Changelog for glibc-static-devel-2.20-2.1.x86_64.rpm :

* Sun Jan 21 2018 luigiwalser 6:2.20-27.mga5+ Revision: 1195307- sync patches from mga6 to fix CVE-2017-16997 and CVE-2018-1000001 + tmb - fix CVE-2017-1213[23], CVE-2017-1567[01], CVE-2017-15804 - sunrpc: xdr_bytes/xdr_string need to free buffer on error [BZ #21461] (CVE-2017-8804) - Ignore LD_LIBRARY_PATH for AT_SECURE=1 programs [BZ #21624] (CVE-2017-1000366) - ld.so: Reject overly long LD_PRELOAD path elements - ld.so: Reject overly long LD_AUDIT path elements - Ignore and remove LD_HWCAP_MASK for AT_SECURE programs [BZ #21209] - Fix resource leak in resolver [BZ #19257] (CVE-2016-5417) - resolv: Fix crash with internal QTYPE [BZ #18784] (CVE-2015-5180) - Fix static dlopen default library search path [BZ #17250] - grantpt: trust the kernel about pty group and permission mode [BZ #19347] - sunrpc: Do not use alloca in clntudp_call [BZ #20112] (CVE-2016-4429, mga#18651) - glob: Simplify the interface for the GLOB_ALTDIRFUNC callback gl_readdir - CVE-2016-1234: glob: Do not copy d_name field of struct dirent [BZ #19779] - CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r [BZ #19879] - CVE-2016-3706: getaddrinfo: stack overflow in hostent conversion [BZ #20010] - getaddrinfo() stack-based buffer overflow [BZ 18665] (CVE-2015-7547) - nan function unbounded stack allocation [BZ 16961, 16962] (CVE-2014-9761) - catopen() Multiple unbounded stack allocations [BZ 17905] (CVE-2015-8779) - hcreate, hcreate_r should fail with ENOMEM if element count is too large [BZ 18240] (CVE-2015-8778) - out of range data to strftime() causes a segfault [BZ 18985] (CVE-2015-8776) - Always enable pointer guard [BZ #18928] (CVE-2015-8777)