Описание
Security update for glibc
This update for glibc fixes the following issues:
- Drop old fix that could break services that start before IPv6 is up. (bsc#931399)
- Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727)
- Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010)
- Relocate DSOs in dependency order, fixing a potential crash during symbol relocation phase. (bsc#986302)
- Fix nscd assertion failure in gc. (bsc#965699)
- Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164)
- Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483)
- Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Software Development Kit 11 SP4
Ссылки
- Link for SUSE-SU-2016:2156-1
- E-Mail link for SUSE-SU-2016:2156-1
- SUSE Security Ratings
- SUSE Bug 931399
- SUSE Bug 965699
- SUSE Bug 969727
- SUSE Bug 973010
- SUSE Bug 973164
- SUSE Bug 973179
- SUSE Bug 980483
- SUSE Bug 980854
- SUSE Bug 986302
- SUSE CVE CVE-2016-1234 page
- SUSE CVE CVE-2016-3075 page
- SUSE CVE CVE-2016-3706 page
- SUSE CVE CVE-2016-4429 page
Описание
Stack-based buffer overflow in the glob implementation in GNU C Library (aka glibc) before 2.24, when GLOB_ALTDIRFUNC is used, allows context-dependent attackers to cause a denial of service (crash) via a long name.
Затронутые продукты
Ссылки
- CVE-2016-1234
- SUSE Bug 1020940
- SUSE Bug 969727
- SUSE Bug 988770
- SUSE Bug 988782
- SUSE Bug 989127
Описание
Stack-based buffer overflow in the nss_dns implementation of the getnetbyname function in GNU C Library (aka glibc) before 2.24 allows context-dependent attackers to cause a denial of service (stack consumption and application crash) via a long name.
Затронутые продукты
Ссылки
- CVE-2016-3075
- SUSE Bug 1123874
- SUSE Bug 973164
Описание
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU C Library (aka glibc or libc6) allows remote attackers to cause a denial of service (crash) via vectors involving hostent conversion. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4458.
Затронутые продукты
Ссылки
- CVE-2016-3706
- SUSE Bug 1123874
- SUSE Bug 980483
- SUSE Bug 997423
Описание
Stack-based buffer overflow in the clntudp_call function in sunrpc/clnt_udp.c in the GNU C Library (aka glibc or libc6) allows remote servers to cause a denial of service (crash) or possibly unspecified other impact via a flood of crafted ICMP and UDP packets.
Затронутые продукты
Ссылки
- CVE-2016-4429
- SUSE Bug 1081556
- SUSE Bug 1123874
- SUSE Bug 980854