Overview

File _patchinfo of Package patchinfo.18277

<patchinfo incident="18277">
  <issue tracker="cve" id="2019-25013"/>
  <issue tracker="cve" id="2021-3326"/>
  <issue tracker="bnc" id="1182117">VUL-0: CVE-2019-25013: glibc: buffer over-read in iconv when processing invalid multi-byte input sequences in the EUC-KR encoding</issue>
  <issue tracker="bnc" id="1181505">VUL-0: CVE-2021-3326: glibc: iconv crash with ISO-2022-JP-3 which affects e.g. mutt</issue>
  <issue tracker="bnc" id="1180038">SLES 12 SP5 - glibc __get_nprocs parses "/sys/devices/system/cpu/online" incorrectly. (L3:)</issue>
  <issue tracker="bnc" id="1181365">SLES 12 SP5 - [P10] AT_BASE_PLATFORM shows "power5" running LD_SHOW_AUXV=1 /bin/true on Power10 lpar. (glibc)</issue>
  <packager>Andreas_Schwab</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for glibc</summary>
  <description>This update for glibc fixes the following issues:

- Fix buffer overrun in EUC-KR conversion module (CVE-2019-25013, bsc#1182117, BZ #24973)
- gconv: Fix assertion failure in ISO-2022-JP-3 module (CVE-2021-3326, bsc#1181505, BZ #27256)
- Fix parsing of /sys/devices/system/cpu/online (bsc#1180038, BZ #25859)
- powerpc: Add support for POWER10 (bsc#1181365)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places