SUSE-SU-2022:2886-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:2886-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2022:2886-1
- Related
- Published
- 2022-08-24T13:04:08Z
- Modified
- 2022-08-24T13:04:08Z
- Summary
- Security update for glibc
- Details
-
This update for glibc fixes the following issues:
Security issues fixed:
- CVE-2015-5180: Fix crash with internal QTYPE in resolv (bsc#941234, BZ #18784)
- CVE-2016-10228: Rewrite iconv option parsing (bsc#1027496, BZ #19519)
- CVE-2019-25013: Fix buffer overrun in EUC-KR conversion module (bsc#1182117, BZ #24973)
- CVE-2020-27618: Accept redundant shift sequences in IBM1364 iconv module (bsc#1178386, BZ #26224)
- CVE-2020-29562: Fix incorrect UCS4 inner loop bounds in iconv (bsc#1179694, BZ #26923)
- CVE-2020-29573: Hardened printf against non-normal long double values (bsc#1179721, BZ #26649)
CVE-2021-3326: Fix assertion failure in ISO-2022-JP-3 gconv module (bsc#1181505, BZ #27256)
Recognize ppc64p7 arch to build for power7
- References
-
- https://www.suse.com/support/update/announcement/2022/suse-su-20222886-1/
- https://bugzilla.suse.com/1027496
- https://bugzilla.suse.com/1178386
- https://bugzilla.suse.com/1179694
- https://bugzilla.suse.com/1179721
- https://bugzilla.suse.com/1181505
- https://bugzilla.suse.com/1182117
- https://bugzilla.suse.com/941234
- https://www.suse.com/security/cve/CVE-2015-5180
- https://www.suse.com/security/cve/CVE-2016-10228
- https://www.suse.com/security/cve/CVE-2019-25013
- https://www.suse.com/security/cve/CVE-2020-27618
- https://www.suse.com/security/cve/CVE-2020-29562
- https://www.suse.com/security/cve/CVE-2020-29573
- https://www.suse.com/security/cve/CVE-2021-3326
Affected packages
SUSE:Linux Enterprise Server 12 SP2-BCL / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.22-126.1
Ecosystem specific
{
"binaries": [
{
"glibc-devel-32bit": "2.22-126.1",
"glibc-html": "2.22-126.1",
"glibc-locale-32bit": "2.22-126.1",
"glibc-info": "2.22-126.1",
"glibc-devel": "2.22-126.1",
"glibc-i18ndata": "2.22-126.1",
"glibc-profile": "2.22-126.1",
"glibc-locale": "2.22-126.1",
"nscd": "2.22-126.1",
"glibc-32bit": "2.22-126.1",
"glibc-profile-32bit": "2.22-126.1",
"glibc": "2.22-126.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP3-BCL / glibc
Package
- Name
- glibc
- Purl
- purl:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.22-126.1
Ecosystem specific
{
"binaries": [
{
"glibc-devel-32bit": "2.22-126.1",
"glibc-html": "2.22-126.1",
"glibc-locale-32bit": "2.22-126.1",
"glibc-info": "2.22-126.1",
"glibc-devel": "2.22-126.1",
"glibc-i18ndata": "2.22-126.1",
"glibc-profile": "2.22-126.1",
"glibc-locale": "2.22-126.1",
"nscd": "2.22-126.1",
"glibc-32bit": "2.22-126.1",
"glibc-profile-32bit": "2.22-126.1",
"glibc": "2.22-126.1"
}
]
}