Synopsis: Moderate: glibc security and bug fix update. Type/Severity: - Security Advisory: Moderate Topic: Updated glibc packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 7. Description: - CVE-2014-6040: An out-of-bounds read flaw was found in the way glibc's iconv() function converted certain encoded data to UTF-8. - CVE-2014-8121: Files back end of Name Service Switch (NSS) did not isolate iteration over an entire database from key-based look-up API calls. Solution: Upgrade to the updated glibc packages. Affected Products: - Red Hat Enterprise Linux Server 7 x86_64 - Extended Update Support versions for the various Red Hat Enterprise Linux branches. CVEs: - CVE-2014-6040 - CVE-2014-8121 Date: - Issued: 2015-03-05 - Updated: 2015-03-05