{"affected":[],"aliases":[],"details":"\nThis glibc update fixes a critical privilege escalation problem and two \nnon-security issues:\n\n    * bnc#892073: An off-by-one error leading to a heap-based buffer\n      overflow was found in __gconv_translit_find(). An exploit that\n      targets the problem is publicly available. (CVE-2014-5119)\n    * bnc#892065: setenv-alloca.patch: Avoid unbound alloca in setenv.\n    * bnc#888347: printf-multibyte-format.patch: Don't parse %s format\n      argument as multi-byte string.\n\nSecurity Issues:\n\n    * CVE-2014-5119\n      <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119>\n\n","id":"SUSE-RU-2015:0794-1","modified":"2014-08-29T01:15:58Z","published":"2014-08-29T01:15:58Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement//suse-ru-20150794-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/691365"},{"type":"REPORT","url":"https://bugzilla.suse.com/779320"},{"type":"REPORT","url":"https://bugzilla.suse.com/791928"},{"type":"REPORT","url":"https://bugzilla.suse.com/801246"},{"type":"REPORT","url":"https://bugzilla.suse.com/811979"},{"type":"REPORT","url":"https://bugzilla.suse.com/813121"},{"type":"REPORT","url":"https://bugzilla.suse.com/819347"},{"type":"REPORT","url":"https://bugzilla.suse.com/822210"},{"type":"REPORT","url":"https://bugzilla.suse.com/827811"},{"type":"REPORT","url":"https://bugzilla.suse.com/828235"},{"type":"REPORT","url":"https://bugzilla.suse.com/828637"},{"type":"REPORT","url":"https://bugzilla.suse.com/830268"},{"type":"REPORT","url":"https://bugzilla.suse.com/834594"},{"type":"REPORT","url":"https://bugzilla.suse.com/836746"},{"type":"REPORT","url":"https://bugzilla.suse.com/839870"},{"type":"REPORT","url":"https://bugzilla.suse.com/844309"},{"type":"REPORT","url":"https://bugzilla.suse.com/847227"},{"type":"REPORT","url":"https://bugzilla.suse.com/854445"},{"type":"REPORT","url":"https://bugzilla.suse.com/863499"},{"type":"REPORT","url":"https://bugzilla.suse.com/864081"},{"type":"REPORT","url":"https://bugzilla.suse.com/872832"},{"type":"REPORT","url":"https://bugzilla.suse.com/882028"},{"type":"REPORT","url":"https://bugzilla.suse.com/882600"},{"type":"REPORT","url":"https://bugzilla.suse.com/883217"},{"type":"REPORT","url":"https://bugzilla.suse.com/886416"},{"type":"REPORT","url":"https://bugzilla.suse.com/887022"},{"type":"REPORT","url":"https://bugzilla.suse.com/888347"},{"type":"REPORT","url":"https://bugzilla.suse.com/891843"},{"type":"REPORT","url":"https://bugzilla.suse.com/892065"},{"type":"REPORT","url":"https://bugzilla.suse.com/892073"},{"type":"REPORT","url":"https://bugzilla.suse.com/894553"},{"type":"REPORT","url":"https://bugzilla.suse.com/894556"},{"type":"REPORT","url":"https://bugzilla.suse.com/903288"},{"type":"REPORT","url":"https://bugzilla.suse.com/904461"},{"type":"REPORT","url":"https://bugzilla.suse.com/906371"},{"type":"REPORT","url":"https://bugzilla.suse.com/909053"},{"type":"REPORT","url":"https://bugzilla.suse.com/913646"},{"type":"REPORT","url":"https://bugzilla.suse.com/915526"},{"type":"REPORT","url":"https://bugzilla.suse.com/916222"},{"type":"REPORT","url":"https://bugzilla.suse.com/917072"},{"type":"REPORT","url":"https://bugzilla.suse.com/919678"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2012-4412"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2012-6656"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-0242"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1914"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-4237"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-4332"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-4357"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-4458"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-4788"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-7423"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-0475"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-4043"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-5119"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-6040"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-7817"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-9402"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0235"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1472"}],"related":["CVE-2012-4412","CVE-2012-6656","CVE-2013-0242","CVE-2013-1914","CVE-2013-4237","CVE-2013-4332","CVE-2013-4357","CVE-2013-4458","CVE-2013-4788","CVE-2013-7423","CVE-2014-0475","CVE-2014-4043","CVE-2014-5119","CVE-2014-6040","CVE-2014-7817","CVE-2014-9402","CVE-2015-0235","CVE-2015-1472"],"summary":"Security update for glibc","upstream":["CVE-2012-4412","CVE-2012-6656","CVE-2013-0242","CVE-2013-1914","CVE-2013-4237","CVE-2013-4332","CVE-2013-4357","CVE-2013-4458","CVE-2013-4788","CVE-2013-7423","CVE-2014-0475","CVE-2014-4043","CVE-2014-5119","CVE-2014-6040","CVE-2014-7817","CVE-2014-9402","CVE-2015-0235","CVE-2015-1472"]}