I am sure by now you have heard about the bug.
Reboot Required!
Need to update to release el6_7.7 if you are on OEL 6
glibc-2.12-1.166.el6_7.7.x86_64.rpm
glibc-common-2.12-1.166.el6_7.7.x86_64.rpm
glibc-devel-2.12-1.166.el6_7.7.i686.rpm
glibc-devel-2.12-1.166.el6_7.7.x86_64.rpm
glibc-headers-2.12-1.166.el6_7.7.x86_64.rpm
nscd-2.12-1.166.el6_7.7.x86_64.rpm
glibc-devel-2.12-1.166.el6_7.7.i686.rpm
glibc-2.12-1.166.el6_7.7.i686.rpm
http://linux.oracle.com/errata/ELSA-2016-0175.html
You can also use the following commands to verify RPMs for CVE_2015_7547
There are two dashes (- -) for cve.
$ yum list –cve=2015_7547|egrep ‘^glibc|^nscd’|sort
Skipping security plugin, other command
glibc-common.x86_64 2.12-1.166.el6_7.7 @public_ol6_latest
glibc-devel.i686 2.12-1.166.el6_7.7 @public_ol6_latest
glibc-devel.x86_64 2.12-1.166.el6_7.7 @public_ol6_latest
glibc-headers.x86_64 2.12-1.166.el6_7.7 @public_ol6_latest
glibc.i686 2.12-1.166.el6_7.7 @public_ol6_latest
glibc-static.i686 2.12-1.166.el6_7.7 public_ol6_latest
glibc-static.x86_64 2.12-1.166.el6_7.7 public_ol6_latest
glibc-utils.x86_64 2.12-1.166.el6_7.7 public_ol6_latest
glibc.x86_64 2.12-1.166.el6_7.7 @public_ol6_latest
nscd.x86_64 2.12-1.166.el6_7.7 public_ol6_latest
Note that it is not necessary to relink any binaries after this update.
Reference: glibc vulnerability (CVE-2015-7547) patch availability for Oracle Exadata Database Machine (Doc ID 2108582.1)
Assumption being made if relink is not required for Exadata, then it is not required for Non-Exadata as well.
Be safe and verify with Oracle support and let me know too please.
$ cat /etc/oracle-release
Oracle Linux Server release 6.6
$ rpm -qa –queryformat=”%{name}-%{version}-%{release}.%{arch}\n” | egrep ‘glibc|nscd’
glibc-devel-2.12-1.149.el6_6.9.i686
glibc-common-2.12-1.149.el6_6.9.x86_64
glibc-2.12-1.149.el6_6.9.i686
glibc-headers-2.12-1.149.el6_6.9.x86_64
glibc-devel-2.12-1.149.el6_6.9.x86_64
glibc-2.12-1.149.el6_6.9.x86_64
[root@arrow ~]# yum update glibc
Loaded plugins: refresh-packagekit, security
Setting up Update Process
public_ol6_UEKR3_latest | 1.2 kB 00:00
public_ol6_UEKR3_latest/primary | 22 MB 00:10
public_ol6_UEKR3_latest 559/559
public_ol6_latest | 1.4 kB 00:00
public_ol6_latest/primary | 55 MB 00:24
public_ol6_latest 33290/33290
Resolving Dependencies
--> Running transaction check
---> Package glibc.i686 0:2.12-1.149.el6_6.9 will be updated
--> Processing Dependency: glibc = 2.12-1.149.el6_6.9 for package: glibc-common-2.12-1.149.el6_6.9.x86_64
--> Processing Dependency: glibc = 2.12-1.149.el6_6.9 for package: glibc-devel-2.12-1.149.el6_6.9.i686
--> Processing Dependency: glibc = 2.12-1.149.el6_6.9 for package: glibc-headers-2.12-1.149.el6_6.9.x86_64
--> Processing Dependency: glibc = 2.12-1.149.el6_6.9 for package: glibc-devel-2.12-1.149.el6_6.9.x86_64
---> Package glibc.x86_64 0:2.12-1.149.el6_6.9 will be updated
---> Package glibc.i686 0:2.12-1.166.el6_7.7 will be an update
---> Package glibc.x86_64 0:2.12-1.166.el6_7.7 will be an update
--> Running transaction check
---> Package glibc-common.x86_64 0:2.12-1.149.el6_6.9 will be updated
---> Package glibc-common.x86_64 0:2.12-1.166.el6_7.7 will be an update
---> Package glibc-devel.i686 0:2.12-1.149.el6_6.9 will be updated
---> Package glibc-devel.x86_64 0:2.12-1.149.el6_6.9 will be updated
---> Package glibc-devel.i686 0:2.12-1.166.el6_7.7 will be an update
---> Package glibc-devel.x86_64 0:2.12-1.166.el6_7.7 will be an update
