This glibc update fixes a critical privilege escalation problem and two
additional issues:
* bnc#892073: An off-by-one error leading to a heap-based buffer
overflow was found in __gconv_translit_find(). An exploit that
targets the problem is publicly available. (CVE-2014-5119)
* bnc#836746: Avoid race between {, __de}allocate_stack and
__reclaim_stacks during fork.
* bnc#844309: Fixed various overflows, reading large /etc/hosts or
long names. (CVE-2013-4357)
* bnc#894553, bnc#894556: Fixed various crashes on invalid input in
IBM gconv modules. (CVE-2014-6040, CVE-2012-6656)
Security Issues:
* CVE-2012-6656
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6656</a>>
* CVE-2013-4357
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4357</a>>
* CVE-2014-5119
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5119</a>>
* CVE-2014-6040
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6040</a>>