Описание
Security update for glibc
This update for glibc fixes the following issues:
- CVE-2020-10029: Fixed a stack corruption from range reduction of pseudo-zero (bsc#1165784)
- Use posix_spawn on popen (bsc#1149332, bsc#1176013)
- Correct locking and cancellation cleanup in syslog functions (bsc#1172085)
- Fixed concurrent changes on nscd aware files (bsc#1171878)
Список пакетов
Container caasp/v4/nginx-ingress-controller:beta1
glibc-2.22-113.4
Container suse/sles12sp3:latest
glibc-2.22-113.4
HPE Helion OpenStack 8
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE Enterprise Storage 5
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE Linux Enterprise Server 12 SP2-BCL
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE Linux Enterprise Server 12 SP2-LTSS
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE Linux Enterprise Server 12 SP3-BCL
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE Linux Enterprise Server 12 SP3-LTSS
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE Linux Enterprise Server for SAP Applications 12 SP2
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE Linux Enterprise Server for SAP Applications 12 SP3
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE OpenStack Cloud 7
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE OpenStack Cloud 8
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
SUSE OpenStack Cloud Crowbar 8
glibc-2.22-113.4
glibc-32bit-2.22-113.4
glibc-devel-2.22-113.4
glibc-devel-32bit-2.22-113.4
glibc-html-2.22-113.4
glibc-i18ndata-2.22-113.4
glibc-info-2.22-113.4
glibc-locale-2.22-113.4
glibc-locale-32bit-2.22-113.4
glibc-profile-2.22-113.4
glibc-profile-32bit-2.22-113.4
nscd-2.22-113.4
Ссылки
- Link for SUSE-SU-2020:3024-1
- E-Mail link for SUSE-SU-2020:3024-1
- SUSE Security Ratings
- SUSE Bug 1149332
- SUSE Bug 1165784
- SUSE Bug 1171878
- SUSE Bug 1172085
- SUSE Bug 1176013
- SUSE CVE CVE-2020-10029 page
Описание
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c.
Затронутые продукты
Container caasp/v4/nginx-ingress-controller:beta1:glibc-2.22-113.4
Container suse/sles12sp3:latest:glibc-2.22-113.4
HPE Helion OpenStack 8:glibc-2.22-113.4
HPE Helion OpenStack 8:glibc-32bit-2.22-113.4
Ссылки
- CVE-2020-10029
- SUSE Bug 1165784