Overview

File _patchinfo of Package patchinfo.4899

<patchinfo incident="4899">
  <issue id="1038690" tracker="bnc">LTP openat03/open13 testcases fail and show difference between ppc64le and x86_64</issue>
  <issue id="987216" tracker="bnc">tst-malloc-thread-exit fails to link</issue>
  <issue id="1039357" tracker="bnc">CVE-2017-1000366: glibc: Qualys new root/setuid privilege escalation method 05-2017</issue>
  <issue id="2017-1000366" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>Andreas_Schwab</packager>
  <description>This update for glibc fixes the following issues:

- CVE-2017-1000366: Fix a potential privilege escalation vulnerability that
  allowed unprivileged system users to manipulate the stack of setuid binaries
  to gain special privileges. [bsc#1039357]

- The incorrectly defined constant O_TMPFILE has been fixed. [bsc#1038690]

- A defect in glibc's regression test suite has been remedied to avoid false
  positives. [bsc#987216]
</description>
  <summary>Security update for glibc</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places