Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: 2019:1877-1 Moderate: glibc Denial Of Service And Buffer Issue

suse
Calendar Grey July 18, 2019
Dist Suse Esm H88
The recent glibc patch fixes two vulnerabilities found in SUSE software environments. For more on the applied corrections and installation steps, see the details
An update that solves two vulnerabilities and has three fixes is now available

Summary

This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match (bsc#1127308). - CVE-2009-5155: Fixed a denial of service in parse_reg_exp() (bsc#1127223). Non-security issues fixed: - Does no longer compress debug sections in crt*.o files (bsc#1123710) - Fixes a concurrency problem in ldconfig (bsc#1117993) - Fixes a race condition in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP (bsc#1131330) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product:

Topics%20covered

Topics Covered

security advisory moderate glibc Denial of Service SUSE buffer over-read

References

#1117993 #1123710 #1127223 #1127308 #1131330

Cross- CVE-2009-5155 CVE-2019-9169

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Development Tools 15-SP1

SUSE Linux Enterprise Module for Development Tools 15

SUSE Linux Enterprise Module for Basesystem 15-SP1

SUSE Linux Enterprise Module for Basesystem 15

https://www.suse.com/security/cve/CVE-2009-5155.html

https://www.suse.com/security/cve/CVE-2019-9169.html

https://bugzilla.suse.com/1117993

https://bugzilla.suse.com/1123710

https://bugzilla.suse.com/1127223

https://bugzilla.suse.com/1127308

https://bugzilla.suse.com/1131330

Announcement ID: SUSE-SU-2019:1877-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate glibc Denial of Service SUSE buffer over-read

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here