diff -Nru eglibc-2.19/debian/changelog eglibc-2.19/debian/changelog --- eglibc-2.19/debian/changelog 2014-02-21 07:09:22.000000000 +0000 +++ eglibc-2.19/debian/changelog 2014-02-24 05:51:47.000000000 +0000 @@ -1,3 +1,18 @@ +eglibc (2.19-0ubuntu2) trusty; urgency=medium + + * Merge with unreleased 2.19 from Debian experimental, fixing some bugs: + - debian/patches/any/local-no-malloc-backtrace.diff: Lower the default + for MALLOC_CHECK_ to 1, and add it to the list of insecure variables + that can't be set for suid binaries. This allows us to not backtrace + malloc failures by default (Closes: #739913, LP: #1266492) and skips + backtrace for suid binaries where an attacker calling into a corrupt + malloc internal data structure with malloc could lead to Bad Things. + - Make ldconfig stop operating on the linker entirely, so our packaged + symlinks take precedence and hack the postinst to skip ldconfig when + we detect a broken setup that the old ldconfig mangles (LP: #915995) + + -- Adam Conrad Sun, 23 Feb 2014 22:39:18 -0700 + eglibc (2.19-0ubuntu1) trusty; urgency=medium * Merge with unreleased 2.19 from Debian experimental, remaining changes: @@ -24,10 +39,12 @@ eglibc (2.19-0experimental0) UNRELEASED; urgency=medium + [ Adam Conrad ] * New upstream release: version 2.19, orig tarball built at SVN r25252: - debian/patches/alpha/local-string-functions.diff: Rebased. - debian/patches/any/local-disable-test-tgmath2.diff: Rebased. - debian/patches/any/local-localedef-fix-trampoline.diff: Rebased. + - debian/patches/any/local-no-malloc-backtrace.diff: Rebased. - debian/patches/any/submitted-longdouble.diff: Rebased. - debian/patches/hurd-i386/local-enable-ldconfig.diff: Rebased. - debian/patches/kfreebsd/local-fbtl-depends.diff: Rebased. @@ -60,8 +77,41 @@ * debian/patches/any/submitted-sysdeps-auxv.diff: Fix implicit declaration when including in the testsuite by fixing up header guards. + [ Aurelien Jarno ] + * debian/debhelper.in/libc.preinst: remove check for sparc32 kernel, the + support has been removed with Lenny. + * debian/debhelper.in/libc.preinst: remove code to upgrade armhf systems + from pre-Wheezy versions. + -- Adam Conrad Sun, 09 Feb 2014 09:46:13 -0700 +eglibc (2.18-3) unstable; urgency=medium + + * debian/patches/any/local-no-malloc-backtrace.diff: Lower the default + for MALLOC_CHECK_ to 1, and add it to the list of insecure variables + that can't be set for suid binaries. This allows us to not backtrace + malloc failures by default (Closes: #739913, LP: #1266492) and skips + backtrace for suid binaries where an attacker calling into a corrupt + malloc internal data structure with malloc could lead to Bad Things. + + -- Adam Conrad Sun, 23 Feb 2014 18:43:36 -0700 + +eglibc (2.18-2) unstable; urgency=medium + + [ Aurelien Jarno ] + * any/local-ldconfig-ignore-ld.so.diff: new patch to ignore the dynamic + linker in ldconfig. Closes: #699206, #707185, #727786, #736097, + #739734, #739758. + * debian/debhelper.in/libc.preinst: Disable ldconfig when a potentially + broken dynamic loader symlink is found. This happens when a biarch + package of the same architecture than the native one has been installed + (e.g.: libc6-amd64:i386 on amd64) and ldconfig is run afterwards. + + [ Petr Salinger ] + * kfreebsd/local-sysdeps.diff: update to revision 5443 (from glibc-bsd). + + -- Aurelien Jarno Sun, 23 Feb 2014 13:30:11 +0100 + eglibc (2.18-1) unstable; urgency=medium [ Adam ConradĀ ] diff -Nru eglibc-2.19/debian/debhelper.in/libc.preinst eglibc-2.19/debian/debhelper.in/libc.preinst --- eglibc-2.19/debian/debhelper.in/libc.preinst 2014-02-20 09:38:48.000000000 +0000 +++ eglibc-2.19/debian/debhelper.in/libc.preinst 