Overview

File _patchinfo of Package patchinfo.1042

<patchinfo incident="1042">
  <issue id="939211" tracker="bnc">DNS server rotation IPv6 problem</issue>
  <issue id="920338" tracker="bnc">VUL-1: glibc: Fix read past end of pattern in fnmatch</issue>
  <issue id="927080" tracker="bnc">VUL-1: CVE-2015-1781: glibc: buffer length after padding in resolv/nss_dns/dns-host.c:getanswer_r</issue>
  <issue id="918187" tracker="bnc">VUL-0: CVE-2014-8121: glibc: denial of service issue in the NSS backends</issue>
  <issue id="915955" tracker="bnc">Extremely poor performance in glibc alloc/free loops in threaded applications</issue>
  <issue id="931480" tracker="bnc">SIGSTKSZ is too small on aarch64</issue>
  <issue id="928723" tracker="bnc">glibc: ttl for PTR records not used</issue>
  <issue id="934084" tracker="bnc">Avoid use of asm/ptrace.h</issue>
  <issue id="940332" tracker="bnc">Terminate unwinding after makecontext_ret on s390</issue>
  <issue id="944494" tracker="bnc">Terminate unwinding after makecontext_ret on s390</issue>
  <issue id="937853" tracker="bnc">fix dlopen in static binaries</issue>
  <issue id="940195" tracker="bnc">Restore signal mask in set/swapcontext on s390 </issue>
  <issue id="945779" tracker="bnc">Properly reread entry after failure in nss_files getent function</issue>
  <issue id="CVE-2015-1781" tracker="cve" />
  <issue id="CVE-2014-8121" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>Andreas_Schwab</packager>
  <description>
glibc was updated to fix bugs and security issues.

Security issues fixed:

* A buffer overflow in nss_dns was fixed that could lead to crashes. (CVE-2015-1781, bsc#927080, BZ #18287)
* A denial of service attack (out of memory) in the NSS files backend was fixed (CVE-2014-8121, bsc#918187, GLIBC BZ #18007)

Non security bugs fixed:

* Fix regression in threaded application malloc performance (bsc#915955, GLIBC#17195)
* Fix read past end of pattern in fnmatch (bsc#920338, GLIBC#17062, GLIBC#18032, GLIBC#18036)
* Record TTL also for DNS PTR queries (bsc#928723, GLIBC#18513)
* Increase MINSIGSTKSZ and SIGSTKSZ for aarch64 (bsc#931480, GLIBC#16850)
* Fix handling of IPv6 nameservers (bsc#939211, GLIBC#13028, GLIBC#17053)
* Avoid use of asm/ptrace.h (bsc#934084)
* Do not corrupt the top of a threaded heap if top chunk is MINSIZE (GLIBC#18502)
* Terminate unwinding after makecontext_ret on s390 (bsc#940332. bsc#944494, GLIBC#18508)
* Restore signal mask in set/swapcontext on s390 (bsc#940195, bsc#944494, GLIBC#18080)
* fix dlopen in static binaries (bsc#937853, GLIBC#17250)
* Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)

Features added:

* AVX512 support (fate#318844)
* Add compatibility symlinks for LSB 3.0 (fate#318933)
</description>
  <summary>Security update for glibc</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places