Overview

File _patchinfo of Package patchinfo.4896

<patchinfo incident="4896">
  <issue id="1040043" tracker="bnc">Partner-L3: deadlock between malloc and fork</issue>
  <issue id="1039357" tracker="bnc">VUL-0: EMBARGOED: CVE-2017-1000366: glibc: Qualys new root/setuid privilege escalation method 05-2017</issue>
  <issue id="2017-1000366" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>Andreas_Schwab</packager>
  <description>This update for glibc fixes the following issues:

- CVE-2017-1000366: Fix a potential privilege escalation vulnerability that
  allowed unprivileged system users to manipulate the stack of setuid binaries
  to gain special privileges. [bsc#1039357]

- A bug in glibc that could result in deadlocks between malloc() and fork() has
  been fixed. [bsc#1040043]
</description>
  <summary>Security update for glibc</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places