| Errata ID | 297 |
|---|---|
| Date | 2015-09-02 |
| Source package | eglibc |
| Fixed in version | 2.13-38.25.201508281630 |
| Description | Multiple security vulnerabilities have been fixed in eglibc: * Buffer overflow in swscanf() (CVE-2015-1472, CVE-2015-1473) * Incorrect memory management using alloca() (CVE-2012-3406) * posix_spawn_file_actions_addopen() fails to copy the path argument (CVE-2014-4043) * Denial of service through infinite loop in getnetbyname() (CVE-2014-9402) * Memory corruption in getaddrinfo() if the AI_IDN flag is used (CVE-2013-7424) |
| Additional notes | |
| CVE ID | CVE-2015-1472 CVE-2015-1473 CVE-2012-3406 CVE-2014-4043 CVE-2014-9402 CVE-2013-7424 |
| UCS Bug number | #37643 |
