File _patchinfo of Package patchinfo.3768

<patchinfo incident="3768">
  <issue id="927080" tracker="bnc">VUL-1: CVE-2015-1781: glibc: buffer length after padding in resolv/nss_dns/dns-host.c:getanswer_r</issue>
  <issue id="920338" tracker="bnc">VUL-1: glibc: Fix read past end of pattern in fnmatch</issue>
  <issue id="918187" tracker="bnc">VUL-0: CVE-2014-8121: glibc: denial of service issue in the NSS backends</issue>
  <issue id="917539" tracker="bnc">IPv6 nameserver fallback problems</issue>
  <issue id="CVE-2014-8121" tracker="cve" />
  <issue id="CVE-2015-1781" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>Andreas_Schwab</packager>
  <description>
glibc was updated to fix security issues and bugs:

- Separate internal state between getXXent and getXXbyYY NSS calls (CVE-2014-8121, bsc#918187, BZ #18007)
- Fix read past end of pattern in fnmatch (bsc#920338, BZ #17062, BZ #18032, BZ #18036)
- Fix buffer overflow in nss_dns (CVE-2015-1781, bsc#927080, BZ #18287)

Also this bug got fixed:
- Simplify handling of nameserver configuration in resolver (bsc#917539)
</description>
  <summary>Security update for glibc, glibc-testsuite, glibc-utils, glibc.i686</summary>
</patchinfo>
openSUSE Build Service is sponsored by