Multiple vulnerabilities has been discovered and corrected in glibc: Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments . Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort . Multiple integer overflows in the strtod, strtof, strtold, strtod_l, and other unspecified related functions in stdlib in GNU C Library 2.16 allow local users to cause a denial of service and possibly execute arbitrary code via a long string, which triggers a stack-based buffer overflow . Buffer overflow in the extend_buffers function in the regular expression matcher in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service via crafted multibyte characters . Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library 2.17 and earlier allows remote attackers to cause a denial of service via a hostname or IP address that triggers a large number of domain conversion results . The updated packages have been patched to correct these issues.