CentOS 6 ELS: glibc and java-1.8.0-openjdk packages have been scheduled for gradual rollout

New updated glibc and java-1.8.0-openjdk packages within CentOS 6 ELS have been scheduled for gradual rollout from our production repository.

Rollout slot: 2
Rolled out to: 0.1%
ETA for 100% rollout: August 3

CHANGELOG

glibc-2.12-2.213.el6.cloudlinux.els

• Fix avoid use-after-free vulnerability (CVE-2021-33574)
• Fix avoid out-of-bounds read via signed integer overflow in array index (CVE-2021-35942)
• Fix NULL pointer dereference (CVE-2021-38604)

java-1.8.0-openjdk-1.8.0.275.b01-1.el6.cloudlinux.els

• Fix incorrect comparison during range check elimination (CVE-2021-2388)

UPDATE COMMAND

yum update glibc*

yum update java-1.8.0-openjdk*

IMMEDIATE UPDATE (VIA BYPASS)

yum update glibc* --enablerepo=ELS6-rollout-2-bypass

yum update java-1.8.0-openjdk* --enablerepo=ELS6-rollout-2-bypass