File _patchinfo of Package patchinfo.8004

<patchinfo incident="8004">
  <issue tracker="bnc" id="1064580">VUL-0: CVE-2017-15804: glibc: buffer overflow during unescaping of user names in the glob function in glob.c</issue>
  <issue tracker="bnc" id="1064583">VUL-0: glibc: CVE-2017-15670 glibc: Buffer overflow in glob with GLOB_TILDE</issue>
  <issue tracker="bnc" id="1051791">VUL-0: CVE-2017-12132: glibc: resolv: Reduce advertised EDNS0 buffer size to guard against fragmentation attacks</issue>
  <issue tracker="bnc" id="1074293">VUL-0: CVE-2018-1000001: glibc: privilege escalation bug in glibc</issue>
  <issue tracker="bnc" id="1064569">VUL-1: CVE-2017-15671: glibc: Memory leak in glob with GLOB_TILDE</issue>
  <issue tracker="bnc" id="1094161">VUL-0: CVE-2018-11236: glibc: 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments</issue>
  <issue tracker="cve" id="2018-11236"/>
  <issue tracker="cve" id="2018-1000001"/>
  <issue tracker="cve" id="2017-15670"/>
  <issue tracker="cve" id="2017-15671"/>
  <issue tracker="cve" id="2017-15804"/>
  <issue tracker="cve" id="2017-12132"/>
  <category>security</category>
  <rating>important</rating>
  <packager>Andreas_Schwab</packager>
  <description>This update for glibc fixes the following issues:

Security issues fixed:

- CVE-2017-15804: Fix buffer overflow during unescaping of user names in the glob function in glob.c (bsc#1064580).
- CVE-2017-15670: Fix buffer overflow in glob with GLOB_TILDE (bsc#1064583).
- CVE-2017-15671: Fix memory leak in glob with GLOB_TILDE (bsc#1064569).
- CVE-2018-11236: Fix 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments (bsc#1094161).
- CVE-2017-12132: Reduce advertised EDNS0 buffer size to guard against fragmentation attacks (bsc#1051791).
- CVE-2018-1000001: Avoid underflow of malloced area (bsc#1074293).
</description>
  <summary>Security update for glibc</summary>
</patchinfo>