Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:1844-1

Опубликовано: 24 сент. 2015
Источник: suse-cvrf

Описание

Security update for glibc

glibc was updated to fix bugs and security issues.

Security issues fixed:

  • A buffer overflow in nss_dns was fixed that could lead to crashes. (CVE-2015-1781, bsc#927080, BZ #18287)
  • A denial of service attack (out of memory) in the NSS files backend was fixed (CVE-2014-8121, bsc#918187, GLIBC BZ #18007)

Non security bugs fixed:

  • Fix regression in threaded application malloc performance (bsc#915955, GLIBC#17195)
  • Fix read past end of pattern in fnmatch (bsc#920338, GLIBC#17062, GLIBC#18032, GLIBC#18036)
  • Record TTL also for DNS PTR queries (bsc#928723, GLIBC#18513)
  • Increase MINSIGSTKSZ and SIGSTKSZ for aarch64 (bsc#931480, GLIBC#16850)
  • Fix handling of IPv6 nameservers (bsc#939211, GLIBC#13028, GLIBC#17053)
  • Avoid use of asm/ptrace.h (bsc#934084)
  • Do not corrupt the top of a threaded heap if top chunk is MINSIZE (GLIBC#18502)
  • Terminate unwinding after makecontext_ret on s390 (bsc#940332. bsc#944494, GLIBC#18508)
  • Restore signal mask in set/swapcontext on s390 (bsc#940195, bsc#944494, GLIBC#18080)
  • fix dlopen in static binaries (bsc#937853, GLIBC#17250)
  • Properly reread entry after failure in nss_files getent function (bsc#945779, BZ #18991)

Features added:

  • AVX512 support (fate#318844)
  • Add compatibility symlinks for LSB 3.0 (fate#318933)

Список пакетов

SUSE Linux Enterprise Desktop 12
glibc-2.19-22.7.1
glibc-32bit-2.19-22.7.1
glibc-devel-2.19-22.7.1
glibc-devel-32bit-2.19-22.7.1
glibc-i18ndata-2.19-22.7.1
glibc-locale-2.19-22.7.1
glibc-locale-32bit-2.19-22.7.1
nscd-2.19-22.7.1
SUSE Linux Enterprise Server 12
glibc-2.19-22.7.1
glibc-32bit-2.19-22.7.1
glibc-devel-2.19-22.7.1
glibc-devel-32bit-2.19-22.7.1
glibc-html-2.19-22.7.1
glibc-i18ndata-2.19-22.7.1
glibc-info-2.19-22.7.1
glibc-locale-2.19-22.7.1
glibc-locale-32bit-2.19-22.7.1
glibc-profile-2.19-22.7.1
glibc-profile-32bit-2.19-22.7.1
nscd-2.19-22.7.1
SUSE Linux Enterprise Server for SAP Applications 12
glibc-2.19-22.7.1
glibc-32bit-2.19-22.7.1
glibc-devel-2.19-22.7.1
glibc-devel-32bit-2.19-22.7.1
glibc-html-2.19-22.7.1
glibc-i18ndata-2.19-22.7.1
glibc-info-2.19-22.7.1
glibc-locale-2.19-22.7.1
glibc-locale-32bit-2.19-22.7.1
glibc-profile-2.19-22.7.1
glibc-profile-32bit-2.19-22.7.1
nscd-2.19-22.7.1
SUSE Linux Enterprise Software Development Kit 12
glibc-devel-static-2.19-22.7.1

Ссылки

Описание

DB_LOOKUP in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) 2.21 and earlier does not properly check if a file is open, which allows remote attackers to cause a denial of service (infinite loop) by performing a look-up on a database while iterating over it, which triggers the file pointer to be reset.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:glibc-2.19-22.7.1
SUSE Linux Enterprise Desktop 12:glibc-32bit-2.19-22.7.1
SUSE Linux Enterprise Desktop 12:glibc-devel-2.19-22.7.1
SUSE Linux Enterprise Desktop 12:glibc-devel-32bit-2.19-22.7.1
Ссылки

Описание

Buffer overflow in the gethostbyname_r and other unspecified NSS functions in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response, which triggers a call with a misaligned buffer.

Затронутые продукты
SUSE Linux Enterprise Desktop 12:glibc-2.19-22.7.1
SUSE Linux Enterprise Desktop 12:glibc-32bit-2.19-22.7.1
SUSE Linux Enterprise Desktop 12:glibc-devel-2.19-22.7.1
SUSE Linux Enterprise Desktop 12:glibc-devel-32bit-2.19-22.7.1
Ссылки
Уязвимость SUSE-SU-2015:1844-1