{"id":"MGASA-2021-0053","summary":"Updated glibc packages fix security vulnerability","details":"Security fixes:\n- fix buffer overrun in EUC-KR conversion module [bz #2497] (CVE-2019-25013)\n- arm: CVE-2020-6096: Fix multiarch memcpy for negative length [BZ #25620]\n- arm: CVE-2020-6096: fix memcpy and memmove for negative length [BZ #25620]\n- iconv: Fix incorrect UCS4 inner loop bounds [BZ #26923] (CVE-2020-29562)\nother upstream fixes:\n- libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]\n- string.h: Define __CORRECT_ISO_CPP_STRING_H_PROTO for Clang [BZ #25232]\n- misc/test-errno-linux: Handle EINVAL from quotactl\n- nss_compat: internal_end*ent may clobber errno, hiding ERANGE [BZ #25976]\n- Fix avx2 strncmp offset compare condition check [BZ #25933]\n- AArch64: Align ENTRY to a cacheline\n- AArch64: Add optimized Q-register memcpy\n- AArch64: Improve backwards memmove performance\n- AArch64: Rename IS_ARES to IS_NEOVERSE_N1\n- AArch64: Increase small and medium cases for __memcpy_generic\n- AArch64: Improve integer memcpy\n- AArch64: Use __memcpy_simd on Neoverse N2/V1\n- AArch64: Fix DT_AARCH64_VARIANT_PCS handling [BZ #26798]\n- AArch64: fix stack missing after sp is updated\n- x86-64: Avoid rep movsb with short distance [BZ #27130]\n- x86: Assume --enable-cet if GCC defaults to CET [BZ #25225]\n- x86: Check IFUNC definition in unrelocated executable [BZ #20019]\n- x86: Set header.feature_1 in TCB for always-on CET [BZ #27177]\n- Fix parsing of /sys/devices/system/cpu/online [BZ #25859]\n- Use O_CLOEXEC in sysconf [BZ #26791]\n","modified":"2026-02-02T15:06:40.664165Z","published":"2021-01-24T00:36:09Z","related":["CVE-2019-25013","CVE-2020-29562","CVE-2020-6096"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0053.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28161"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/4Y6TX47P47KABSFOL26FLDNVCWXDKDEZ/"}],"affected":[{"package":{"name":"glibc","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/glibc?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.29-21.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0053.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}