Security update for glibc
SUSE Security Update: Security update for glibc
glibc has been updated to fix security issues:
* Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040,
CVE-2012-6656, bsc#894553, bsc#894556, GLIBC BZ #17325, GLIBC BZ
#14134)
* Fixed a stack overflow during hosts parsing (CVE-2013-4357)
* Copy filename argument in posix_spawn_file_actions_addopen
(CVE-2014-4043, bsc#882600, BZ #17048)
Security Issues:
* CVE-2014-6040
* CVE-2012-6656
* CVE-2013-4357
Announcement ID: | SUSE-SU-2015:0170-1 |
Rating: | moderate |
References: | #844309 #882600 #894553 #894556 |
Affected Products: |
An update that solves three vulnerabilities and has one errata is now available.
Description:
glibc has been updated to fix security issues:
* Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040,
CVE-2012-6656, bsc#894553, bsc#894556, GLIBC BZ #17325, GLIBC BZ
#14134)
* Fixed a stack overflow during hosts parsing (CVE-2013-4357)
* Copy filename argument in posix_spawn_file_actions_addopen
(CVE-2014-4043, bsc#882600, BZ #17048)
Security Issues:
* CVE-2014-6040
* CVE-2012-6656
* CVE-2013-4357
Package List:
- SUSE Linux Enterprise Server 10 SP4 LTSS (i586 i686 s390x x86_64):
- glibc-2.4-31.115.2
- glibc-devel-2.4-31.115.2
- SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64):
- glibc-html-2.4-31.115.2
- glibc-i18ndata-2.4-31.115.2
- glibc-info-2.4-31.115.2
- glibc-locale-2.4-31.115.2
- glibc-profile-2.4-31.115.2
- nscd-2.4-31.115.2
- SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64):
- glibc-32bit-2.4-31.115.2
- glibc-devel-32bit-2.4-31.115.2
- glibc-locale-32bit-2.4-31.115.2
- glibc-profile-32bit-2.4-31.115.2
References:
- http://support.novell.com/security/cve/CVE-2012-6656.html
- http://support.novell.com/security/cve/CVE-2013-4357.html
- http://support.novell.com/security/cve/CVE-2014-6040.html
- https://bugzilla.suse.com/show_bug.cgi?id=844309
- https://bugzilla.suse.com/show_bug.cgi?id=882600
- https://bugzilla.suse.com/show_bug.cgi?id=894553
- https://bugzilla.suse.com/show_bug.cgi?id=894556
- http://download.suse.com/patch/finder/?keywords=1ccbe69cba5cc8835258525263c85657