2014-02-24 05:36:59.000000000 +0000 @@ -365,14 +365,6 @@ fi # end upgrading and $preversion lt 2.19 fi # Upgrading - # On upgrade from older glibc versions, our PI doesn't yet exist - # on-disk, despite the preinst wanting to play with it, so make one - if [ "${DPKG_MAINTSCRIPT_ARCH:-$(dpkg --print-architecture)}" = "armhf" ]; then - if dpkg --compare-versions "$preversion" lt 2.15-0ubuntu8; then - ln -sf SLIBDIR/ld-linux.so.3 RTLD_SO - fi - fi - # This will keep us from using hwcap libs (optimized) during an # upgrade. touch /etc/ld.so.nohwcap @@ -417,6 +409,20 @@ exit 1 fi fi + + # ldconfig might have broken the ld.so symlink in case a biarch package + # of the same architecture than the native one has been installed (e.g.: + # libc6-amd64:i386 on amd64). Try to detect this by checking that the + # ld.so symlink correctly points to ld-*.so in the slib directory, and + # disable ldconfig in such a case. The symlink will be fixed when + # unpacking the new libc version and ldconfig will be re-enabled when + # a new fixed version is unpacked. + if ! readlink -e RTLD_SO | grep -qE 'SLIBDIR/ld-[0-9.]+\.so' ; then + echo "Warning: found a potentially broken dynamic loader symlink," + echo "disabling ldconfig to avoid a possible system breakage. It" + echo "will be reenabled when a new version of libc-bin is unpacked." + ln -sf /bin/true /sbin/ldconfig + fi fi if [ "$type" != abort-upgrade ] @@ -504,28 +510,6 @@ exit 1 fi - # From glibc 2.6-3 SPARC V8 support is dropped. - if [ "$realarch" = sparc ] - then - # The process could be run using linux32, check for /proc. - if [ -f /proc/cpuinfo ] - then - case "$(sed '/^type/!d;s/^type.*: //g' /proc/cpuinfo)" in - sun4u) - # UltraSPARC CPU - ;; - sun4v) - # Niagara CPU - ;; - *) - echo "WARNING: This machine has a SPARC V8 or earlier class processor." - echo "Debian lenny and later does not support such old hardware" - echo "any longer." - exit 1 - ;; - esac - fi - fi elif [ $system = "GNU/kFreeBSD" ] ; then kernel_ver=`uname -r` if kfreebsd_compare_versions "$kernel_ver" lt 8.3 diff -Nru eglibc-2.19/debian/patches/any/local-ldconfig-ignore-ld.so.diff eglibc-2.19/debian/patches/any/local-ldconfig-ignore-ld.so.diff --- eglibc-2.19/debian/patches/any/local-ldconfig-ignore-ld.so.diff 1970-01-01 00:00:00.000000000 +0000 +++ eglibc-2.19/debian/patches/any/local-ldconfig-ignore-ld.so.diff 2014-02-24 05:32:14.000000000 +0000 @@ -0,0 +1,55 @@ +diff --git a/elf/ldconfig.c b/elf/ldconfig.c +index 4211f4c..6425f8e 100644 +--- a/elf/ldconfig.c ++++ b/elf/ldconfig.c +@@ -450,6 +450,23 @@ chroot_stat (const char *real_path, const char *path, struct stat64 *st) + return ret; + } + ++static const char * const ld_sonames[] = ++{ ++ "ld-kfreebsd-x86-64.so.1", ++ "ld-linux-aarch64.so.1", ++ "ld-linux-aarch64_be.so.1", ++ "ld-linux-armhf.so.3", ++ "ld-linux-ia64.so.2", ++ "ld-linux-mipsn8.so.1", ++ "ld-linux-x32.so.2", ++ "ld-linux-x86-64.so.2", ++ "ld-linux.so.2", ++ "ld-linux.so.3", ++ "ld.so.1", ++ "ld64.so.1", ++ "ld64.so.2", ++}; ++ + /* Create a symbolic link from soname to libname in directory path. */ + static void + create_links (const char *real_path, const char *path, const char *libname, +@@ -460,6 +477,7 @@ create_links (const char *real_path, const char *path, const char *libname, + struct stat64 stat_lib, stat_so, lstat_so; + int do_link = 1; + int do_remove = 1; ++ int i; + /* XXX: The logics in this function should be simplified. */ + + /* Get complete path. */ +@@ -488,6 +506,18 @@ create_links (const char *real_path, const char *path, const char *libname, + error (0, 0, _("Can't stat %s\n"), full_libname); + return; + } ++ ++ /* Do not change the symlink