This update for glibc provides fixes for security and non-security issues.
These security issues have been fixed:
- CVE-2015-1781: Buffer length after padding in resolv/nss_dns/dns-host.c.
(bsc#927080)
- CVE-2013-2207: pt_chown did not properly check permissions for tty
files, which allowed local users to change the permission on the files
and obtain access to arbitrary pseudo-terminals by leveraging a FUSE
file system. (bsc#830257)
- CVE-2014-8121: DB_LOOKUP in the Name Service Switch (NSS) did not
properly check if a file is open, which allowed remote attackers to
cause a denial of service (infinite loop) by performing a look-up while
the database is iterated over the database, which triggers the file
pointer to be reset. (bsc#918187)
- Fix read past end of pattern in fnmatch. (bsc#920338)
These non-security issues have been fixed:
- Fix locking in _IO_flush_all_lockp() to prevent deadlocks in
applications. (bsc#851280)
- Record TTL also for DNS PTR queries. (bsc#928723)
- Fix invalid free in ld.so. (bsc#932059)
- Make PowerPC64 default to non-executable stack. (bsc#933770)
- Fix floating point exceptions in some circumstances with exp() and
friends. (bsc#933903)
- Fix bad TEXTREL in glibc.i686. (bsc#935286)