Security and bugfixes, advisory will follow:
- getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806)
- Stack read overflow with large TCP responses in no-aaaa mode (CVE-2023-4527)
- elf: Introduce to _dl_call_fini
- elf: Do not run constructors for proxy objects
- elf: Always call destructors in reverse constructor order [BZ #30785]
- elf: Remove unused l_text_end field from struct link_map
- elf: Move l_init_called_next to old place of l_text_end in link map
- elf: Fix slow tls access after dlopen [BZ #19924]
- intl: Treat C.UTF-8 locale like C locale [BZ# 16621]
- x86: Increase non_temporal_threshold to roughly "sizeof_L3 / 4"
- x86: Fix slight bug in shared_per_thread cache size calculation
- x86: Use 3/4*sizeof(per-thread-L3) as low bound for NT threshold
- x86: Fix incorrect scope of setting shared_per_thread [BZ# 30745]
AMD Phenom II X4 910, AMD HD 8490 graphics, Atheros wifi, MGA9-64 Plasma system.
No installation issues. No new issues with the reboot, continued failure of the rtl8192eu module to build. (bug 32200) Checked this and that after the reboot, with no issues to report.
mga9-64: clean update of existing packages
Also in same session installed kernel and all other stuff from testing.
A day and a couple reboots since, no problems noted.
Intel i7-870, nvidia-current on GTX750, Plasma
Tested on a Sony Vaio E Series notebook, Intel i5 4core, KDE Plasma amd64
Other stuff from QA Testing
The System has a AMD/ATI graphic card. It is momentarily disabled (nomodeset) due to misfunction or overheating.
KDE Plasma on Qemu/KVM, Virt-Manger
Host is Fedora 38
No regression found.
The error message from https://bugs.mageia.org/show_bug.cgi?id=31909
is still present.
No regression, no showstopper, as the transaction is complete and without error.
MGA9-32 Xfce on Foolishness, my Dell Inspiron 5100, P4, Radeon RV200 graphics. No installation issues, and no regressions noted.
MGA9-64 Plasma on an HP Pavilion 15, AMD A8-4555, AMD HD 7600G graphics. No installation issues, and no regressions noted.
Giving this an OK on both arches, and validating.
Advisory uploaded, not assigned to sysadmin team, because I'm not a QA team member.
Note that this update might cause a different vulnerability in the GNU C Library
MGA9-64-OK MGA9-32-OK =>
MGA9-64-OK MGA9-32-OK advisoryKeywords:
Update reuest: glibc-2.36-49.mga9 =>
Update request: glibc-2.36-49.mga9CC:
MGA9-64-OK MGA9-32-OK advisory =>
(In reply to Marja Van Waes from comment #7)
> Advisory uploaded, not assigned to sysadmin team, because I'm not a QA team
Looking over other resolved updates, it appears that they are rarely re-assigned from QA. sysadmin-bugs is CCed automatically when the update is verified, and that seems to be enough.