Oval Definition:oval:org.opensuse.security:def:89001
Revision Date:2020-03-31Version:1
Title:Security update for glibc (Important)
Description:

This update for glibc fixes the following issues:

- CVE-2020-1752: Fixed a use after free in glob which could have allowed a local attacker to create a specially crafted path that, when processed by the glob function, could potentially have led to arbitrary code execution (bsc#1167631). - CVE-2020-1751: Fixed an array overflow in backtrace for PowerPC (bsc#1158996). - CVE-2020-10029: Fixed a stack buffer overflow during range reduction (bsc#1165784). - Use 'posix_spawn' on popen preventing crash caused by 'subprocess'. (bsc#1149332, BZ #22834) - Fix handling of needles crossing a page, preventing incorrect results to return during the cross page boundary search. (bsc#1157893, BZ #25226)
Family:unixClass:patch
Status:Reference(s):1149332
1157893
1158996
1165784
1167631
CVE-2020-10029
CVE-2020-1751
CVE-2020-1752
SUSE-SU-2020:0832-1
Platform(s):SUSE Linux Enterprise Server 12 SP4
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • glibc-2.22-100.21.5 is installed
  • OR glibc-32bit-2.22-100.21.5 is installed
  • OR glibc-devel-2.22-100.21.5 is installed
  • OR glibc-devel-32bit-2.22-100.21.5 is installed
  • OR glibc-html-2.22-100.21.5 is installed
  • OR glibc-i18ndata-2.22-100.21.5 is installed
  • OR glibc-info-2.22-100.21.5 is installed
  • OR glibc-locale-2.22-100.21.5 is installed
  • OR glibc-locale-32bit-2.22-100.21.5 is installed
  • OR glibc-profile-2.22-100.21.5 is installed
  • OR glibc-profile-32bit-2.22-100.21.5 is installed
  • OR nscd-2.22-100.21.5 is installed
  • BACK