Security update for glibc SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2015:0351-1 Final 1 1 2015-02-24T18:31:35Z current 2015-02-24T18:31:35Z 2015-02-24T18:31:35Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for glibc Glibc was updated to fix several security issues. - Avoid infinite loop in nss_dns getnetbyname (CVE-2014-9402, bsc#910599, BZ #17630) - wordexp fails to honour WRDE_NOCMD (CVE-2014-7817, bsc#906371, BZ #17625) - Fix invalid file descriptor reuse while sending DNS query (CVE-2013-7423, bsc#915526, BZ #15946) - Fix buffer overflow in wscanf (CVE-2015-1472, bsc#916222, BZ #16618) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html E-Mail link for openSUSE-SU-2015:0351-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings glibc-2.18-4.29.1 glibc-32bit-2.18-4.29.1 glibc-devel-2.18-4.29.1 glibc-devel-32bit-2.18-4.29.1 glibc-devel-static-2.18-4.29.1 glibc-devel-static-32bit-2.18-4.29.1 glibc-extra-2.18-4.29.1 glibc-html-2.18-4.29.1 glibc-i18ndata-2.18-4.29.1 glibc-info-2.18-4.29.1 glibc-locale-2.18-4.29.1 glibc-locale-32bit-2.18-4.29.1 glibc-obsolete-2.18-4.29.1 glibc-profile-2.18-4.29.1 glibc-profile-32bit-2.18-4.29.1 glibc-testsuite-2.18-4.29.2 glibc-utils-2.18-4.29.2 glibc-utils-32bit-2.18-4.29.2 nscd-2.18-4.29.1 The send_dg function in resolv/res_send.c in GNU C Library (aka glibc or libc6) before 2.20 does not properly reuse file descriptors, which allows remote attackers to send DNS queries to unintended locations via a large number of requests that trigger a call to the getaddrinfo function. CVE-2013-7423 moderate 2.6 AV:L/AC:H/Au:N/C:P/I:N/A:P Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html https://www.suse.com/security/cve/CVE-2013-7423.html CVE-2013-7423 https://bugzilla.suse.com/915526 SUSE Bug 915526 The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))". CVE-2014-7817 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html https://www.suse.com/security/cve/CVE-2014-7817.html CVE-2014-7817 https://bugzilla.suse.com/906371 SUSE Bug 906371 The nss_dns implementation of getnetbyname in GNU C Library (aka glibc) before 2.21, when the DNS backend in the Name Service Switch configuration is enabled, allows remote attackers to cause a denial of service (infinite loop) by sending a positive answer while a network name is being process. CVE-2014-9402 low Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html https://www.suse.com/security/cve/CVE-2014-9402.html CVE-2014-9402 https://bugzilla.suse.com/910599 SUSE Bug 910599 The ADDW macro in stdio-common/vfscanf.c in the GNU C Library (aka glibc or libc6) before 2.21 does not properly consider data-type size during memory allocation, which allows context-dependent attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long line containing wide characters that are improperly handled in a wscanf call. CVE-2015-1472 moderate Please Install the update. https://lists.opensuse.org/opensuse-updates/2015-02/msg00089.html https://www.suse.com/security/cve/CVE-2015-1472.html CVE-2015-1472 https://bugzilla.suse.com/916222 SUSE Bug 916222 https://bugzilla.suse.com/920341 SUSE Bug 920341 https://bugzilla.suse.com/922243 SUSE Bug 922243