First published: Wed Jan 20 2016(Updated: )
The strftime function in the GNU C Library (aka glibc or libc6) before 2.23 allows context-dependent attackers to cause a denial of service (application crash) or possibly obtain sensitive information via an out-of-range time value.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/glibc | <2.23 | 2.23 |
SUSE Linux Enterprise Debuginfo | =11-sp2 | |
SUSE Linux Enterprise Debuginfo | =11-sp3 | |
SUSE Linux Enterprise Debuginfo | =11-sp4 | |
openSUSE openSUSE | =13.2 | |
SUSE Linux Enterprise Desktop | =11-sp3 | |
SUSE Linux Enterprise Desktop | =11-sp4 | |
SUSE Linux Enterprise Desktop | =12 | |
SUSE Linux Enterprise Desktop | =12-sp1 | |
SUSE Linux Enterprise Server | =11-sp2 | |
SUSE Linux Enterprise Server | =11-sp3 | |
Suse Linux Enterprise Server | =11-sp3 | |
SUSE Linux Enterprise Server | =11-sp4 | |
SUSE Linux Enterprise Server | =12-sp1 | |
SUSE Linux Enterprise Software Development Kit | =11-sp3 | |
SUSE Linux Enterprise Software Development Kit | =11-sp4 | |
SUSE Linux Enterprise Software Development Kit | =12 | |
SUSE Linux Enterprise Software Development Kit | =12-sp1 | |
SUSE SUSE Linux Enterprise Server | =12 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =15.10 | |
Debian Debian Linux | =8.0 | |
Fedoraproject Fedora | =23 | |
GNU glibc | <=2.22 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.