---> Package glibc-headers.x86_64 0:2.12-1.149.el6_6.9 will be updated
---> Package glibc-headers.x86_64 0:2.12-1.166.el6_7.7 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================================
Updating:
glibc i686 2.12-1.166.el6_7.7 public_ol6_latest 4.3 M
glibc x86_64 2.12-1.166.el6_7.7 public_ol6_latest 3.8 M
Updating for dependencies:
glibc-common x86_64 2.12-1.166.el6_7.7 public_ol6_latest 14 M
glibc-devel i686 2.12-1.166.el6_7.7 public_ol6_latest 986 k
glibc-devel x86_64 2.12-1.166.el6_7.7 public_ol6_latest 986 k
glibc-headers x86_64 2.12-1.166.el6_7.7 public_ol6_latest 615 k
Transaction Summary
=============================================================================================================================================================
Upgrade 6 Package(s)
Total download size: 25 M
Is this ok [y/N]: y
Downloading Packages:
(1/6): glibc-2.12-1.166.el6_7.7.i686.rpm | 4.3 MB 00:02
(2/6): glibc-2.12-1.166.el6_7.7.x86_64.rpm | 3.8 MB 00:02
(3/6): glibc-common-2.12-1.166.el6_7.7.x86_64.rpm | 14 MB 00:05
(4/6): glibc-devel-2.12-1.166.el6_7.7.i686.rpm | 986 kB 00:00
(5/6): glibc-devel-2.12-1.166.el6_7.7.x86_64.rpm | 986 kB 00:00
(6/6): glibc-headers-2.12-1.166.el6_7.7.x86_64.rpm | 615 kB 00:00
-------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 1.8 MB/s | 25 MB 00:13
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : glibc-common-2.12-1.166.el6_7.7.x86_64 1/12
Updating : glibc-2.12-1.166.el6_7.7.x86_64 2/12
Updating : glibc-headers-2.12-1.166.el6_7.7.x86_64 3/12
Updating : glibc-2.12-1.166.el6_7.7.i686 4/12
Updating : glibc-devel-2.12-1.166.el6_7.7.i686 5/12
Updating : glibc-devel-2.12-1.166.el6_7.7.x86_64 6/12
Cleanup : glibc-devel-2.12-1.149.el6_6.9 7/12
Cleanup : glibc-devel-2.12-1.149.el6_6.9 8/12
Cleanup : glibc-2.12-1.149.el6_6.9 9/12
Cleanup : glibc-headers-2.12-1.149.el6_6.9.x86_64 10/12
Cleanup : glibc-2.12-1.149.el6_6.9 11/12
Cleanup : glibc-common-2.12-1.149.el6_6.9.x86_64 12/12
Verifying : glibc-2.12-1.166.el6_7.7.i686 1/12
Verifying : glibc-devel-2.12-1.166.el6_7.7.i686 2/12
Verifying : glibc-headers-2.12-1.166.el6_7.7.x86_64 3/12
Verifying : glibc-devel-2.12-1.166.el6_7.7.x86_64 4/12
Verifying : glibc-2.12-1.166.el6_7.7.x86_64 5/12
Verifying : glibc-common-2.12-1.166.el6_7.7.x86_64 6/12
Verifying : glibc-headers-2.12-1.149.el6_6.9.x86_64 7/12
Verifying : glibc-2.12-1.149.el6_6.9.x86_64 8/12
Verifying : glibc-common-2.12-1.149.el6_6.9.x86_64 9/12
Verifying : glibc-devel-2.12-1.149.el6_6.9.x86_64 10/12
Verifying : glibc-2.12-1.149.el6_6.9.i686 11/12
Verifying : glibc-devel-2.12-1.149.el6_6.9.i686 12/12
Updated:
glibc.i686 0:2.12-1.166.el6_7.7 glibc.x86_64 0:2.12-1.166.el6_7.7
Dependency Updated:
glibc-common.x86_64 0:2.12-1.166.el6_7.7 glibc-devel.i686 0:2.12-1.166.el6_7.7 glibc-devel.x86_64 0:2.12-1.166.el6_7.7
glibc-headers.x86_64 0:2.12-1.166.el6_7.7
Complete!
[root@arrow ~]#
[root@arrow ~]# init 6
[root@arrow ~]#
$ rpm -qa –queryformat=”%{name}-%{version}-%{release}.%{arch}\n” | egrep ‘glibc|nscd’
glibc-devel-2.12-1.166.el6_7.7.i686
glibc-headers-2.12-1.166.el6_7.7.x86_64
glibc-2.12-1.166.el6_7.7.x86_64
glibc-devel-2.12-1.166.el6_7.7.x86_64
glibc-common-2.12-1.166.el6_7.7.x86_64
glibc-2.12-1.166.el6_7.7.i686
$ rpm -qa –queryformat=”%{name}-%{release}.%{arch}\n” | egrep ‘glibc|nscd’
oracle@arrow:hawklas:/home/oracle
glibc-devel-1.166.el6_7.7.i686
glibc-headers-1.166.el6_7.7.x86_64
glibc-1.166.el6_7.7.x86_64
glibc-devel-1.166.el6_7.7.x86_64
glibc-common-1.166.el6_7.7.x86_64
glibc-1.166.el6_7.7.i686
