Security update for glibc

Announcement ID: SUSE-SU-2016:1733-1
Rating: moderate
References:
Cross-References:
CVSS scores:
  • CVE-2016-1234 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2016-3075 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2016-3706 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2016-3706 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2016-4429 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
  • CVE-2016-4429 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:
  • SUSE Linux Enterprise Desktop 12 SP1
  • SUSE Linux Enterprise Server 12 SP1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1
  • SUSE Linux Enterprise Software Development Kit 12 SP1

An update that solves four vulnerabilities and has four security fixes can now be installed.

Description:

This update for glibc provides the following fixes:

  • Increase DTV_SURPLUS limit. (bsc#968787)
  • Do not copy d_name field of struct dirent. (CVE-2016-1234, bsc#969727)
  • Fix memory leak in _nss_dns_gethostbyname4_r. (bsc#973010)
  • Fix stack overflow in _nss_dns_getnetbyname_r. (CVE-2016-3075, bsc#973164)
  • Fix malloc performance regression from SLE 11. (bsc#975930)
  • Fix getaddrinfo stack overflow in hostent conversion. (CVE-2016-3706, bsc#980483)
  • Do not use alloca in clntudp_call. (CVE-2016-4429, bsc#980854)
  • Remove mtrace.1, now included in the man-pages package. (bsc#967190)

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

  • SUSE Linux Enterprise Desktop 12 SP1
    zypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-1021=1
  • SUSE Linux Enterprise Software Development Kit 12 SP1
    zypper in -t patch SUSE-SLE-SDK-12-SP1-2016-1021=1
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1
    zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1021=1
  • SUSE Linux Enterprise Server 12 SP1
    zypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-1021=1

Package List:

  • SUSE Linux Enterprise Desktop 12 SP1 (nosrc x86_64)
    • glibc-2.19-38.2
  • SUSE Linux Enterprise Desktop 12 SP1 (x86_64)
    • nscd-2.19-38.2
    • glibc-debugsource-2.19-38.2
    • glibc-debuginfo-2.19-38.2
    • glibc-devel-2.19-38.2
    • glibc-locale-2.19-38.2
    • glibc-debuginfo-32bit-2.19-38.2
    • glibc-devel-debuginfo-32bit-2.19-38.2
    • glibc-locale-debuginfo-32bit-2.19-38.2
    • glibc-32bit-2.19-38.2
    • glibc-locale-32bit-2.19-38.2
    • glibc-devel-32bit-2.19-38.2
    • nscd-debuginfo-2.19-38.2
    • glibc-locale-debuginfo-2.19-38.2
    • glibc-devel-debuginfo-2.19-38.2
  • SUSE Linux Enterprise Desktop 12 SP1 (noarch)
    • glibc-i18ndata-2.19-38.2
  • SUSE Linux Enterprise Software Development Kit 12 SP1 (ppc64le s390x x86_64)
    • glibc-devel-static-2.19-38.2
    • glibc-debugsource-2.19-38.2
    • glibc-debuginfo-2.19-38.2
  • SUSE Linux Enterprise Software Development Kit 12 SP1 (noarch)
    • glibc-info-2.19-38.2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1 (nosrc ppc64le x86_64)
    • glibc-2.19-38.2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1 (ppc64le x86_64)
    • nscd-2.19-38.2
    • glibc-debugsource-2.19-38.2
    • glibc-debuginfo-2.19-38.2
    • glibc-devel-2.19-38.2
    • glibc-locale-2.19-38.2
    • nscd-debuginfo-2.19-38.2
    • glibc-locale-debuginfo-2.19-38.2
    • glibc-devel-debuginfo-2.19-38.2
    • glibc-profile-2.19-38.2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1 (noarch)
    • glibc-info-2.19-38.2
    • glibc-html-2.19-38.2
    • glibc-i18ndata-2.19-38.2
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1 (x86_64)
    • glibc-debuginfo-32bit-2.19-38.2
    • glibc-devel-debuginfo-32bit-2.19-38.2
    • glibc-locale-debuginfo-32bit-2.19-38.2
    • glibc-locale-32bit-2.19-38.2
    • glibc-32bit-2.19-38.2
    • glibc-devel-32bit-2.19-38.2
    • glibc-profile-32bit-2.19-38.2
  • SUSE Linux Enterprise Server 12 SP1 (nosrc ppc64le s390x x86_64)
    • glibc-2.19-38.2
  • SUSE Linux Enterprise Server 12 SP1 (ppc64le s390x x86_64)
    • nscd-2.19-38.2
    • glibc-debugsource-2.19-38.2
    • glibc-debuginfo-2.19-38.2
    • glibc-devel-2.19-38.2
    • glibc-locale-2.19-38.2
    • nscd-debuginfo-2.19-38.2
    • glibc-locale-debuginfo-2.19-38.2
    • glibc-devel-debuginfo-2.19-38.2
    • glibc-profile-2.19-38.2
  • SUSE Linux Enterprise Server 12 SP1 (noarch)
    • glibc-info-2.19-38.2
    • glibc-html-2.19-38.2
    • glibc-i18ndata-2.19-38.2
  • SUSE Linux Enterprise Server 12 SP1 (s390x x86_64)
    • glibc-debuginfo-32bit-2.19-38.2
    • glibc-devel-debuginfo-32bit-2.19-38.2
    • glibc-locale-debuginfo-32bit-2.19-38.2
    • glibc-locale-32bit-2.19-38.2
    • glibc-32bit-2.19-38.2
    • glibc-devel-32bit-2.19-38.2
    • glibc-profile-32bit-2.19-38.2

References: