File _patchinfo of Package patchinfo.18914

<patchinfo incident="18914">
  <issue tracker="bnc" id="1179694">VUL-1: CVE-2020-29562: glibc: iconv fails an assertion in the code path and aborts the program when converting UCS4 text containing an irreversible character</issue>
  <issue tracker="bnc" id="1178386">VUL-1: CVE-2020-27618: glibc: iconv when processing invalid multi-byte input sequences fails to advance the input state, which could result in an infinite loop</issue>
  <issue tracker="bnc" id="1184034">SLES 12 SP5 -  glibc: S390 memmove assumes Vector Facility when MIE Facility 3 is present</issue>
  <issue tracker="bnc" id="1179721">VUL-0: CVE-2020-29573: glibc: stack-based buffer overflow in printf on i386 targets via non-canonical 80-bit floating point values</issue>
  <issue tracker="cve" id="2020-27618"/>
  <issue tracker="cve" id="2020-29562"/>
  <issue tracker="cve" id="2020-29573"/>
  <packager>Andreas_Schwab</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for glibc</summary>
  <description>This update for glibc fixes the following issues:

- CVE-2020-27618: Accept redundant shift sequences in IBM1364 (bsc#1178386)
- CVE-2020-29562: Fix incorrect UCS4 inner loop bounds (bsc#1179694)
- CVE-2020-29573: Harden printf against non-normal long double values (bsc#1179721)
- Check vector support in memmove ifunc-selector (bsc#1184034)
</description>
</patchinfo>