-
glibc (2.24-11+deb9u4) stretch; urgency=medium
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch:
- Fix buffer overflow in glob with GLOB_TILDE (CVE-2017-15670). Closes:
#879501.
- Fix memory leak in glob with GLOB_TILDE (CVE-2017-15671). Closes:
#879500.
- Fix a buffer overflow in glob with GLOB_TILDE in unescaping
(CVE-2017-15804). Closes: #879955.
- Fix a memory leak in ld.so (CVE-2017-1000408). Closes: #884132.
- Fix a buffer overflow in ld.so (CVE-2017-1000409). Closes: #884133.
- Fixes incorrect RPATH/RUNPATH handling for SUID binaries
(CVE-2017-16997). Closes: #884615.
- Fix a data corruption in SSE2-optimized memmove implementation for
i386 (CVE-2017-18269).
- Fix a stack-based buffer overflow in the realpath function
(CVE-2018-11236). Closes: #899071.
- Fix a buffer overflow in the AVX-512-optimized implementation of the
mempcpy function (CVE-2018-11237). Closes: #899070.
- Fix stack guard size accounting and reduce stack usage during
unwinding to avoid segmentation faults on CPUs with AVX512-F. Closes:
#903554.
- Fix a use after free in pthread_create(). Closes: #916925.
* debian/debhelper.in/libc.postinst, script.in/nsscheck.sh: check for
postgresql in NSS check. Closes: #710275.
[ Sebastian Andrzej Siewior ]
* patches/any/local-condvar-do-not-use-requeue-for-pshared-condvars.patch:
patch to fix pthread_cond_wait() in the pshared case on non-x86. Closes:
#904158.
-- Aurelien Jarno <email address hidden> Wed, 06 Feb 2019 22:17:41 +0100
-
glibc (2.24-11+deb9u3) stretch; urgency=medium
[ Aurelien Jarno ]
* debian/rules.d/debhelper.mk: install the libc-otherbuild postinst and
postrm in the libc6-i686 transitional package, to make sure
/etc/ld.so.nohwcap is correctly removed after an upgrade. Closes:
#883394.
-- Aurelien Jarno <email address hidden> Sun, 14 Jan 2018 11:39:44 +0100
-
glibc (2.24-11+deb9u2) stretch; urgency=medium
[ Aurelien Jarno ]
* debian/control.in/x32: Add a gcc-multilib Recommends for libc6-dev-x32.
* debian/patches/git-updates.diff: update from upstream stable branch:
- debian/patches/any/submitted-perl-inc.diff: drop, merged upstream.
- debian/patches/any/cvs-remove-pid-tid-cache-clone.diff: drop, merged
upstream.
- debian/patches/any/local-CVE-2017-1000366-rtld-LD_LIBRARY_PATH.diff:
drop, merged upstream.
- debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff: drop,
merged upstream.
- debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff: drop,
merged upstream.
- debian/patches/any/cvs-vectorized-strcspn-guards.diff: drop, merged
upstream.
- debian/patches/any/cvs-hwcap-AT_SECURE.diff: drop, merged upstream.
- Avoid use-after-free read access in clntudp_call (CVE-2017-12133).
Closes: #870648.
- Fix compatibility with Intel C++ __regcall calling convention. Closes:
#881850.
- Fix a buffer overrun in rpcgen.
- Fix strlen on null pointer in nss_nisplus.
- Fix invalid cast in group merging affecting ppc64 and s390x.
- Define collation for Malayalam chillu characters.
- Correct collation of U+0D36 and U+0D37 Malayalam characters.
* debian/script.in/nohwcap.sh: always check for all optimized packages
as multiarch allows one to install foreign architectures. Closes:
#882272.
[ Santiago Vila ]
* debian/debhelper.in/libc-bin.postinst: do not update /etc/nsswitch.conf
when its content already matches the default. Closes: #865144.
-- Aurelien Jarno <email address hidden> Fri, 01 Dec 2017 21:09:18 +0100
-
glibc (2.24-11+deb9u1) stretch-security; urgency=medium
* debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff,
debian/patches/any/local-CVE-2017-1000366-rtld-LD_LIBRARY_PATH.diff,
debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff: add
patches to protect the dynamic linker against stack clashes
(CVE-2017-1000366).
* debian/patches/any/cvs-vectorized-strcspn-guards.diff: patch backported
from upstream to allow usage of strcspn in ld.so.
* debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from
upstream to disable HWCAP for AT_SECURE programs.
-- Aurelien Jarno <email address hidden> Thu, 15 Jun 2017 21:17:14 +0200
-
glibc (2.24-11) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch:
- Improve memcpy/memset performance on Skylake server.
* debian/patches/any/cvs-malloc-hardening.diff: patch backported from
upstream to further harden glibc malloc metadata against 1-byte
overflows. Closes: #862950.
-- Aurelien Jarno <email address hidden> Sun, 28 May 2017 19:29:33 +0200
-
glibc (2.24-10) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/cvs-truncate64.diff: New patch to support 64bit truncate.
* hurd-i386/cvs-send-recv-posix.diff: New patch to make send/recv more
posix.
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch:
- Fix readahead on mips64el.
- Improve branch predication in _dl_runtime_resolve_avx512_opt;
- Fix symbol redirect for fts_set on 32-bit architectures.
- Fix AVX2/AVX512 optimized unaligned memset.
- Don't use PLT nor GOT in static archives on amd64.
- Drop GLIBC_TUNABLES in setxid processes.
- Fix write-after-destroy in lock elision on powerpc/ppc64el.
* Drop patches/any/cvs-resolv-internal-qtype.diff, merged upstream.
* any/cvs-remove-pid-tid-cache-clone.diff: patch from upstream to remove
cached PID/TID in clone. Closes: #857909.
* debian/rules.d/build.mk: do not fail the build in case of testsuite
regressions when building a +debXuX version. That way changes in the
environment (e.g.: kernel) do not prevent security or stable versions
to be built.
-- Aurelien Jarno <email address hidden> Wed, 12 Apr 2017 00:13:55 +0200
-
glibc (2.24-9) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/tg-libpthread-gsync-mutex.diff: Update patch, fixes trylock
error return.
* hurd-i386/tg-magic-pid.diff: New patch, add support for /proc/self.
* hurd-i386/tg-mlockall.diff: New patch, add support for mlockall.
- control: Bump gnumach-dev build-depend accordingly.
* hurd-i386/tg-gsync-libc.diff: Fix linking against built libmachuser
instead of installed libmachuser.
* libc0.3.symbols.hurd-i386: Add vm_wire_all symbols.
[ Aurelien Jarno ]
* debian/sysdeps/{amd64,i386,x32}.mk: disable lock elision (aka Intel TSX)
on x86 architectures. This causes programs (wrongly) unlocking an already
unlocked mutex to abort. More importantly most of the other distributions
decided to disable it, so we don't want to be the only distribution left
testing this code path. Closes: #850182.
* debian/rules.d/build.mk: pass --no-recursion before -T in the call to tar
to workaround or fix bug#829738. This reduces the size of the glibc-source
package by 40%
* debian/patches/localedata/supported.diff: rename the kk_KZ locale with the
RK1048 charset to kk_KZ.RK1048 to avoid conflicting with the kk_KZ locale
with the PT154 charset. Closes: #847596.
* debian/patches/git-updates.diff: update from upstream stable branch:
- debian/patches/alpha/submitted-math-fixes.diff: Drop, merged upstream.
* patches/any/cvs-resolv-internal-qtype.diff: patch from upstream to fix a
NULL pointer dereference in libresolv when receiving a T_UNSPEC internal
QTYPE (CVE-2015-5180). Closes: #796106.
* Make the package build reproducibly, thanks to Ximin Luo for the patch.
Closes: #783210.
- debian/rules: export SOURCE_DATE_EPOCH when not building with
dpkg-buildpackage.
- debian/rules.d/build.mk: use --clamp-mtime instead of touching the
files.
- debian/rules.d/debhelper.mk: do not chmod +x the shell script, call
it with sh instead.
* debian/rules.d/control.mk: Add the sh3 architecture to libc6_archs.
Closes: #850565.
-- Aurelien Jarno <email address hidden> Mon, 16 Jan 2017 18:43:37 +0100
-
glibc (2.24-8) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/tg-libc_rwlock_recursive.diff: New patch to work around
fakeroot-tcp issue, see #845930.
* hurd-i386/cvs-hurd_signal.h_c++.diff: New patch to fix building gdb.
* hurd-i386/tg-poll_errors_fixes.diff: Fix port leak.
