Oval Definition:oval:org.opensuse.security:def:79993
Revision Date:2014-08-29Version:1
Title:Security update for glibc
Description:



This glibc update fixes a critical privilege escalation problem and two non-security issues:

* bnc#892073: An off-by-one error leading to a heap-based buffer overflow was found in __gconv_translit_find(). An exploit that targets the problem is publicly available. (CVE-2014-5119) * bnc#892065: setenv-alloca.patch: Avoid unbound alloca in setenv. * bnc#888347: printf-multibyte-format.patch: Don't parse %s format argument as multi-byte string.

Security Issues:

* CVE-2014-5119

Family:unixClass:patch
Status:Reference(s):888347
892065
892073
CVE-2014-5119
SUSE-SU-2015:0439-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • glibc-2.11.3-17.72.14 is installed
  • OR glibc-32bit-2.11.3-17.72.14 is installed
  • OR glibc-devel-2.11.3-17.72.14 is installed
  • OR glibc-devel-32bit-2.11.3-17.72.14 is installed
  • OR glibc-i18ndata-2.11.3-17.72.14 is installed
  • OR glibc-locale-2.11.3-17.72.14 is installed
  • OR glibc-locale-32bit-2.11.3-17.72.14 is installed
  • OR nscd-2.11.3-17.72.14 is installed
    • BACK