An update for glibc is now available for openEuler-22.03-LTS-SP4 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2026-2034 Final 1.0 1.0 2026-04-25 Initial 2026-04-25 2026-04-25 openEuler SA Tool V1.0 2026-04-25 glibc security update An update for glibc is now available for openEuler-22.03-LTS-SP4 The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational facilities as open, read, write, malloc, printf, getaddrinfo, dlopen, pthread_create, crypt, login, exit and more. Security Fix(es): The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them.(CVE-2026-4046) An update for glibc is now available for openEuler-22.03-LTS-SP4. openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. High glibc https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2034 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2026-4046 https://nvd.nist.gov/vuln/detail/CVE-2026-4046 openEuler-22.03-LTS-SP4 glibc-help-2.34-175.oe2203sp4.noarch.rpm glibc-2.34-175.oe2203sp4.aarch64.rpm glibc-all-langpacks-2.34-175.oe2203sp4.aarch64.rpm glibc-common-2.34-175.oe2203sp4.aarch64.rpm glibc-compat-2.17-2.34-175.oe2203sp4.aarch64.rpm glibc-debuginfo-2.34-175.oe2203sp4.aarch64.rpm glibc-debugsource-2.34-175.oe2203sp4.aarch64.rpm glibc-debugutils-2.34-175.oe2203sp4.aarch64.rpm glibc-devel-2.34-175.oe2203sp4.aarch64.rpm glibc-locale-archive-2.34-175.oe2203sp4.aarch64.rpm glibc-locale-source-2.34-175.oe2203sp4.aarch64.rpm glibc-nss-devel-2.34-175.oe2203sp4.aarch64.rpm libnsl-2.34-175.oe2203sp4.aarch64.rpm nscd-2.34-175.oe2203sp4.aarch64.rpm nss_modules-2.34-175.oe2203sp4.aarch64.rpm glibc-2.34-175.oe2203sp4.src.rpm glibc-2.34-175.oe2203sp4.x86_64.rpm glibc-all-langpacks-2.34-175.oe2203sp4.x86_64.rpm glibc-common-2.34-175.oe2203sp4.x86_64.rpm glibc-compat-2.17-2.34-175.oe2203sp4.x86_64.rpm glibc-debuginfo-2.34-175.oe2203sp4.x86_64.rpm glibc-debugsource-2.34-175.oe2203sp4.x86_64.rpm glibc-debugutils-2.34-175.oe2203sp4.x86_64.rpm glibc-devel-2.34-175.oe2203sp4.x86_64.rpm glibc-locale-archive-2.34-175.oe2203sp4.x86_64.rpm glibc-locale-source-2.34-175.oe2203sp4.x86_64.rpm glibc-nss-devel-2.34-175.oe2203sp4.x86_64.rpm libnsl-2.34-175.oe2203sp4.x86_64.rpm nscd-2.34-175.oe2203sp4.x86_64.rpm nss_modules-2.34-175.oe2203sp4.x86_64.rpm The iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them. 2026-04-25 CVE-2026-4046 openEuler-22.03-LTS-SP4 High 7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H glibc security update 2026-04-25 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2026-2034