File _patchinfo of Package patchinfo.13892

<patchinfo incident="13892">
  <issue tracker="cve" id="2020-10029"/>
  <issue tracker="cve" id="2020-1751"/>
  <issue tracker="cve" id="2020-1752"/>
  <issue tracker="bnc" id="1165784">VUL-1: CVE-2020-10029: glibc: overflow an on-stack buffer during range reduction</issue>
  <issue tracker="bnc" id="1167631">VUL-0: CVE-2020-1752: glibc: use-after-free in glob() function when expanding ~user</issue>
  <issue tracker="bnc" id="1158996">[Build 104.1] /bin/extend calls hangs forever on ppc64le installations - ref:_00D1igLOd._5001iIw0s3:ref</issue>
  <issue tracker="bnc" id="1149332">glibc fix request for upstream bug#22834</issue>
  <issue tracker="bnc" id="1157893">SLES 12 SP5 - glibc: z15 (s390x) strstr implementation can return incorrect result if search string cross page boundary</issue>
  <packager>Andreas_Schwab</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for glibc</summary>
  <description>This update for glibc fixes the following issues:

- CVE-2020-1752: Fixed a use after free in glob which could have allowed
  a local attacker to create a specially crafted path that, when processed 
  by the glob function, could potentially have led to arbitrary code execution
  (bsc#1167631).
- CVE-2020-1751: Fixed an array overflow in backtrace for PowerPC (bsc#1158996).
- CVE-2020-10029: Fixed a stack buffer overflow during range reduction (bsc#1165784).
- Use 'posix_spawn' on popen preventing crash caused by 'subprocess'. (bsc#1149332, BZ #22834)
- Fix handling of needles crossing a page, preventing incorrect results to return during the cross page boundary search. (bsc#1157893, BZ #25226)
</description>
</patchinfo>