Description: | Summary: The remote host is missing an update for the 'glibc' package(s) announced via the SUSE-SU-2013:1854-1 advisory.
Vulnerability Insight: This update for glibc contains the following fixes:
* Fix integer overflows in malloc (CVE-2013-4332, bnc#839870) * Fix buffer overflow in glob (bnc#691365) * Fix buffer overflow in strcoll (CVE-2012-4412, bnc#779320) * Update mount flags in (bnc#791928) * Fix buffer overrun in regexp matcher (CVE-2013-0242, bnc#801246) * Fix memory leaks in dlopen (bnc#811979) * Fix stack overflow in getaddrinfo with many results (CVE-2013-1914, bnc#813121) * Fix check for XEN build in glibc_post_upgrade that causes missing init re-exec (bnc#818628) * Don't raise UNDERFLOW in tan/tanf for small but normal argument (bnc#819347) * Properly cross page boundary in SSE4.2 implementation of strcmp (bnc#822210) * Fix robust mutex handling after fork (bnc#827811) * Fix missing character in IBM-943 charset (bnc#828235) * Fix use of alloca in gaih_inet (bnc#828637) * Initialize pointer guard also in static executables (CVE-2013-4788, bnc#830268) * Fix readdir_r with long file names (CVE-2013-4237, bnc#834594). Security Issues: * CVE-2012-4412 > * CVE-2013-0242 > * CVE-2013-1914 > * CVE-2013-4237 > * CVE-2013-4332 > * CVE-2013-4788 >
Affected Software/OS: 'glibc' package(s) on SUSE Linux Enterprise Desktop 11 SP2, SUSE Linux Enterprise Server 11 SP2, SUSE Linux Enterprise Software Development Kit 11 SP2.
Solution: Please install the updated package(s).
CVSS Score: 7.5
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
|