| Description: |
This update for glibc fixes the following issues:
- A privilege escalation bug in the realpath() function has been fixed. [CVE-2018-1000001, bsc#1074293]
- A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. [CVE-2017-1000408, CVE-2017-1000409, bsc#1071319]
- An issue in the code handling RPATHs was fixed that could have been exploited by an attacker to execute code loaded from arbitrary libraries. [CVE-2017-16997, bsc#1073231]
- A potential crash caused by a use-after-free bug in pthread_create() has been fixed. [bsc#1053188]
- A bug that prevented users to build shared objects which use the optimized libmvec.so API has been fixed. [bsc#1070905]
- A memory leak in the glob() function has been fixed. [CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, bsc#1064569, bsc#1064580, bsc#1064583]
- A bug that would lose the syscall error code value in case of crashes has been fixed. [bsc#1063675]
|