SUSE-SU-2015:0253-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0253-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2015:0253-1
Related
Published
2014-08-29T01:15:58Z
Modified
2014-08-29T01:15:58Z
Summary
Security update for glibc
Details

This glibc update fixes a critical privilege escalation problem and two non-security issues:

* bnc#892073: An off-by-one error leading to a heap-based buffer
  overflow was found in __gconv_translit_find(). An exploit that
  targets the problem is publicly available. (CVE-2014-5119)
* bnc#892065: setenv-alloca.patch: Avoid unbound alloca in setenv.
* bnc#888347: printf-multibyte-format.patch: Don't parse %s format
  argument as multi-byte string.

Security Issues:

* CVE-2014-5119
  <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119>
References

Affected packages