SUSE-SU-2015:1844-1: moderate: Security update for glibc
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri Oct 30 03:09:52 MDT 2015
SUSE Security Update: Security update for glibc
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:1844-1
Rating: moderate
References: #915955 #918187 #920338 #927080 #928723 #931480
#934084 #937853 #939211 #940195 #940332 #944494
#945779
Cross-References: CVE-2014-8121 CVE-2015-1781
Affected Products:
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Desktop 12
______________________________________________________________________________
An update that solves two vulnerabilities and has 11 fixes
is now available.
Description:
glibc was updated to fix bugs and security issues.
Security issues fixed:
* A buffer overflow in nss_dns was fixed that could lead to crashes.
(CVE-2015-1781, bsc#927080, BZ #18287)
* A denial of service attack (out of memory) in the NSS files backend was
fixed (CVE-2014-8121, bsc#918187, GLIBC BZ #18007)
Non security bugs fixed:
* Fix regression in threaded application malloc performance (bsc#915955,
GLIBC#17195)
* Fix read past end of pattern in fnmatch (bsc#920338, GLIBC#17062,
GLIBC#18032, GLIBC#18036)
* Record TTL also for DNS PTR queries (bsc#928723, GLIBC#18513)
* Increase MINSIGSTKSZ and SIGSTKSZ for aarch64 (bsc#931480, GLIBC#16850)
* Fix handling of IPv6 nameservers (bsc#939211, GLIBC#13028, GLIBC#17053)
* Avoid use of asm/ptrace.h (bsc#934084)
* Do not corrupt the top of a threaded heap if top chunk is MINSIZE
(GLIBC#18502)
* Terminate unwinding after makecontext_ret on s390 (bsc#940332.
bsc#944494, GLIBC#18508)
* Restore signal mask in set/swapcontext on s390 (bsc#940195, bsc#944494,
GLIBC#18080)
* fix dlopen in static binaries (bsc#937853, GLIBC#17250)
* Properly reread entry after failure in nss_files getent function
(bsc#945779, BZ #18991)
Features added:
* AVX512 support (fate#318844)
* Add compatibility symlinks for LSB 3.0 (fate#318933)
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 12:
zypper in -t patch SUSE-SLE-SDK-12-2015-764=1
- SUSE Linux Enterprise Server 12:
zypper in -t patch SUSE-SLE-SERVER-12-2015-764=1
- SUSE Linux Enterprise Desktop 12:
zypper in -t patch SUSE-SLE-DESKTOP-12-2015-764=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):
glibc-debuginfo-2.19-22.7.1
glibc-debugsource-2.19-22.7.1
glibc-devel-static-2.19-22.7.1
- SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):
glibc-2.19-22.7.1
glibc-debuginfo-2.19-22.7.1
glibc-debugsource-2.19-22.7.1
glibc-devel-2.19-22.7.1
glibc-devel-debuginfo-2.19-22.7.1
glibc-locale-2.19-22.7.1
glibc-locale-debuginfo-2.19-22.7.1
glibc-profile-2.19-22.7.1
nscd-2.19-22.7.1
nscd-debuginfo-2.19-22.7.1
- SUSE Linux Enterprise Server 12 (s390x x86_64):
glibc-32bit-2.19-22.7.1
glibc-debuginfo-32bit-2.19-22.7.1
glibc-devel-32bit-2.19-22.7.1
glibc-devel-debuginfo-32bit-2.19-22.7.1
glibc-locale-32bit-2.19-22.7.1
glibc-locale-debuginfo-32bit-2.19-22.7.1
glibc-profile-32bit-2.19-22.7.1
- SUSE Linux Enterprise Server 12 (noarch):
glibc-html-2.19-22.7.1
glibc-i18ndata-2.19-22.7.1
glibc-info-2.19-22.7.1
- SUSE Linux Enterprise Desktop 12 (x86_64):
glibc-2.19-22.7.1
glibc-32bit-2.19-22.7.1
glibc-debuginfo-2.19-22.7.1
glibc-debuginfo-32bit-2.19-22.7.1
glibc-debugsource-2.19-22.7.1
glibc-devel-2.19-22.7.1
glibc-devel-32bit-2.19-22.7.1
glibc-devel-debuginfo-2.19-22.7.1
glibc-devel-debuginfo-32bit-2.19-22.7.1
glibc-locale-2.19-22.7.1
glibc-locale-32bit-2.19-22.7.1
glibc-locale-debuginfo-2.19-22.7.1
glibc-locale-debuginfo-32bit-2.19-22.7.1
nscd-2.19-22.7.1
nscd-debuginfo-2.19-22.7.1
- SUSE Linux Enterprise Desktop 12 (noarch):
glibc-i18ndata-2.19-22.7.1
References:
https://www.suse.com/security/cve/CVE-2014-8121.html
https://www.suse.com/security/cve/CVE-2015-1781.html
https://bugzilla.suse.com/915955
https://bugzilla.suse.com/918187
https://bugzilla.suse.com/920338
https://bugzilla.suse.com/927080
https://bugzilla.suse.com/928723
https://bugzilla.suse.com/931480
https://bugzilla.suse.com/934084
https://bugzilla.suse.com/937853
https://bugzilla.suse.com/939211
https://bugzilla.suse.com/940195
https://bugzilla.suse.com/940332
https://bugzilla.suse.com/944494
https://bugzilla.suse.com/945779
More information about the sle-security-updates
mailing list