Overview

File _patchinfo of Package patchinfo.22553

<patchinfo incident="22553">
  <category>security</category>
  <rating>important</rating>
  <packager>Andreas_Schwab</packager>
  <summary>Security update for glibc</summary>
  <description>
This update for glibc fixes the following issues:

- CVE-2021-3999: Fixed incorrect errno in getcwd (bsc#1194640)
- CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for "unix" (bsc#1194768)
- CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770)

Features added:

- IBM Power 10 string operation improvements (bsc#1194785, jsc#SLE-18195)

</description>
  <issue id="1194640" tracker="bnc">VUL-0: CVE-2021-3999: glibc: glibc: off-by-one buffer overflow/underflow in getcwd()</issue>
  <issue id="1194768" tracker="bnc">VUL-0: CVE-2022-23219: glibc.i686,glibc: stack buffer overflow in the deprecated function clnt_create in the sunrpc module</issue>
  <issue id="1194770" tracker="bnc">VUL-0: CVE-2022-23218: glibc.i686,glibc: stack buffer overflow in the deprecated function svcunix_create in the sunrpc module</issue>
  <issue id="1194785" tracker="bnc">glibc: Request to backport ppc64le ifunc improvements</issue>
  <issue id="2021-3999" tracker="cve" />
  <issue id="2022-23218" tracker="cve" />
  <issue id="2022-23219" tracker="cve" />
  <issue id="SLE-18195" tracker="jsc" />

</patchinfo>
openSUSE Build Service is sponsored by
Places