Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
patchinfo.400
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.400
<patchinfo incident="400"> <issue id="916222" tracker="bnc">VUL-0: CVE-2015-1472: glibc,glibc.i686: heap buffer overflow in glibc swscanf</issue> <issue id="910599" tracker="bnc">VUL-0: CVE-2014-9402: glibc: denial of service in getnetbyname function</issue> <issue id="915526" tracker="bnc">VUL-0: CVE-2013-7423: glibc,glibc.i686: getaddrinfo() writes DNS queries to random file descriptors under high load</issue> <issue id="909053" tracker="bnc">getaddrinfo()/make_request() may spin forever</issue> <issue id="915985" tracker="bnc">L3: dracut produces invalid initrd if /var/tmp is on tmpfs with noexec flag</issue> <issue id="864081" tracker="bnc">fsppadm panic at glibc when creating a new thread</issue> <issue id="906371" tracker="bnc">VUL-0: CVE-2014-7817: glibc,glibc.i686: Command execution in wordexp() with WRDE_NOCMD specified</issue> <issue id="905313" tracker="bnc">glibc headers use gcc extensions when included by non-gcc compiler</issue> <issue id="CVE-2014-9402" tracker="cve" /> <issue id="CVE-2015-1472" tracker="cve" /> <issue id="CVE-2013-7423" tracker="cve" /> <issue id="CVE-2014-7817" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>Andreas_Schwab</packager> <description>glibc has been updated to fix four security issues. These security issues were fixed: - CVE-2014-7817: The wordexp function in GNU C Library (aka glibc) 2.21 did not enforce the WRDE_NOCMD flag, which allowed context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))" (bnc#906371). - CVE-2015-1472: Heap buffer overflow in glibc swscanf (bnc#916222). - CVE-2014-9402: Denial of service in getnetbyname function (bnc#910599). - CVE-2013-7423: Getaddrinfo() writes DNS queries to random file descriptors under high load (bnc#915526). These non-security issues were fixed: - Fix infinite loop in check_pf (bsc#909053) - Restore warning about execution permission, it is still needed for noexec mounts (bsc#915985). - Don't touch user-controlled stdio locks in forked child (bsc#864081) - Don't use gcc extensions for non-gcc compilers (bsc#905313) </description> <summary>Security update for glibc</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor