openSUSE Security Update : glibc (openSUSE-2016-1149)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for glibc fixes the following issues :

Security issues fixed :

- arm: mark __startcontext as .cantunwind (CVE-2016-6323,
boo#994359, BZ #20435)

Bugs fixed :

- aarch64: Merge __local_multiple_threads offset with
memory reference

- Fix memory leak in regexp compiler (BZ #17069)

- Provide correct buffer length to netgroup queries in
nscd (BZ #16695)

- Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer
(BZ #16878)

- aarch64: End frame record chain correctly (BZ #17555)

- _IO_wstr_overflow integer overflow (BZ #17269)

- Fix nscd lookup when netgroup has wildcards (BZ #16758,
BZ #16759)

- Avoid overlapping addresses to stpcpy calls in nscd (BZ

- resolv: Always set *resplen2 out parameter in send_dg
(boo#994576, BZ #19791)

- Fix memory handling in strxfrm_l (BZ #16009)

- Harden tls_dtor_list with pointer mangling (BZ #19018)

- open and openat ignore 'mode' with O_TMPFILE in flags
(BZ #17523)

See also :

Solution :

Update the affected glibc packages.

Risk factor :

Medium / CVSS Base Score : 5.0

Family: SuSE Local Security Checks

Nessus Plugin ID: 93852 ()

Bugtraq ID:

CVE ID: CVE-2016-6323

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now