pointer to the dynamic linker except for ++ non-existing symlinks, as it might break break multiarch systems. */ ++ for (i = 0; i < sizeof (ld_sonames) / sizeof (ld_sonames[0]); i++) ++ if (__glibc_unlikely(!strcmp(soname, ld_sonames[i]))) ++ { ++ if (opt_verbose) ++ error (0, 0, _("%s is the dynamic linker, ignoring\n"), ++ full_libname); ++ do_link = 0; ++ } ++ + if (stat_lib.st_dev == stat_so.st_dev + && stat_lib.st_ino == stat_so.st_ino) + /* Link is already correct. */ diff -Nru eglibc-2.19/debian/patches/any/local-no-malloc-backtrace.diff eglibc-2.19/debian/patches/any/local-no-malloc-backtrace.diff --- eglibc-2.19/debian/patches/any/local-no-malloc-backtrace.diff 1970-01-01 00:00:00.000000000 +0000 +++ eglibc-2.19/debian/patches/any/local-no-malloc-backtrace.diff 2014-02-24 05:32:14.000000000 +0000 @@ -0,0 +1,50 @@ +Description: disable backtraces on malloc errors +Author: Steve Beattie +Bug: https://sourceware.org/bugzilla/show_bug.cgi?id=16159 +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1266492 +Forwarded: no, needs testing first + +Disable backtrace's by default when malloc internal errors have +occurred; backtraces end up calling malloc themselves which causes a +deadlock on the internal glibc malloc lock. It's also a bad idea to use +malloc if an attacker has corrupted malloc's internal data structures. + +MALLOC_CHECK_ is also added to the list of environment variables to +filter for setuid binaries. + +For debugging purposes, people can manually add MALLOC_CHECK_=3 to their +environment to get the backtracing behavior back. +--- + malloc/malloc.c | 5 ++++- + sysdeps/generic/unsecvars.h | 1 + + 2 files changed, 5 insertions(+), 1 deletion(-) + +Index: b/malloc/malloc.c +=================================================================== +--- a/malloc/malloc.c ++++ b/malloc/malloc.c +@@ -1863,8 +1863,11 @@ void weak_variable (*__after_morecore_ho + + /* ---------------- Error behavior ------------------------------------ */ + ++ ++/* we don't want to emit a backtrace on error, see ++ https://sourceware.org/bugzilla/show_bug.cgi?id=16159, so set to 1 */ + #ifndef DEFAULT_CHECK_ACTION +-# define DEFAULT_CHECK_ACTION 3 ++# define DEFAULT_CHECK_ACTION 1 + #endif + + static int check_action = DEFAULT_CHECK_ACTION; +Index: b/sysdeps/generic/unsecvars.h +=================================================================== +--- a/sysdeps/generic/unsecvars.h ++++ b/sysdeps/generic/unsecvars.h +@@ -17,6 +17,7 @@ + "LD_USE_LOAD_BIAS\0" \ + "LOCALDOMAIN\0" \ + "LOCPATH\0" \ ++ "MALLOC_CHECK_\0" \ + "MALLOC_TRACE\0" \ + "NIS_PATH\0" \ + "NLSPATH\0" \ diff -Nru eglibc-2.19/debian/patches/kfreebsd/local-sysdeps.diff eglibc-2.19/debian/patches/kfreebsd/local-sysdeps.diff --- eglibc-2.19/debian/patches/kfreebsd/local-sysdeps.diff 2013-12-03 13:28:55.000000000 +0000 +++ eglibc-2.19/debian/patches/kfreebsd/local-sysdeps.diff 2014-02-24 05:32:14.000000000 +0000 @@ -46,7 +46,7 @@ +gnu --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/Makefile -@@ -0,0 +1,134 @@ +@@ -0,0 +1,138 @@ +# Use bash, not /bin/sh, for executing scripts, because the native +# FreeBSD /bin/sh does not interpret the IFS="" read ... command +# in localedata/tst-fmon.sh correctly. @@ -181,6 +181,10 @@ +ifeq ($(subdir),sunrpc) +sysdep_headers += nfs/nfs.h +endif ++ ++ifeq ($(subdir),rt) ++librt-routines += sys_shm_open ++endif --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/Versions @@ -0,0 +1,126 @@ @@ -1890,7 +1894,7 @@ + --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/bits/param.h -@@ -0,0 +1,192 @@ +@@ -0,0 +1,189 @@ +/* Copyright (C) 1995,1996,1997,2000,2001,2003 Free Software Foundation, Inc. + This file is