SUSE-SU-2015:1424-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:1424-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2015:1424-1
- Related
- Published
- 2015-07-31T18:02:04Z
- Modified
- 2015-07-31T18:02:04Z
- Summary
- Security update for glibc
- Details
-
This update for glibc provides fixes for security and non-security issues.
These security issues have been fixed:
- CVE-2015-1781: Buffer length after padding in resolv/nss_dns/dns-host.c. (bsc#927080)
- CVE-2013-2207: pt_chown did not properly check permissions for tty files, which allowed local users to change the permission on the files and obtain access to arbitrary pseudo-terminals by leveraging a FUSE file system. (bsc#830257)
- CVE-2014-8121: DB_LOOKUP in the Name Service Switch (NSS) did not properly check if a file is open, which allowed remote attackers to cause a denial of service (infinite loop) by performing a look-up while the database is iterated over the database, which triggers the file pointer to be reset. (bsc#918187)
- Fix read past end of pattern in fnmatch. (bsc#920338)
These non-security issues have been fixed:
- Fix locking in IOflushalllockp() to prevent deadlocks in applications. (bsc#851280)
- Record TTL also for DNS PTR queries. (bsc#928723)
- Fix invalid free in ld.so. (bsc#932059)
- Make PowerPC64 default to non-executable stack. (bsc#933770)
- Fix floating point exceptions in some circumstances with exp() and friends. (bsc#933903)
- Fix bad TEXTREL in glibc.i686. (bsc#935286)
- References
-
- https://www.suse.com/support/update/announcement/2015/suse-su-20151424-1/
- https://bugzilla.suse.com/830257
- https://bugzilla.suse.com/851280
- https://bugzilla.suse.com/918187
- https://bugzilla.suse.com/920338
- https://bugzilla.suse.com/927080
- https://bugzilla.suse.com/928723
- https://bugzilla.suse.com/932059
- https://bugzilla.suse.com/933770
- https://bugzilla.suse.com/933903
- https://bugzilla.suse.com/935286
- https://www.suse.com/security/cve/CVE-2013-2207
- https://www.suse.com/security/cve/CVE-2014-8121
- https://www.suse.com/security/cve/CVE-2015-1781
Affected packages
SUSE:Linux Enterprise Software Development Kit 11 SP3 / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3
SUSE:Linux Enterprise Software Development Kit 11 SP4 / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4
SUSE:Linux Enterprise Desktop 11 SP3 / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.11.3-17.87.3
Ecosystem specific
{
"binaries": [
{
"glibc-locale-32bit": "2.11.3-17.87.3",
"glibc-devel": "2.11.3-17.87.3",
"glibc-i18ndata": "2.11.3-17.87.3",
"nscd": "2.11.3-17.87.3",
"glibc-locale": "2.11.3-17.87.3",
"glibc-32bit": "2.11.3-17.87.3",
"glibc-devel-32bit": "2.11.3-17.87.3",
"glibc": "2.11.3-17.87.3"
}
]
}
SUSE:Linux Enterprise Desktop 11 SP4 / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.11.3-17.87.3
Ecosystem specific
{
"binaries": [
{
"glibc-locale-32bit": "2.11.3-17.87.3",
"glibc-devel": "2.11.3-17.87.3",
"glibc-i18ndata": "2.11.3-17.87.3",
"nscd": "2.11.3-17.87.3",
"glibc-locale": "2.11.3-17.87.3",
"glibc-32bit": "2.11.3-17.87.3",
"glibc-devel-32bit": "2.11.3-17.87.3",
"glibc": "2.11.3-17.87.3"
}
]
}
SUSE:Linux Enterprise Server 11 SP3 / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.11.3-17.87.3
