Security update for glibc

Announcement ID:	SUSE-SU-2016:0472-1
Rating:	important
References:	bsc#930721 bsc#942317 bsc#950944 bsc#956988 bsc#961721 bsc#962736 bsc#962737 bsc#962738 bsc#962739
Cross-References:	CVE-2014-9761 CVE-2015-7547 CVE-2015-8776 CVE-2015-8777 CVE-2015-8778 CVE-2015-8779
CVSS scores:	CVE-2014-9761 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2015-7547 ( NVD ): 8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products:	SLES for SAP Applications 11-SP3 SLES for SAP Applications 11-SP4 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3 for VMware 11-SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4

An update that solves six vulnerabilities and has three security fixes can now be installed.

Description:

This update for glibc fixes the following issues:

• CVE-2015-7547: A stack-based buffer overflow in getaddrinfo allowed remote attackers to cause a crash or execute arbitrary code via crafted and timed DNS responses (bsc#961721)
• CVE-2015-8777: Insufficient checking of LD_POINTER_GUARD environment variable allowed local attackers to bypass the pointer guarding protection of the dynamic loader on set-user-ID and set-group-ID programs (bsc#950944)
• CVE-2015-8776: Out-of-range time values passed to the strftime function may cause it to crash, leading to a denial of service, or potentially disclosure information (bsc#962736)
• CVE-2015-8778: Integer overflow in hcreate and hcreate_r could have caused an out-of-bound memory access. leading to application crashes or, potentially, arbitrary code execution (bsc#962737)
• CVE-2014-9761: A stack overflow (unbounded alloca) could have caused applications which process long strings with the nan function to crash or, potentially, execute arbitrary code. (bsc#962738)
• CVE-2015-8779: A stack overflow (unbounded alloca) in the catopen function could have caused applications which pass long strings to the catopen function to crash or, potentially execute arbitrary code. (bsc#962739)

The following non-security bugs were fixed:

• bsc#930721: Accept leading and trailing spaces in getdate input string
• bsc#942317: Recognize power8 platform
• bsc#950944: Always enable pointer guard
• bsc#956988: Fix deadlock in __dl_iterate_phdr

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Desktop 11 SP3
  zypper in -t patch sledsp3-glibc-12406=1
• SUSE Linux Enterprise Desktop 11 SP4
  zypper in -t patch sledsp4-glibc-12406=1
• SUSE Linux Enterprise Server 11 SP3 for VMware 11-SP3
  zypper in -t patch slessp3-glibc-12406=1
• SUSE Linux Enterprise Server 11 SP3
  zypper in -t patch slessp3-glibc-12406=1
• SLES for SAP Applications 11-SP3
  zypper in -t patch slessp3-glibc-12406=1
• SUSE Linux Enterprise Software Development Kit 11 SP3
  zypper in -t patch sdksp3-glibc-12406=1
• SUSE Linux Enterprise Software Development Kit 11 SP4
  zypper in -t patch sdksp4-glibc-12406=1
• SUSE Linux Enterprise Server 11 SP4
  zypper in -t patch slessp4-glibc-12406=1
• SLES for SAP Applications 11-SP4
  zypper in -t patch slessp4-glibc-12406=1

Package List:

