SUSE-SU-2015:0170-1: moderate: Security update for glibc
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Wed Jan 28 22:04:52 MST 2015
SUSE Security Update: Security update for glibc
______________________________________________________________________________
Announcement ID: SUSE-SU-2015:0170-1
Rating: moderate
References: #844309 #882600 #894553 #894556
Cross-References: CVE-2012-6656 CVE-2013-4357 CVE-2014-6040
Affected Products:
SUSE Linux Enterprise Server 10 SP4 LTSS
______________________________________________________________________________
An update that solves three vulnerabilities and has one
errata is now available.
Description:
glibc has been updated to fix security issues:
* Fix crashes on invalid input in IBM gconv modules (CVE-2014-6040,
CVE-2012-6656, bsc#894553, bsc#894556, GLIBC BZ #17325, GLIBC BZ
#14134)
* Fixed a stack overflow during hosts parsing (CVE-2013-4357)
* Copy filename argument in posix_spawn_file_actions_addopen
(CVE-2014-4043, bsc#882600, BZ #17048)
Security Issues:
* CVE-2014-6040
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040>
* CVE-2012-6656
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656>
* CVE-2013-4357
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357>
Package List:
- SUSE Linux Enterprise Server 10 SP4 LTSS (i586 i686 s390x x86_64):
glibc-2.4-31.115.2
glibc-devel-2.4-31.115.2
- SUSE Linux Enterprise Server 10 SP4 LTSS (i586 s390x x86_64):
glibc-html-2.4-31.115.2
glibc-i18ndata-2.4-31.115.2
glibc-info-2.4-31.115.2
glibc-locale-2.4-31.115.2
glibc-profile-2.4-31.115.2
nscd-2.4-31.115.2
- SUSE Linux Enterprise Server 10 SP4 LTSS (s390x x86_64):
glibc-32bit-2.4-31.115.2
glibc-devel-32bit-2.4-31.115.2
glibc-locale-32bit-2.4-31.115.2
glibc-profile-32bit-2.4-31.115.2
References:
http://support.novell.com/security/cve/CVE-2012-6656.html
http://support.novell.com/security/cve/CVE-2013-4357.html
http://support.novell.com/security/cve/CVE-2014-6040.html
https://bugzilla.suse.com/show_bug.cgi?id=844309
https://bugzilla.suse.com/show_bug.cgi?id=882600
https://bugzilla.suse.com/show_bug.cgi?id=894553
https://bugzilla.suse.com/show_bug.cgi?id=894556
http://download.suse.com/patch/finder/?keywords=1ccbe69cba5cc8835258525263c85657
More information about the sle-security-updates
mailing list