SUSE-SU-2019:1102-1

Опубликовано: 30 апр. 2019

Источник: suse-cvrf

Описание

Security update for glibc

This update for glibc fixes the following issues:

Security issues fixed:

CVE-2019-9169: regex: fix read overrun (bsc#1127308, BZ #24114)
CVE-2016-10739: Fully parse IPv4 address strings (bsc#1122729, BZ #20018)
CVE-2009-5155: ERE '0|()0|\1|0' causes regexec undefined behavior (bsc#1127223, BZ #18986)

Non-security issues fixed:

Enable TLE only if GLIBC_ELISION_ENABLE=yes is defined (bsc#1131994, fate#322271)
Add more checks for valid ld.so.cache file (bsc#1110661, BZ #18093)
Added cfi information for start routines in order to stop unwinding (bsc#1128574)
ja_JP locale: Add entry for the new Japanese era (bsc#1100396, fate#325570, BZ #22964)

Список пакетов

Container suse/ltss/sle12.5/sles12sp5:latest

glibc-2.22-100.8.1

Container suse/sles12sp4:latest

glibc-2.22-100.8.1

Container suse/sles12sp5:latest

glibc-2.22-100.8.1

Image SLES12-SP4-Azure-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-EC2-HVM-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-GCE-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-OCI-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-Azure

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-Azure-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-EC2-HVM

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-EC2-HVM-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-GCE

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-GCE-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP4-SAP-OCI-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-Azure-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-Azure-Basic-On-Demand

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-Azure-HPC-BYOS

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-Azure-HPC-On-Demand

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-Azure-SAP-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-Azure-SAP-On-Demand

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-Azure-Standard-On-Demand

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-EC2-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-EC2-ECS-On-Demand

glibc-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-EC2-On-Demand

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-EC2-SAP-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-EC2-SAP-On-Demand

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-GCE-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-GCE-On-Demand

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-GCE-SAP-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-GCE-SAP-On-Demand

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-OCI-BYOS-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-OCI-BYOS-SAP-BYOS

glibc-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

nscd-2.22-100.8.1

SUSE Linux Enterprise Desktop 12 SP4

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-devel-32bit-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-locale-2.22-100.8.1

glibc-locale-32bit-2.22-100.8.1

nscd-2.22-100.8.1

SUSE Linux Enterprise Server 12 SP4

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-devel-32bit-2.22-100.8.1

glibc-html-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-info-2.22-100.8.1

glibc-locale-2.22-100.8.1

glibc-locale-32bit-2.22-100.8.1

glibc-profile-2.22-100.8.1

glibc-profile-32bit-2.22-100.8.1

nscd-2.22-100.8.1

SUSE Linux Enterprise Server for SAP Applications 12 SP4

glibc-2.22-100.8.1

glibc-32bit-2.22-100.8.1

glibc-devel-2.22-100.8.1

glibc-devel-32bit-2.22-100.8.1

glibc-html-2.22-100.8.1

glibc-i18ndata-2.22-100.8.1

glibc-info-2.22-100.8.1

glibc-locale-2.22-100.8.1

glibc-locale-32bit-2.22-100.8.1

glibc-profile-2.22-100.8.1

glibc-profile-32bit-2.22-100.8.1

nscd-2.22-100.8.1

SUSE Linux Enterprise Software Development Kit 12 SP4

glibc-devel-static-2.22-100.8.1

glibc-info-2.22-100.8.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20191102-1/
Link for SUSE-SU-2019:1102-1
https://lists.suse.com/pipermail/sle-security-updates/2019-April/005411.html
E-Mail link for SUSE-SU-2019:1102-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1100396
SUSE Bug 1100396
https://bugzilla.suse.com/1110661
SUSE Bug 1110661
https://bugzilla.suse.com/1122729
SUSE Bug 1122729
https://bugzilla.suse.com/1127223
SUSE Bug 1127223
https://bugzilla.suse.com/1127308
SUSE Bug 1127308
https://bugzilla.suse.com/1128574
SUSE Bug 1128574
https://bugzilla.suse.com/1131994
SUSE Bug 1131994
https://www.suse.com/security/cve/CVE-2009-5155/
SUSE CVE CVE-2009-5155 page
https://www.suse.com/security/cve/CVE-2016-10739/
SUSE CVE CVE-2016-10739 page
https://www.suse.com/security/cve/CVE-2019-9169/
SUSE CVE CVE-2019-9169 page

Описание

In the GNU C Library (aka glibc or libc6) before 2.28, parse_reg_exp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service (assertion failure and application exit) or trigger an incorrect result by attempting a regular-expression match.

