glibc-2.39-5.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:13877 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z glibc-2.39-5.1 on GA media These are all security issues fixed in the glibc-2.39-5.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-13877 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:13877 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-2961/ SUSE CVE CVE-2024-2961 page openSUSE Tumbleweed glibc-2.39-5.1 glibc-devel-2.39-5.1 glibc-devel-static-2.39-5.1 glibc-extra-2.39-5.1 glibc-html-2.39-5.1 glibc-i18ndata-2.39-5.1 glibc-info-2.39-5.1 glibc-lang-2.39-5.1 glibc-locale-2.39-5.1 glibc-locale-base-2.39-5.1 glibc-profile-2.39-5.1 libnsl1-2.39-5.1 nscd-2.39-5.1 glibc-2.39-5.1 as a component of openSUSE Tumbleweed glibc-devel-2.39-5.1 as a component of openSUSE Tumbleweed glibc-devel-static-2.39-5.1 as a component of openSUSE Tumbleweed glibc-extra-2.39-5.1 as a component of openSUSE Tumbleweed glibc-html-2.39-5.1 as a component of openSUSE Tumbleweed glibc-i18ndata-2.39-5.1 as a component of openSUSE Tumbleweed glibc-info-2.39-5.1 as a component of openSUSE Tumbleweed glibc-lang-2.39-5.1 as a component of openSUSE Tumbleweed glibc-locale-2.39-5.1 as a component of openSUSE Tumbleweed glibc-locale-base-2.39-5.1 as a component of openSUSE Tumbleweed glibc-profile-2.39-5.1 as a component of openSUSE Tumbleweed libnsl1-2.39-5.1 as a component of openSUSE Tumbleweed nscd-2.39-5.1 as a component of openSUSE Tumbleweed The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable. CVE-2024-2961 openSUSE Tumbleweed:glibc-2.39-5.1 openSUSE Tumbleweed:glibc-devel-2.39-5.1 openSUSE Tumbleweed:glibc-devel-static-2.39-5.1 openSUSE Tumbleweed:glibc-extra-2.39-5.1 openSUSE Tumbleweed:glibc-html-2.39-5.1 openSUSE Tumbleweed:glibc-i18ndata-2.39-5.1 openSUSE Tumbleweed:glibc-info-2.39-5.1 openSUSE Tumbleweed:glibc-lang-2.39-5.1 openSUSE Tumbleweed:glibc-locale-2.39-5.1 openSUSE Tumbleweed:glibc-locale-base-2.39-5.1 openSUSE Tumbleweed:glibc-profile-2.39-5.1 openSUSE Tumbleweed:libnsl1-2.39-5.1 openSUSE Tumbleweed:nscd-2.39-5.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2024-2961.html CVE-2024-2961 https://bugzilla.suse.com/1222992 SUSE Bug 1222992 https://bugzilla.suse.com/1223019 SUSE Bug 1223019