{"affected":[{"ecosystem_specific":{"binaries":[{"glibc":"2.19-22.27.958","glibc-32bit":"2.19-22.27.958","glibc-devel":"2.19-22.27.958","glibc-devel-32bit":"2.19-22.27.958","glibc-html":"2.19-22.27.958","glibc-i18ndata":"2.19-22.27.958","glibc-info":"2.19-22.27.958","glibc-locale":"2.19-22.27.958","glibc-locale-32bit":"2.19-22.27.958","glibc-profile":"2.19-22.27.958","glibc-profile-32bit":"2.19-22.27.958","nscd":"2.19-22.27.958"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12-LTSS","name":"glibc","purl":"pkg:rpm/suse/glibc&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.19-22.27.958"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for glibc fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2017-15804: Fix buffer overflow during unescaping of user names in the glob function in glob.c (bsc#1064580).\n- CVE-2017-15670: Fix buffer overflow in glob with GLOB_TILDE (bsc#1064583).\n- CVE-2017-15671: Fix memory leak in glob with GLOB_TILDE (bsc#1064569).\n- CVE-2018-11236: Fix 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments (bsc#1094161).\n- CVE-2017-12132: Reduce advertised EDNS0 buffer size to guard against fragmentation attacks (bsc#1051791).\n- CVE-2018-1000001: Avoid underflow of malloced area (bsc#1074293).\n","id":"SUSE-SU-2018:2187-1","modified":"2018-08-03T13:56:22Z","published":"2018-08-03T13:56:22Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20182187-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1051791"},{"type":"REPORT","url":"https://bugzilla.suse.com/1064569"},{"type":"REPORT","url":"https://bugzilla.suse.com/1064580"},{"type":"REPORT","url":"https://bugzilla.suse.com/1064583"},{"type":"REPORT","url":"https://bugzilla.suse.com/1074293"},{"type":"REPORT","url":"https://bugzilla.suse.com/1094161"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-12132"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-15670"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-15671"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-15804"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000001"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-11236"}],"related":["CVE-2017-12132","CVE-2017-15670","CVE-2017-15671","CVE-2017-15804","CVE-2018-1000001","CVE-2018-11236"],"summary":"Security update for glibc","upstream":["CVE-2017-12132","CVE-2017-15670","CVE-2017-15671","CVE-2017-15804","CVE-2018-1000001","CVE-2018-11236"]}