part of the GNU C Library. + @@ -1971,9 +1975,6 @@ +#ifndef MAXDUMPPGS +#define MAXDUMPPGS (DFLTPHYS/PAGE_SIZE) +#endif -+#ifndef MAXHOSTNAMELEN -+#define MAXHOSTNAMELEN 64 /* XXX */ -+#endif /* No MAXHOSTNAMELEN. */ + +/* + * Constants related to network buffer management. @@ -19511,7 +19512,7 @@ +#endif /* net/ethernet.h */ --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/net/if.h -@@ -0,0 +1,460 @@ +@@ -0,0 +1,438 @@ +/*- + * Copyright (c) 1982, 1986, 1989, 1993 + * The Regents of the University of California. All rights reserved. @@ -19586,8 +19587,8 @@ + unsigned char ifi_addrlen; /* media address length */ + unsigned char ifi_hdrlen; /* media header length */ + unsigned char ifi_link_state; /* current link state */ -+ unsigned char ifi_spare_char1; /* spare byte */ -+ unsigned char ifi_spare_char2; /* spare byte */ ++ unsigned char ifi_vhid; /* carp vhid */ ++ unsigned char ifi_baudrate_pf; /* baudrate power factor */ + unsigned char ifi_datalen; /* length of this data struct */ + unsigned long ifi_mtu; /* maximum transmission unit */ + unsigned long ifi_metric; /* routing metric (external only) */ @@ -19853,29 +19854,7 @@ + (sizeof(struct ifreq) - sizeof(struct sockaddr) + \ + (ifr).ifr_addr.sa_len) : sizeof(struct ifreq)) + -+struct ifaliasreq { -+ char ifra_name[IFNAMSIZ]; /* if name, e.g. "en0" */ -+ struct sockaddr ifra_addr; -+ struct sockaddr ifra_broadaddr; -+ struct sockaddr ifra_mask; -+}; -+ -+struct ifmediareq { -+ char ifm_name[IFNAMSIZ]; /* if name, e.g. "en0" */ -+ int ifm_current; /* current media options */ -+ int ifm_mask; /* don't care mask */ -+ int ifm_status; /* media status */ -+ int ifm_active; /* active options */ -+ int ifm_count; /* # entries in ifm_ulist array */ -+ int *ifm_ulist; /* media words */ -+}; -+ -+struct ifdrv { -+ char ifd_name[IFNAMSIZ]; /* if name, e.g. "en0" */ -+ unsigned long ifd_cmd; -+ size_t ifd_len; -+ void *ifd_data; -+}; ++#include + +/* + * Structure used to retrieve aux status data from interfaces. @@ -20081,7 +20060,7 @@ +#endif /* net/if_ether.h */ --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/netinet/icmp6.h -@@ -0,0 +1,525 @@ +@@ -0,0 +1,561 @@ +/* Copyright (C) 1991-1997,2000,2006,2009 Free Software Foundation, Inc. + This file is part of the GNU C Library. + @@ -20392,6 +20371,42 @@ +#define ICMP6_FQDN_REPLY 140 /* FQDN reply */ +#define ICMP6_NI_QUERY 139 /* node information request */ +#define ICMP6_NI_REPLY 140 /* node information reply */ ++#define MLDV2_LISTENER_REPORT 143 /* RFC3810 listener report */ ++ ++/* The definitions below are experimental. TBA */ ++#define MLD_MTRACE_RESP 200 /* mtrace resp (to sender) */ ++#define MLD_MTRACE 201 /* mtrace messages */ ++ ++#define ICMP6_DST_UNREACH_NOROUTE 0 /* no route to destination */ ++#define ICMP6_DST_UNREACH_ADMIN 1 /* administratively prohibited */ ++#define ICMP6_DST_UNREACH_NOTNEIGHBOR 2 /* not a neighbor(obsolete) */ ++#define ICMP6_DST_UNREACH_BEYONDSCOPE 2 /* beyond scope of source address */ ++#define ICMP6_DST_UNREACH_ADDR 3 /* address unreachable */ ++#define ICMP6_DST_UNREACH_NOPORT 4 /* port unreachable */ ++ ++#define ICMP6_TIME_EXCEED_TRANSIT 0 /* ttl==0 in transit */ ++#define ICMP6_TIME_EXCEED_REASSEMBLY 1 /* ttl==0 in reass */ ++ ++#define ICMP6_PARAMPROB_HEADER 0 /* erroneous header field */ ++#define ICMP6_PARAMPROB_NEXTHEADER 1 /* unrecognized next header */ ++#define ICMP6_PARAMPROB_OPTION 2 /* unrecognized option */ ++ ++#define ICMP6_INFOMSG_MASK 0x80 /* all informational messages */ ++ ++#define ICMP6_NI_SUBJ_IPV6 0 /* Query Subject is an IPv6 address */ ++#define ICMP6_NI_SUBJ_FQDN 1 /* Query Subject is a Domain name */ ++#define ICMP6_NI_SUBJ_IPV4 