SUSE-SU-2015:1844-1: moderate: Security update for glibc

sle-updates at lists.suse.com sle-updates at lists.suse.com
Fri Oct 30 03:09:52 MDT 2015


   SUSE Security Update: Security update for glibc
______________________________________________________________________________

Announcement ID:    SUSE-SU-2015:1844-1
Rating:             moderate
References:         #915955 #918187 #920338 #927080 #928723 #931480 
                    #934084 #937853 #939211 #940195 #940332 #944494 
                    #945779 
Cross-References:   CVE-2014-8121 CVE-2015-1781
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 12
                    SUSE Linux Enterprise Server 12
                    SUSE Linux Enterprise Desktop 12
______________________________________________________________________________

   An update that solves two vulnerabilities and has 11 fixes
   is now available.

Description:


   glibc was updated to fix bugs and security issues.

   Security issues fixed:

   * A buffer overflow in nss_dns was fixed that could lead to crashes.
     (CVE-2015-1781, bsc#927080, BZ #18287)
   * A denial of service attack (out of memory) in the NSS files backend was
     fixed (CVE-2014-8121, bsc#918187, GLIBC BZ #18007)

   Non security bugs fixed:

   * Fix regression in threaded application malloc performance (bsc#915955,
     GLIBC#17195)
   * Fix read past end of pattern in fnmatch (bsc#920338, GLIBC#17062,
     GLIBC#18032, GLIBC#18036)
   * Record TTL also for DNS PTR queries (bsc#928723, GLIBC#18513)
   * Increase MINSIGSTKSZ and SIGSTKSZ for aarch64 (bsc#931480, GLIBC#16850)
   * Fix handling of IPv6 nameservers (bsc#939211, GLIBC#13028, GLIBC#17053)
   * Avoid use of asm/ptrace.h (bsc#934084)
   * Do not corrupt the top of a threaded heap if top chunk is MINSIZE
     (GLIBC#18502)
   * Terminate unwinding after makecontext_ret on s390 (bsc#940332.
     bsc#944494, GLIBC#18508)
   * Restore signal mask in set/swapcontext on s390 (bsc#940195, bsc#944494,
     GLIBC#18080)
   * fix dlopen in static binaries (bsc#937853, GLIBC#17250)
   * Properly reread entry after failure in nss_files getent function
     (bsc#945779, BZ #18991)

   Features added:

   * AVX512 support (fate#318844)
   * Add compatibility symlinks for LSB 3.0 (fate#318933)


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 12:

      zypper in -t patch SUSE-SLE-SDK-12-2015-764=1

   - SUSE Linux Enterprise Server 12:

      zypper in -t patch SUSE-SLE-SERVER-12-2015-764=1

   - SUSE Linux Enterprise Desktop 12:

      zypper in -t patch SUSE-SLE-DESKTOP-12-2015-764=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 12 (ppc64le s390x x86_64):

      glibc-debuginfo-2.19-22.7.1
      glibc-debugsource-2.19-22.7.1
      glibc-devel-static-2.19-22.7.1

   - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64):

      glibc-2.19-22.7.1
      glibc-debuginfo-2.19-22.7.1
      glibc-debugsource-2.19-22.7.1
      glibc-devel-2.19-22.7.1
      glibc-devel-debuginfo-2.19-22.7.1
      glibc-locale-2.19-22.7.1
      glibc-locale-debuginfo-2.19-22.7.1
      glibc-profile-2.19-22.7.1
      nscd-2.19-22.7.1
      nscd-debuginfo-2.19-22.7.1

   - SUSE Linux Enterprise Server 12 (s390x x86_64):

      glibc-32bit-2.19-22.7.1
      glibc-debuginfo-32bit-2.19-22.7.1
      glibc-devel-32bit-2.19-22.7.1
      glibc-devel-debuginfo-32bit-2.19-22.7.1
      glibc-locale-32bit-2.19-22.7.1
      glibc-locale-debuginfo-32bit-2.19-22.7.1
      glibc-profile-32bit-2.19-22.7.1

   - SUSE Linux Enterprise Server 12 (noarch):

      glibc-html-2.19-22.7.1
      glibc-i18ndata-2.19-22.7.1
      glibc-info-2.19-22.7.1

   - SUSE Linux Enterprise Desktop 12 (x86_64):

      glibc-2.19-22.7.1
      glibc-32bit-2.19-22.7.1
      glibc-debuginfo-2.19-22.7.1
      glibc-debuginfo-32bit-2.19-22.7.1
      glibc-debugsource-2.19-22.7.1
      glibc-devel-2.19-22.7.1
      glibc-devel-32bit-2.19-22.7.1
      glibc-devel-debuginfo-2.19-22.7.1
      glibc-devel-debuginfo-32bit-2.19-22.7.1
      glibc-locale-2.19-22.7.1
      glibc-locale-32bit-2.19-22.7.1
      glibc-locale-debuginfo-2.19-22.7.1
      glibc-locale-debuginfo-32bit-2.19-22.7.1
      nscd-2.19-22.7.1
      nscd-debuginfo-2.19-22.7.1

   - SUSE Linux Enterprise Desktop 12 (noarch):

      glibc-i18ndata-2.19-22.7.1


References:

   https://www.suse.com/security/cve/CVE-2014-8121.html
   https://www.suse.com/security/cve/CVE-2015-1781.html
   https://bugzilla.suse.com/915955
   https://bugzilla.suse.com/918187
   https://bugzilla.suse.com/920338
   https://bugzilla.suse.com/927080
   https://bugzilla.suse.com/928723
   https://bugzilla.suse.com/931480
   https://bugzilla.suse.com/934084
   https://bugzilla.suse.com/937853
   https://bugzilla.suse.com/939211
   https://bugzilla.suse.com/940195
   https://bugzilla.suse.com/940332
   https://bugzilla.suse.com/944494
   https://bugzilla.suse.com/945779



More information about the sle-updates mailing list