Security update for glibc
SUSE Patch
security@suse.de
SUSE Security Team
openSUSE-SU-2016:0512-1
Final
1
1
2016-02-19T07:26:18Z
current
2016-02-19T07:26:18Z
2016-02-19T07:26:18Z
cve-database/bin/generate-cvrf.pl
2017-02-24T01:00:00Z
Security update for glibc
This update for glibc fixes the following security issues:
* fix stack overflow in the glibc libresolv DNS resolver function getaddrinfo(), known as CVE-2015-7547. It is a client side networked/remote vulnerability.
The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0)
https://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
E-Mail link for openSUSE-SU-2016:0512-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
glibc-2.18-4.41.2
glibc-32bit-2.18-4.41.1
glibc-devel-2.18-4.41.2
glibc-devel-32bit-2.18-4.41.1
glibc-devel-static-2.18-4.41.2
glibc-devel-static-32bit-2.18-4.41.1
glibc-extra-2.18-4.41.2
glibc-html-2.18-4.41.2
glibc-i18ndata-2.18-4.41.2
glibc-info-2.18-4.41.2
glibc-locale-2.18-4.41.2
glibc-locale-32bit-2.18-4.41.1
glibc-obsolete-2.18-4.41.2
glibc-profile-2.18-4.41.2
glibc-profile-32bit-2.18-4.41.1
glibc-testsuite-2.18-4.41.4
glibc-utils-2.18-4.41.4
glibc-utils-32bit-2.18-4.41.4
nscd-2.18-4.41.2
Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module.
CVE-2015-7547
important
Please Install the update.
https://lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
https://www.suse.com/security/cve/CVE-2015-7547.html
CVE-2015-7547
https://bugzilla.suse.com/1077097
SUSE Bug 1077097
https://bugzilla.suse.com/847227
SUSE Bug 847227
https://bugzilla.suse.com/961721
SUSE Bug 961721
https://bugzilla.suse.com/967023
SUSE Bug 967023
https://bugzilla.suse.com/967061
SUSE Bug 967061
https://bugzilla.suse.com/967072
SUSE Bug 967072
https://bugzilla.suse.com/967496
SUSE Bug 967496
https://bugzilla.suse.com/969216
SUSE Bug 969216
https://bugzilla.suse.com/969241
SUSE Bug 969241
https://bugzilla.suse.com/986086
SUSE Bug 986086