oval:org.mitre.oval:def:26627
Definition Id: oval:org.mitre.oval:def:26627 | |||
Oval ID: | oval:org.mitre.oval:def:26627 | ||
Title: | SUSE-SU-2014:1122-1 -- Security update for glibc | ||
Description: | This glibc update fixes a critical privilege escalation vulnerability and the following security and non-security issues: * bnc#892073: An off-by-one error leading to a heap-based buffer overflow was found in __gconv_translit_find(). An exploit that targets the problem is publicly available. (CVE-2014-5119) * bnc#886416: Avoid redundant shift character in iconv output at block boundary. * bnc#883022: Initialize errcode in sysdeps/unix/opendir.c. * bnc#882600: Copy filename argument in posix_spawn_file_actions_addopen. (CVE-2014-4043) * bnc#864081: Take lock in pthread_cond_wait cleanup handler only when needed. * bnc#843735: Don't crash on unresolved weak symbol reference. * bnc#839870: Fix integer overflows in malloc. (CVE-2013-4332) * bnc#836746: Avoid race between {,__de}allocate_stack and __reclaim_stacks during fork. * bnc#834594: Fix readdir_r with long file names. (CVE-2013-4237) * bnc#830268: Initialize pointer guard also in static executables. (CVE-2013-4788) * bnc#801246: Fix buffer overrun in regexp matcher. (CVE-2013-0242) * bnc#779320: Fix buffer overflow in strcoll. (CVE-2012-4412) * bnc#750741: Use absolute timeout in x86 pthread_cond_timedwait. Security Issues: * CVE-2014-5119 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119> * CVE-2014-4043 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043> * CVE-2012-4412 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4412> * CVE-2013-0242 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0242> * CVE-2013-4788 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4788> * CVE-2013-4237 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4237> * CVE-2013-4332 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4332> | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:1122-1 CVE-2014-5119 CVE-2014-4043 CVE-2013-4332 CVE-2013-4237 CVE-2013-4788 CVE-2013-0242 CVE-2012-4412 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | glibc |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17270 | |||
Oval ID: | oval:org.mitre.oval:def:17270 | ||
Title: | SUSE Linux Enterprise Server 11.x is installed | ||
Description: | SUSE Linux Enterprise Server 11.x is installed. | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:novell:suse_linux:11::server | Version: | 5 |
Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:26627 |