-- Samuel Thibault <email address hidden> Sun, 04 Dec 2016 22:49:53 +0100
-
glibc (2.24-7) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/tg-hurdsig-SA_SIGINFO.diff: Fix passing address to legacy SIGBUS
handlers.
* hurd-i386/tg-libpthread-gsync-mutex.diff: New patch to make mutexes use
gsync too.
* hurd-i386/tg-NOFOLLOW.diff: New patch to fix O_NOFOLLOW errors.
* hurd-i386/tg-NOFOLLOW-DIRECTORY.diff: New patch to fix O_NOFOLLOW |
O_DIRECTORY errors.
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch.
* debian/rules: build with -no-pie -fno-PIE. Closes: #845512, #845521.
[ Matthias Klose ]
* Allow to inject the libc-dev dependency on linux-libc-dev by the build
environment.
-- Aurelien Jarno <email address hidden> Fri, 25 Nov 2016 23:09:39 +0100
-
glibc (2.24-5) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/sysdeps/linux.mk: fix cross-compilation by also looking at headers
in $(LINUX_HEADERS).
* debian/testsuite-xfail-debian.mk: allow nptl/tst-stack4 to fail on HPPA.
[ Samuel Thibault ]
* hurd-i386/cvs-libpthread-static-weak.diff: New patch to fix weak
references when linking in libpthread statically.
* hurd-i386/cvs-pthread-atfork.diff: New patch to fix unregistering atfork
handlers at library unload. Closes: #841068.
* debhelper.in/libc-dev.install.hurd-i386: Install libpthread_nonshared.a.
-- Aurelien Jarno <email address hidden> Tue, 18 Oct 2016 23:10:46 +0200
-
glibc (2.24-3) unstable; urgency=medium
[ Aurelien Jarno ]
* patches/kfreebsd/local-sysdeps.diff: update to revision 6102 (from
glibc-bsd).
* debian/control.in/main: Drop "Provides: locales" for locales-all.
Closes: #837694.
* Mark libc-l10n as Multi-Arch: foreign.
[ Samuel Thibault ]
* hurd-i386/tg-poll_errors_fixes.diff: Fix spurious port destroy on io_select
returning an error.
* hurd-i386/cvs-libpthread.diff: Update from upstream. Fixes spurious
dependencies of libp11, libgnutls30, libbsd0.
[ John David Anglin ]
* patches/hppa/submitted-sysdeps-cancel.diff: new patch to fix syscall
cancellation issues. Closes: #837518.
* testsuite-xfail-debian.mk: HPPA updates.
-- Aurelien Jarno <email address hidden> Sat, 17 Sep 2016 20:00:44 +0200
-
glibc (2.24-2) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/tg-gsync-libc.diff: Fix for glibc 2.24.
* testsuite-xfail-debian.mk: Update header conformance results.
[ Aurelien Jarno ]
* debian/rules.d/debhelper.mk: remove the arch-qualifier from the
linux-libc-dev depends. Closes: #836446.
* debian/patches/any/submitted-perl-inc.diff: new patch to fix the
testsuite with perl (>= 5.22.2-4), which removed '.' from @INC by
default.
* debian/patches/git-updates.diff: update from upstream stable branch.
-- Aurelien Jarno <email address hidden> Sat, 03 Sep 2016 22:36:31 +0200
-
glibc (2.24-1) unstable; urgency=medium
[ Adam Conrad ]
* debian/rules.d/control.mk: Manually add binutils, linux-libc-dev, and the
current GCC to the rebuild test deps, so they land in Testsuite-Triggers.
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch:
- debian/patches/any/submitted-argp-attribute.diff: upstreamed.
- Fix backtrace hang on armel/armhf, possibly causing a minor
denial-of-service vulnerability (CVE-2016-6323). Closes: #834752.
* debian/control.in/libc: drop ${locale-compat:Depends} as it was not used
anymore.
* debian/control.in/libc, debian/rules.d/debhelper.mk: compute the
linux-libc-dev dependency from the one installed at build time. Closes:
#834706.
* debian/patches/series: apply hppa/submitted-setcontext.diff. Closes:
#835414.
[ Samuel Thibault ]
* patches/hurd-i386/cvs-adjtime-NULL.diff: New patch to fix crash on
adjtime(..., NULL).
