.el5_11.1.ia64.rpm

SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/glibc-2.5-123.0.1.el5_11.1.src.rpm

Description of changes:

[2.5-123.0.1.el5_11.1]
- Switch to use malloc when the input line is too long [Orabug 19951108]
- Use a /sys/devices/system/cpu/online for _SC_NPROCESSORS_ONLN 
implementation [Orabug 17642251] (Joe Jin)

[2.5-123.1]
- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183532).

glibc-devel-2.5-123.0.1.el5_11.1.ia64.rpm
glibc-headers-2.5-123.0.1.el5_11.1.ia64.rpm
glibc-utils-2.5-123.0.1.el5_11.1.ia64.rpm
nscd-2.5-123.0.1.el5_11.1.ia64.rpm

SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/glibc-2.5-123.0.1.el5_11.1.src.rpm

Description of changes:

[2.5-123.0.1.el5_11.1]
- Switch to use malloc when the input line is too long [Orabug 19951108]
- Use a /sys/devices/system/cpu/online for _SC_NPROCESSORS_ONLN 
implementation [Orabug 17642251] (Joe Jin)

[2.5-123.1]
- Fix parsing of numeric hosts in gethostbyname_r (CVE-2015-0235, #1183532).