Security update for glibc SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:0511-1 Final 1 1 2016-02-19T07:26:18Z current 2016-02-19T07:26:18Z 2016-02-19T07:26:18Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for glibc This update for glibc fixes the following security issues: * fix stack overflow in the glibc libresolv DNS resolver function getaddrinfo(), known as CVE-2015-7547. It is a client side networked/remote vulnerability. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html E-Mail link for openSUSE-SU-2016:0511-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings glibc-2.18-4.41.2 glibc-32bit-2.18-4.41.1 glibc-devel-2.18-4.41.2 glibc-devel-32bit-2.18-4.41.1 glibc-devel-static-2.18-4.41.2 glibc-devel-static-32bit-2.18-4.41.1 glibc-extra-2.18-4.41.2 glibc-html-2.18-4.41.2 glibc-i18ndata-2.18-4.41.2 glibc-info-2.18-4.41.2 glibc-locale-2.18-4.41.2 glibc-locale-32bit-2.18-4.41.1 glibc-obsolete-2.18-4.41.2 glibc-profile-2.18-4.41.2 glibc-profile-32bit-2.18-4.41.1 glibc-testsuite-2.18-4.41.4 glibc-utils-2.18-4.41.4 glibc-utils-32bit-2.18-4.41.4 nscd-2.18-4.41.2 Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. CVE-2015-7547 important Please Install the update. https://lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html https://www.suse.com/security/cve/CVE-2015-7547.html CVE-2015-7547 https://bugzilla.suse.com/1077097 SUSE Bug 1077097 https://bugzilla.suse.com/847227 SUSE Bug 847227 https://bugzilla.suse.com/961721 SUSE Bug 961721 https://bugzilla.suse.com/967023 SUSE Bug 967023 https://bugzilla.suse.com/967061 SUSE Bug 967061 https://bugzilla.suse.com/967072 SUSE Bug 967072 https://bugzilla.suse.com/967496 SUSE Bug 967496 https://bugzilla.suse.com/969216 SUSE Bug 969216 https://bugzilla.suse.com/969241 SUSE Bug 969241 https://bugzilla.suse.com/986086 SUSE Bug 986086