Overview

File _patchinfo of Package patchinfo.4900

<patchinfo incident="4900">
  <issue id="1038690" tracker="bnc">LTP openat03/open13 testcases fail and show difference between ppc64le and x86_64</issue>
  <issue id="986858" tracker="bnc">nscd 100% cpu utilization when ldap user authenticates</issue>
  <issue id="1039357" tracker="bnc">CVE-2017-1000366: glibc: Qualys new root/setuid privilege escalation method 05-2017</issue>
  <issue id="2017-1000366" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>Andreas_Schwab</packager>
  <description>This update for glibc fixes the following issues:

- CVE-2017-1000366: Fix a potential privilege escalation vulnerability that
  allowed unprivileged system users to manipulate the stack of setuid binaries
  to gain special privileges. [bsc#1039357]

- The incorrectly defined constant O_TMPFILE has been fixed. [bsc#1038690]

- An incorrectly specified buffer length in nscd netgroup queries has been
  fixed. [bsc#986858]
</description>
  <summary>Security update for glibc</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places