This update for glibc contains the following fixes:
* Fix integer overflows in malloc (CVE-2013-4332, bnc#839870)
* Fix buffer overflow in glob (bnc#691365)
* Fix buffer overflow in strcoll (CVE-2012-4412, bnc#779320)
* Update mount flags in <sys/mount.h> (bnc#791928)
* Fix buffer overrun in regexp matcher (CVE-2013-0242, bnc#801246)
* Fix memory leaks in dlopen (bnc#811979)
* Fix stack overflow in getaddrinfo with many results (CVE-2013-1914,
bnc#813121)
* Fix check for XEN build in glibc_post_upgrade that causes missing
init re-exec (bnc#818628)
* Don't raise UNDERFLOW in tan/tanf for small but normal argument
(bnc#819347)
* Properly cross page boundary in SSE4.2 implementation of strcmp
(bnc#822210)
* Fix robust mutex handling after fork (bnc#827811)
* Fix missing character in IBM-943 charset (bnc#828235)
* Fix use of alloca in gaih_inet (bnc#828637)
* Initialize pointer guard also in static executables (CVE-2013-4788,
bnc#830268)
* Fix readdir_r with long file names (CVE-2013-4237, bnc#834594).
Security Issues:
* CVE-2012-4412
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412>
* CVE-2013-0242
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242>
* CVE-2013-1914
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1914>
* CVE-2013-4237
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237>
* CVE-2013-4332
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332>
* CVE-2013-4788
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788>