Overview

File _patchinfo of Package patchinfo.42654

<patchinfo incident="42654">
  <issue tracker="cve" id="2025-15281"/>
  <issue tracker="cve" id="2025-8058"/>
  <issue tracker="cve" id="2026-0915"/>
  <issue tracker="bnc" id="1257005">VUL-0: CVE-2025-15281: glibc: uninitialized memory may cause the process abort</issue>
  <issue tracker="bnc" id="1246965">VUL-0: CVE-2025-8058: glibc: a malloc failure in regcomp function can lead to a double free</issue>
  <issue tracker="bnc" id="1256822">VUL-0: CVE-2026-0915: glibc: Uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r</issue>
  <packager>Andreas_Schwab</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for glibc</summary>
  <description>This update for glibc fixes the following issues:

- CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr (bsc#1256822, BZ #33802)
- CVE-2025-15281: posix: Reset wordexp_t fields with WRDE_REUSE (bsc#1257005, BZ #33814)
- CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp (bsc#1246965, BZ #33185)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places