Описание
Security update for glibc
This update for glibc fixes the following issues:
- CVE-2024-2961: iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (bsc#1222992)
Список пакетов
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
glibc-2.11.3-17.110.52.1
glibc-32bit-2.11.3-17.110.52.1
glibc-devel-2.11.3-17.110.52.1
glibc-devel-32bit-2.11.3-17.110.52.1
glibc-html-2.11.3-17.110.52.1
glibc-i18ndata-2.11.3-17.110.52.1
glibc-info-2.11.3-17.110.52.1
glibc-locale-2.11.3-17.110.52.1
glibc-locale-32bit-2.11.3-17.110.52.1
glibc-profile-2.11.3-17.110.52.1
glibc-profile-32bit-2.11.3-17.110.52.1
nscd-2.11.3-17.110.52.1
Ссылки
- Link for SUSE-SU-2024:1728-1
- E-Mail link for SUSE-SU-2024:1728-1
- SUSE Security Ratings
- SUSE Bug 1222992
- SUSE CVE CVE-2024-2961 page
Описание
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:glibc-2.11.3-17.110.52.1
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:glibc-32bit-2.11.3-17.110.52.1
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:glibc-devel-2.11.3-17.110.52.1
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:glibc-devel-32bit-2.11.3-17.110.52.1
Ссылки
- CVE-2024-2961
- SUSE Bug 1222992
- SUSE Bug 1223019