Download
| Alert*
oval:org.secpod.oval:def:89044019
This update for glibc fixes the following issues: Security issue fixed: - CVE-2017-15671: Fixed memory leak in glob with GLOB_TILDE . Non-security issue fixed: - Avoid access beyond memory bounds in pthread_attr_getaffinity_np . - Remove improper assert in dlclose . oval:org.secpod.oval:def:2003563 The glob function in glob.c in the GNU C Library before 2.27, when invoked with GLOB_TILDE, could skip freeing allocated memory when processing the ~ operator with a long user name, potentially leading to a denial of service . oval:org.secpod.oval:def:113539 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... oval:org.secpod.oval:def:113932 The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important sets ... oval:org.secpod.oval:def:89002292 This update for glibc fixes the following issues: - A privilege escalation bug in the realpath function has been fixed. [CVE-2018-1000001, bsc#1074293] - A memory leak and a buffer overflow in the dynamic ELF loader has been fixed. [CVE-2017-1000408, CVE-2017-1000409, bsc#1071319] - An issue in the ... |