Затронутые продукты

Container suse/ltss/sle12.5/sles12sp5:latest:glibc-2.22-100.8.1

Container suse/sles12sp4:latest:glibc-2.22-100.8.1

Container suse/sles12sp5:latest:glibc-2.22-100.8.1

Image SLES12-SP4-Azure-BYOS:glibc-2.22-100.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2009-5155.html
CVE-2009-5155
https://bugzilla.suse.com/1127223
SUSE Bug 1127223

Описание

In the GNU C Library (aka glibc or libc6) through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the possibility of embedded HTTP headers or other potentially dangerous substrings.

Затронутые продукты

Container suse/ltss/sle12.5/sles12sp5:latest:glibc-2.22-100.8.1

Container suse/sles12sp4:latest:glibc-2.22-100.8.1

Container suse/sles12sp5:latest:glibc-2.22-100.8.1

Image SLES12-SP4-Azure-BYOS:glibc-2.22-100.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2016-10739.html
CVE-2016-10739
https://bugzilla.suse.com/1122729
SUSE Bug 1122729
https://bugzilla.suse.com/1155094
SUSE Bug 1155094

Описание

In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case-insensitive regular-expression match.

Затронутые продукты

Container suse/ltss/sle12.5/sles12sp5:latest:glibc-2.22-100.8.1

Container suse/sles12sp4:latest:glibc-2.22-100.8.1

Container suse/sles12sp5:latest:glibc-2.22-100.8.1

Image SLES12-SP4-Azure-BYOS:glibc-2.22-100.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-9169.html
CVE-2019-9169
https://bugzilla.suse.com/1127308
SUSE Bug 1127308
https://bugzilla.suse.com/1146392
SUSE Bug 1146392

SUSE-SU-2019:1102-1

Описание

Список пакетов

Container suse/ltss/sle12.5/sles12sp5:latest

Container suse/sles12sp4:latest

Container suse/sles12sp5:latest

Image SLES12-SP4-Azure-BYOS

Image SLES12-SP4-EC2-HVM-BYOS

Image SLES12-SP4-GCE-BYOS

Image SLES12-SP4-OCI-BYOS

Image SLES12-SP4-SAP-Azure

Image SLES12-SP4-SAP-Azure-BYOS

Image SLES12-SP4-SAP-Azure-LI-BYOS-Production

Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production

Image SLES12-SP4-SAP-EC2-HVM

Image SLES12-SP4-SAP-EC2-HVM-BYOS

Image SLES12-SP4-SAP-GCE

Image SLES12-SP4-SAP-GCE-BYOS

Image SLES12-SP4-SAP-OCI-BYOS

Image SLES12-SP5-Azure-BYOS

Image SLES12-SP5-Azure-Basic-On-Demand

Image SLES12-SP5-Azure-HPC-BYOS

Image SLES12-SP5-Azure-HPC-On-Demand

Image SLES12-SP5-Azure-SAP-BYOS

Image SLES12-SP5-Azure-SAP-On-Demand

Image SLES12-SP5-Azure-Standard-On-Demand

Image SLES12-SP5-EC2-BYOS

Image SLES12-SP5-EC2-ECS-On-Demand

Image SLES12-SP5-EC2-On-Demand

Image SLES12-SP5-EC2-SAP-BYOS

Image SLES12-SP5-EC2-SAP-On-Demand

Image SLES12-SP5-GCE-BYOS

Image SLES12-SP5-GCE-On-Demand

Image SLES12-SP5-GCE-SAP-BYOS

Image SLES12-SP5-GCE-SAP-On-Demand

Image SLES12-SP5-OCI-BYOS-BYOS

Image SLES12-SP5-OCI-BYOS-SAP-BYOS

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Desktop 12 SP4

SUSE Linux Enterprise Server 12 SP4

SUSE Linux Enterprise Server for SAP Applications 12 SP4

SUSE Linux Enterprise Software Development Kit 12 SP4

Ссылки

Уязвимость: CVE-2009-5155

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2016-10739

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2019-9169

Описание

Затронутые продукты

Ссылки