Overview

File _patchinfo of Package patchinfo.42995

<patchinfo incident="42995">
  <issue tracker="cve" id="2026-0915"/>
  <issue tracker="cve" id="2025-15281"/>
  <issue tracker="cve" id="2026-0861"/>
  <issue tracker="cve" id="2025-8058"/>
  <issue tracker="bnc" id="1257005">VUL-0: CVE-2025-15281: glibc: uninitialized memory may cause the process abort</issue>
  <issue tracker="bnc" id="1256766">VUL-0: CVE-2026-0861: glibc: inadequate size check in the memalign suite may result in an integer overflow</issue>
  <issue tracker="bnc" id="1246965">VUL-0: CVE-2025-8058: glibc: a malloc failure in regcomp function can lead to a double free</issue>
  <issue tracker="bnc" id="1256822">VUL-0: CVE-2026-0915: glibc: Uninitialized stack buffer used as DNS query name when net==0 in _nss_dns_getnetbyaddr_r</issue>
  <packager>Andreas_Schwab</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for glibc</summary>
  <description>This update for glibc fixes the following issues:

- CVE-2026-0861: memalign: reinstate alignment overflow check (bsc#1256766)
- CVE-2026-0915: resolv: Fix NSS DNS backend for getnetbyaddr (bsc#1256822)
- CVE-2025-15281: posix: Reset wordexp_t fields with WRDE_REUSE (bsc#1257005)
- CVE-2025-8058: posix: Fix double-free after allocation failure in regcomp (bsc#1246965)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places