File _patchinfo of Package patchinfo.2646

<patchinfo incident="2646">
  <issue id="975930" tracker="bnc">L3: Bad performance in malloc/free after upgrading to SLES 12</issue>
  <issue id="980854" tracker="bnc">VUL-0: CVE-2016-4429: glibc: A stack frame overflow flaw was found in the glibc's clntudp_call</issue>
  <issue id="980483" tracker="bnc">VUL-0: CVE-2016-3706: glibc: stack overflow in hostent translation</issue>
  <issue id="973010" tracker="bnc">SLES 11 SP4 - Memory leak in glibc-2.11.3-17.95.2 when resolving a non-existing DNSBL entry using getaddrinfo().</issue>
  <issue id="968787" tracker="bnc">DTV_SURPLUS limits loading of Static TLS-requiring modules in multi-threaded programs (SAP HANA on Power)</issue>
  <issue id="973164" tracker="bnc">VUL-0: CVE-2016-3075: glibc: Stack overflow in nss_dns_getnetbyname_r</issue>
  <issue id="969727" tracker="bnc">VUL-1: CVE-2016-1234: glibc: buffer overflow in glob with GLOB_ALTDIRFUNC and crafted directory</issue>
  <issue id="2016-3706" tracker="cve" />
  <issue id="2016-4429" tracker="cve" />
  <issue id="2016-1234" tracker="cve" />
  <issue id="2016-3075" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>Andreas_Schwab</packager>
  <description>
This update for glibc provides the following fixes:

- Increase DTV_SURPLUS limit. (bsc#968787)
- Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727)
- Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010)
- Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164)
- Fix malloc performance regression from SLE 11. (bsc#975930)
- Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483)
- Do not use alloca in clntudp_call (CVE-2016-4429, bsc#980854)
</description>
  <summary>Security update for glibc</summary>
</patchinfo>