• SUSE Linux Enterprise Desktop 11 SP3 (nosrc x86_64 i686 i586)
  • glibc-2.11.3-17.95.2
• SUSE Linux Enterprise Desktop 11 SP3 (x86_64 i686 i586)
  • glibc-devel-2.11.3-17.95.2
• SUSE Linux Enterprise Desktop 11 SP3 (x86_64 i586)
  • nscd-2.11.3-17.95.2
  • glibc-i18ndata-2.11.3-17.95.2
  • glibc-locale-2.11.3-17.95.2
• SUSE Linux Enterprise Desktop 11 SP3 (x86_64)
  • glibc-32bit-2.11.3-17.95.2
  • glibc-devel-32bit-2.11.3-17.95.2
  • glibc-locale-32bit-2.11.3-17.95.2
• SUSE Linux Enterprise Desktop 11 SP4 (nosrc x86_64 i686 i586)
  • glibc-2.11.3-17.95.2
• SUSE Linux Enterprise Desktop 11 SP4 (x86_64 i686 i586)
  • glibc-devel-2.11.3-17.95.2
• SUSE Linux Enterprise Desktop 11 SP4 (x86_64 i586)
  • nscd-2.11.3-17.95.2
  • glibc-i18ndata-2.11.3-17.95.2
  • glibc-locale-2.11.3-17.95.2
• SUSE Linux Enterprise Desktop 11 SP4 (x86_64)
  • glibc-32bit-2.11.3-17.95.2
  • glibc-devel-32bit-2.11.3-17.95.2
  • glibc-locale-32bit-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP3 for VMware 11-SP3 (x86_64 i586)
  • glibc-profile-2.11.3-17.95.2
  • glibc-i18ndata-2.11.3-17.95.2
  • glibc-2.11.3-17.95.2
  • glibc-devel-2.11.3-17.95.2
  • glibc-html-2.11.3-17.95.2
  • glibc-info-2.11.3-17.95.2
  • nscd-2.11.3-17.95.2
  • glibc-locale-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP3 for VMware 11-SP3 (x86_64)
  • glibc-32bit-2.11.3-17.95.2
  • glibc-devel-32bit-2.11.3-17.95.2
  • glibc-profile-32bit-2.11.3-17.95.2
  • glibc-locale-32bit-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP3 (s390x x86_64 i586 ppc64 ia64 i686 nosrc)
  • glibc-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP3 (s390x x86_64 i586 ppc64 ia64 i686)
  • glibc-devel-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP3 (s390x x86_64 i586 ppc64 ia64)
  • glibc-profile-2.11.3-17.95.2
  • glibc-i18ndata-2.11.3-17.95.2
  • glibc-html-2.11.3-17.95.2
  • glibc-info-2.11.3-17.95.2
  • nscd-2.11.3-17.95.2
  • glibc-locale-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP3 (ia64)
  • glibc-profile-x86-2.11.3-17.95.2
  • glibc-locale-x86-2.11.3-17.95.2
  • glibc-x86-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP3 (ppc64 s390x x86_64)
  • glibc-32bit-2.11.3-17.95.2
  • glibc-devel-32bit-2.11.3-17.95.2
  • glibc-profile-32bit-2.11.3-17.95.2
  • glibc-locale-32bit-2.11.3-17.95.2
• SLES for SAP Applications 11-SP3 (x86_64)
  • glibc-devel-32bit-2.11.3-17.95.2
  • glibc-profile-2.11.3-17.95.2
  • glibc-i18ndata-2.11.3-17.95.2
  • glibc-locale-32bit-2.11.3-17.95.2
  • glibc-devel-2.11.3-17.95.2
  • glibc-html-2.11.3-17.95.2
  • glibc-info-2.11.3-17.95.2
  • glibc-32bit-2.11.3-17.95.2
  • glibc-2.11.3-17.95.2
  • nscd-2.11.3-17.95.2
  • glibc-profile-32bit-2.11.3-17.95.2
  • glibc-locale-2.11.3-17.95.2
• SUSE Linux Enterprise Software Development Kit 11 SP3 (x86_64 i586)
  • glibc-info-2.11.3-17.95.2
  • glibc-html-2.11.3-17.95.2
• SUSE Linux Enterprise Software Development Kit 11 SP4 (x86_64 i586)
  • glibc-info-2.11.3-17.95.2
  • glibc-html-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP4 (s390x x86_64 i586 ppc64 ia64 i686 nosrc)
  • glibc-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP4 (s390x x86_64 i586 ppc64 ia64 i686)
  • glibc-devel-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP4 (s390x x86_64 i586 ppc64 ia64)
  • glibc-profile-2.11.3-17.95.2
  • glibc-i18ndata-2.11.3-17.95.2
  • glibc-html-2.11.3-17.95.2
  • glibc-info-2.11.3-17.95.2
  • nscd-2.11.3-17.95.2
  • glibc-locale-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP4 (ia64)
  • glibc-profile-x86-2.11.3-17.95.2
  • glibc-locale-x86-2.11.3-17.95.2
  • glibc-x86-2.11.3-17.95.2
• SUSE Linux Enterprise Server 11 SP4 (ppc64 s390x x86_64)
  • glibc-32bit-2.11.3-17.95.2
  • glibc-devel-32bit-2.11.3-17.95.2
  • glibc-profile-32bit-2.11.3-17.95.2
  • glibc-locale-32bit-2.11.3-17.95.2
• SLES for SAP Applications 11-SP4 (ppc64 nosrc x86_64)
  • glibc-2.11.3-17.95.2
• SLES for SAP Applications 11-SP4 (ppc64 x86_64)
  • glibc-devel-32bit-2.11.3-17.95.2
  • glibc-profile-2.11.3-17.95.2
  • glibc-i18ndata-2.11.3-17.95.2
  • glibc-locale-32bit-2.11.3-17.95.2
  • glibc-devel-2.11.3-17.95.2
  • glibc-html-2.11.3-17.95.2
  • glibc-32bit-2.11.3-17.95.2
  • glibc-info-2.11.3-17.95.2
  • nscd-2.11.3-17.95.2
  • glibc-profile-32bit-2.11.3-17.95.2
  • glibc-locale-2.11.3-17.95.2

References:

• https://www.suse.com/security/cve/CVE-2014-9761.html
• https://www.suse.com/security/cve/CVE-2015-7547.html
• https://www.suse.com/security/cve/CVE-2015-8776.html
• https://www.suse.com/security/cve/CVE-2015-8777.html
• https://www.suse.com/security/cve/CVE-2015-8778.html
• https://www.suse.com/security/cve/CVE-2015-8779.html
• https://bugzilla.suse.com/show_bug.cgi?id=930721
• https://bugzilla.suse.com/show_bug.cgi?id=942317
• https://bugzilla.suse.com/show_bug.cgi?id=950944
• https://bugzilla.suse.com/show_bug.cgi?id=956988
• https://bugzilla.suse.com/show_bug.cgi?id=961721
• https://bugzilla.suse.com/show_bug.cgi?id=962736
• https://bugzilla.suse.com/show_bug.cgi?id=962737
• https://bugzilla.suse.com/show_bug.cgi?id=962738
• https://bugzilla.suse.com/show_bug.cgi?id=962739