Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for glibc

This update for glibc fixes the following issues:

- glob-altdirfunc.patch: Do not copy d_name field of struct dirent
(CVE-2016-1234, boo#969727, BZ #19779)
- nss-dns-memleak-2.patch: fix memory leak in _nss_dns_gethostbyname4_r
(boo#973010)
- nss-dns-getnetbyname.patch: fix stack overflow in
_nss_dns_getnetbyname_r (CVE-2016-3075, boo#973164, BZ #19879)
- getaddrinfo-hostent-conv-stack-overflow.patch: getaddrinfo stack
overflow in hostent conversion (CVE-2016-3706, boo#980483, BZ #20010)
- clntudp-call-alloca.patch: do not use alloca in clntudp_call
(CVE-2016-4429, boo#980854, BZ #20112)

Fixed bugs
bnc#973164
VUL-0: CVE-2016-3075: glibc: Stack overflow in nss_dns_getnetbyname_r
bnc#980483
VUL-0: CVE-2016-3706: glibc: stack overflow in hostent translation
bnc#973010
SLES 11 SP4 - Memory leak in glibc-2.11.3-17.95.2 when resolving a non-existing DNSBL entry using getaddrinfo().
bnc#969727
VUL-1: CVE-2016-1234: glibc: buffer overflow in glob with GLOB_ALTDIRFUNC and crafted directory
bnc#980854
VUL-0: CVE-2016-4429: glibc: A stack frame overflow flaw was found in the glibc's clntudp_call
CVE-CVE-2016-3706
CVE-CVE-2016-4429
CVE-CVE-2016-1234
CVE-CVE-2016-3075
Selected Binaries
openSUSE Build Service is sponsored by
Places