SUSE-SU-2015:0439-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0439-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2015:0439-1
- Related
- Published
- 2014-08-29T01:15:58Z
- Modified
- 2014-08-29T01:15:58Z
- Summary
- Security update for glibc
- Details
-
This glibc update fixes a critical privilege escalation problem and two non-security issues:
* bnc#892073: An off-by-one error leading to a heap-based buffer overflow was found in __gconv_translit_find(). An exploit that targets the problem is publicly available. (CVE-2014-5119) * bnc#892065: setenv-alloca.patch: Avoid unbound alloca in setenv. * bnc#888347: printf-multibyte-format.patch: Don't parse %s format argument as multi-byte string.Security Issues:
* CVE-2014-5119 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119> - References
-
- https://www.suse.com/support/update/announcement/2015/suse-su-20150439-1/
- https://bugzilla.suse.com/691365
- https://bugzilla.suse.com/779320
- https://bugzilla.suse.com/791928
- https://bugzilla.suse.com/801246
- https://bugzilla.suse.com/811979
- https://bugzilla.suse.com/813121
- https://bugzilla.suse.com/819347
- https://bugzilla.suse.com/822210
- https://bugzilla.suse.com/827811
- https://bugzilla.suse.com/828235
- https://bugzilla.suse.com/828637
- https://bugzilla.suse.com/830268
- https://bugzilla.suse.com/834594
- https://bugzilla.suse.com/836746
- https://bugzilla.suse.com/839870
- https://bugzilla.suse.com/844309
- https://bugzilla.suse.com/847227
- https://bugzilla.suse.com/854445
- https://bugzilla.suse.com/863499
- https://bugzilla.suse.com/864081
- https://bugzilla.suse.com/872832
- https://bugzilla.suse.com/882028
- https://bugzilla.suse.com/882600
- https://bugzilla.suse.com/883217
- https://bugzilla.suse.com/886416
- https://bugzilla.suse.com/887022
- https://bugzilla.suse.com/888347
- https://bugzilla.suse.com/891843
- https://bugzilla.suse.com/892065
- https://bugzilla.suse.com/892073
- https://bugzilla.suse.com/894553
- https://bugzilla.suse.com/894556
- https://bugzilla.suse.com/903288
- https://bugzilla.suse.com/904461
- https://bugzilla.suse.com/906371
- https://bugzilla.suse.com/909053
- https://bugzilla.suse.com/913646
- https://bugzilla.suse.com/915526
- https://bugzilla.suse.com/916222
- https://bugzilla.suse.com/917072
- https://bugzilla.suse.com/919678
- https://www.suse.com/security/cve/CVE-2012-4412
- https://www.suse.com/security/cve/CVE-2012-6656
- https://www.suse.com/security/cve/CVE-2013-0242
- https://www.suse.com/security/cve/CVE-2013-1914
- https://www.suse.com/security/cve/CVE-2013-4237
- https://www.suse.com/security/cve/CVE-2013-4332
- https://www.suse.com/security/cve/CVE-2013-4357
- https://www.suse.com/security/cve/CVE-2013-4458
- https://www.suse.com/security/cve/CVE-2013-4788
- https://www.suse.com/security/cve/CVE-2013-7423
- https://www.suse.com/security/cve/CVE-2014-0475
- https://www.suse.com/security/cve/CVE-2014-4043
- https://www.suse.com/security/cve/CVE-2014-5119
- https://www.suse.com/security/cve/CVE-2014-6040
- https://www.suse.com/security/cve/CVE-2014-7817
- https://www.suse.com/security/cve/CVE-2014-9402
- https://www.suse.com/security/cve/CVE-2015-0235
- https://www.suse.com/security/cve/CVE-2015-1472