2 /* Query Subject is an IPv4 address */ ++ ++#define ICMP6_NI_SUCCESS 0 /* node information successful reply */ ++#define ICMP6_NI_REFUSED 1 /* node information request is refused */ ++#define ICMP6_NI_UNKNOWN 2 /* unknown Qtype */ ++ ++#define ICMP6_ROUTER_RENUMBERING_COMMAND 0 /* rr command */ ++#define ICMP6_ROUTER_RENUMBERING_RESULT 1 /* rr result */ ++#define ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET 255 /* rr seq num reset */ ++ ++#define ND_REDIRECT_ONLINK 0 /* redirect to an on-link node */ ++#define ND_REDIRECT_ROUTER 1 /* redirect to a better router */ + +struct rr_pco_match /* match prefix part */ + { @@ -20609,7 +20624,7 @@ +#endif /* netinet/icmpv6.h */ --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/netinet/if_ether.h -@@ -0,0 +1,138 @@ +@@ -0,0 +1,139 @@ +/* Copyright (C) 1996, 1997, 1999, 2006 Free Software Foundation, Inc. + This file is part of the GNU C Library. + @@ -20634,6 +20649,7 @@ +#include +#include + ++#include +#include + +#ifdef __USE_BSD @@ -23126,6 +23142,49 @@ @@ -0,0 +1 @@ +/* 'setrlimit64' is the same as 'setrlimit', because __rlim64_t == __rlim_t. */ --- /dev/null ++++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/shm_open.c +@@ -0,0 +1,40 @@ ++/* Copyright (C) 2014 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, write to the Free ++ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA ++ 02111-1307 USA. */ ++ ++#include ++#include ++#include ++ ++extern int __syscall_shm_open (const char *name, int flag, mode_t mode); ++libc_hidden_proto (__syscall_shm_open) ++ ++int ++shm_open (name, flag, mode) ++ const char *name; ++ int flag; ++ mode_t mode; ++{ ++ /* ++ * O_CLOEXEC never has any effect on shm_open(). However, old kernel ++ * versions (prior to rev 261138 in HEAD) return EINVAL when this ++ * (otherwise harmless) flag is used. ++ */ ++ flag &= ~O_CLOEXEC; ++ ++ return INLINE_SYSCALL (shm_open, 3, name, flag, mode); ++} +--- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/shmctl.c @@ -0,0 +1,91 @@ +/* Copyright (C) 2013 Free Software Foundation, Inc. @@ -24944,7 +25003,7 @@ +#endif /* sys/swap.h */ --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/sys/syscall.h -@@ -0,0 +1,500 @@ +@@ -0,0 +1,502 @@ +#ifndef _SYSCALL_H +#define _SYSCALL_H 1 + @@ -25385,7 +25444,7 @@ +#define SYS_shmctl 512 +#define SYS_lpathconf 513 +#define SYS_cap_new 514 -+#define SYS_cap_rights_get 515 ++#define SYS___cap_rights_get 515 +#define SYS_cap_enter 516 +#define SYS_cap_getmode 517 +#define SYS_pdfork 518 @@ -25412,7 +25471,9 @@ +#define SYS_chflagsat 540 +#define SYS_accept4 541 +#define SYS_pipe2 542 -+#define SYS_MAXSYSCALL 543 ++#define SYS_aio_mlock 543 ++#define SYS_procctl 544 ++#define SYS_MAXSYSCALL 545 + +#define SYS_obreak SYS_break +#define SYS_sysctl SYS___sysctl @@ -25946,7 +26007,7 @@ +setrlimit - setrlimit i:ip __setrlimit setrlimit setrlimit64 +setsid - setsid i: __setsid setsid +setuid - setuid i:i __setuid setuid -+shm_open - shm_open i:sii shm_open ++sys_shm_open - shm_open i:sii __syscall_shm_open +shm_unlink - shm_unlink i:s shm_unlink +shmat - shmat i:iai shmat +sys_shmctl - shmctl i:iip __syscall_shmctl diff -Nru eglibc-2.19/debian/patches/series eglibc-2.19/debian/patches/series --- eglibc-2.19/debian/patches/series 2014-02-20 09:37:10.000000000 +0000 +++ eglibc-2.19/debian/patches/series 2014-02-24 05:37:40.000000000 +0000 @@ -221,6 +221,8 @@ any/unsubmitted-scanf-includes.diff any/unsubmitted-tst-ftell-locale.diff any/submitted-sysdeps-auxv.diff +any/local-ldconfig-ignore-ld.so.diff +any/local-no-malloc-backtrace.diff # Ubuntu patches live in their own little world, to maintain sanity ubuntu/lddebug-scopes.diff