Ecosystem specific
{
"binaries": [
{
"glibc-profile-x86": "2.11.3-17.87.3",
"glibc-info": "2.11.3-17.87.3",
"glibc-i18ndata": "2.11.3-17.87.3",
"glibc-locale": "2.11.3-17.87.3",
"glibc-32bit": "2.11.3-17.87.3",
"glibc-devel-32bit": "2.11.3-17.87.3",
"glibc": "2.11.3-17.87.3",
"glibc-x86": "2.11.3-17.87.3",
"glibc-locale-32bit": "2.11.3-17.87.3",
"glibc-devel": "2.11.3-17.87.3",
"glibc-profile": "2.11.3-17.87.3",
"nscd": "2.11.3-17.87.3",
"glibc-locale-x86": "2.11.3-17.87.3",
"glibc-html": "2.11.3-17.87.3",
"glibc-profile-32bit": "2.11.3-17.87.3"
}
]
}
SUSE:Linux Enterprise Server 11 SP3-TERADATA / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.11.3-17.87.3
Ecosystem specific
{
"binaries": [
{
"glibc-profile-x86": "2.11.3-17.87.3",
"glibc-info": "2.11.3-17.87.3",
"glibc-i18ndata": "2.11.3-17.87.3",
"glibc-locale": "2.11.3-17.87.3",
"glibc-32bit": "2.11.3-17.87.3",
"glibc-devel-32bit": "2.11.3-17.87.3",
"glibc": "2.11.3-17.87.3",
"glibc-x86": "2.11.3-17.87.3",
"glibc-locale-32bit": "2.11.3-17.87.3",
"glibc-devel": "2.11.3-17.87.3",
"glibc-profile": "2.11.3-17.87.3",
"nscd": "2.11.3-17.87.3",
"glibc-locale-x86": "2.11.3-17.87.3",
"glibc-html": "2.11.3-17.87.3",
"glibc-profile-32bit": "2.11.3-17.87.3"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 11 SP3 / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.11.3-17.87.3
Ecosystem specific
{
"binaries": [
{
"glibc-profile-x86": "2.11.3-17.87.3",
"glibc-info": "2.11.3-17.87.3",
"glibc-i18ndata": "2.11.3-17.87.3",
"glibc-locale": "2.11.3-17.87.3",
"glibc-32bit": "2.11.3-17.87.3",
"glibc-devel-32bit": "2.11.3-17.87.3",
"glibc": "2.11.3-17.87.3",
"glibc-x86": "2.11.3-17.87.3",
"glibc-locale-32bit": "2.11.3-17.87.3",
"glibc-devel": "2.11.3-17.87.3",
"glibc-profile": "2.11.3-17.87.3",
"nscd": "2.11.3-17.87.3",
"glibc-locale-x86": "2.11.3-17.87.3",
"glibc-html": "2.11.3-17.87.3",
"glibc-profile-32bit": "2.11.3-17.87.3"
}
]
}
SUSE:Linux Enterprise Server 11 SP4 / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.11.3-17.87.3
Ecosystem specific
{
"binaries": [
{
"glibc-profile-x86": "2.11.3-17.87.3",
"glibc-info": "2.11.3-17.87.3",
"glibc-i18ndata": "2.11.3-17.87.3",
"glibc-locale": "2.11.3-17.87.3",
"glibc-32bit": "2.11.3-17.87.3",
"glibc-devel-32bit": "2.11.3-17.87.3",
"glibc": "2.11.3-17.87.3",
"glibc-x86": "2.11.3-17.87.3",
"glibc-locale-32bit": "2.11.3-17.87.3",
"glibc-devel": "2.11.3-17.87.3",
"glibc-profile": "2.11.3-17.87.3",
"nscd": "2.11.3-17.87.3",
"glibc-locale-x86": "2.11.3-17.87.3",
"glibc-html": "2.11.3-17.87.3",
"glibc-profile-32bit": "2.11.3-17.87.3"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 11 SP4 / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.11.3-17.87.3
Ecosystem specific
{
"binaries": [
{
"glibc-profile-x86": "2.11.3-17.87.3",
"glibc-info": "2.11.3-17.87.3",
"glibc-i18ndata": "2.11.3-17.87.3",
"glibc-locale": "2.11.3-17.87.3",
"glibc-32bit": "2.11.3-17.87.3",
"glibc-devel-32bit": "2.11.3-17.87.3",
"glibc": "2.11.3-17.87.3",
"glibc-x86": "2.11.3-17.87.3",
"glibc-locale-32bit": "2.11.3-17.87.3",
"glibc-devel": "2.11.3-17.87.3",
"glibc-profile": "2.11.3-17.87.3",
"nscd": "2.11.3-17.87.3",
"glibc-locale-x86": "2.11.3-17.87.3",
"glibc-html": "2.11.3-17.87.3",
"glibc-profile-32bit": "2.11.3-17.87.3"
}
]
}