SUSE-SU-2015:0551-1

Source
https://www.suse.com/support/update/announcement/2015/suse-su-20150551-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0551-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:0551-1
Related
Published
2013-09-13T15:23:14Z
Modified
2013-09-13T15:23:14Z
Summary
Security update for glibc
Details

This update for glibc contains the following fixes:

* Fix integer overflows in malloc (CVE-2013-4332, bnc#839870)
* Fix buffer overflow in glob (bnc#691365)
* Fix buffer overflow in strcoll (CVE-2012-4412, bnc#779320)
* Update mount flags in <sys/mount.h> (bnc#791928)
* Fix buffer overrun in regexp matcher (CVE-2013-0242, bnc#801246)
* Fix memory leaks in dlopen (bnc#811979)
* Fix stack overflow in getaddrinfo with many results (CVE-2013-1914,
  bnc#813121)
* Fix check for XEN build in glibc_post_upgrade that causes missing
  init re-exec (bnc#818628)
* Don't raise UNDERFLOW in tan/tanf for small but normal argument
  (bnc#819347)
* Properly cross page boundary in SSE4.2 implementation of strcmp
  (bnc#822210)
* Fix robust mutex handling after fork (bnc#827811)
* Fix missing character in IBM-943 charset (bnc#828235)
* Fix use of alloca in gaih_inet (bnc#828637)
* Initialize pointer guard also in static executables (CVE-2013-4788,
  bnc#830268)
* Fix readdir_r with long file names (CVE-2013-4237, bnc#834594).

Security Issues:

* CVE-2012-4412
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412>
* CVE-2013-0242
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242>
* CVE-2013-1914
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1914>
* CVE-2013-4237
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237>
* CVE-2013-4332
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332>
* CVE-2013-4788
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788>
References

Affected packages