-- Aurelien Jarno <email address hidden> Wed, 31 Aug 2016 17:51:04 +0200
-
glibc (2.23-5) unstable; urgency=medium
* patches/hurd-i386/git-recvmsg.diff: New patch, fixes recvmsg on PF_LOCAL
sockets with msg_name != NULL. Closes: #833558.
* hurd-i386/libpthread_version.diff: Really fix pthread_setcancelstate
aliasing.
* libc0.3.symbols.hurd-i386: Update symbols.
* hurd-i386/tg-sysvshm.diff: Update from topgit.
* hurd-i386/cvs-check-local-headers.diff: Update from git.
* hurd-i386/tg-extern_inline.diff: Fix using inlines in libc.
* hurd-i386/cvs-libpthread-2.23.diff: Fix calling pthread functions from
libc.
* hurd-i386/tg-gsync-libc.diff: New patch, use gsync for libc
synchronization primitives.
-- Samuel Thibault <email address hidden> Tue, 23 Aug 2016 21:16:41 +0200
-
glibc (2.23-4) unstable; urgency=medium
[ Aurelien Jarno ]
* patches/kfreebsd/local-sysdeps.diff: update to revision 6098 (from
glibc-bsd).
* debian/debhelper.in/libc.postinst: drop code to handle the /var/mail
transition for pre-Potato installations.
* debian/debhelper.in/libc.{preinst,postinst}, debian/script.in/nohwcap.sh:
Remove fallback to dpkg --print-architecture for pre-multiarch systems.
* debian/debhelper.in/libc.{preinst,postinst}: do not run the NSS check
code from a chroot as it might not have an init system installed.
* debian/testsuite-xfail-debian.mk: allow tst-robust8 to fail on amd64, it
is an intermittent failure that might be due to a kernel issue.
-- Aurelien Jarno <email address hidden> Wed, 27 Jul 2016 00:39:51 +0200
-
glibc (2.23-2) unstable; urgency=medium
[ Aurelien Jarno ]
* Danish debconf translation update from Joe Hansen. Closes: #830589.
* patches/kfreebsd/local-sysdeps.diff: update to revision 6096 (from
glibc-bsd).
[ Samuel Thibault ]
* hurd-i386/cvs-libpthread-2.23.diff: Update, adds pthread_setcancelstate
alias, fixes rsyslog start.
* hurd-i386/cvs-tabdly.diff: New patch. Closes: #830584.
* hurd-i386/local-clock_gettime_MONOTONIC.diff: Complete patch with
timer_create, to fix ghc 8 build.
-- Aurelien Jarno <email address hidden> Tue, 19 Jul 2016 20:22:37 +0200
-
glibc (2.23-1) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch:
- debian/patches/hppa/submitted-start.diff: drop, upstreamed.
* debian/patches/localedata/locale-C.diff: update comment about the week
entry. Closes: #829093.
* debian/testsuite-xfail-debian.mk: allow malloc/tst-mallocfork2 to fail
on hurd-i386, this is not a regression but a new test.
* debian/patches/sparc/cvs-sparc-nearbyint.diff: new patch from upstream
to fix nearbyint* functions with a sNaN input on SPARC.
* debian/testsuite-xfail-debian.mk: allow math/test-double-finite and
math/test-float-finite to fail on alpha, as this architecture do not
fully support IEEE flags.
* debian/patches/alpha/submitted-trunc.diff: new patch to fix trunc and
truncf results for big values on alpha.
* debian/testsuite-xfail-debian.mk: allow nptl/tst-cancel9 and
nptl/tst-cancelx9 to fail on hppa, they are not regressions.
[ John David Anglin ]
* debian/patches/hppa/submitted-libm-test-ulps.diff: new patch to update
the math test ULPs on hppa.
[ Samuel Thibault ]
* patches/hurd-i386/tg-poll_errors_fixes.diff: Update from tg branch, fixes
gettimeofday call from select.
-- Aurelien Jarno <email address hidden> Sun, 03 Jul 2016 21:59:34 +0200
-
glibc (2.22-13) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/patches/mips/submitted-vfork.diff: new patch to fix ABI change and
testsuite on mips*.
* debian/patches/sparc/submitted-vfork.diff: new patch to fix ABI change and
testsuite on sparc*.
* debian/sysdeps/mipsel.mk, debian/sysdeps/mips64el.mk: bump ISA to MIPS32
and MIPS64.
* debian/patches/hppa/submitted-start.diff: new patch from John David Anglin
to fix crash in executables built with -p and linked against gcrt1.o.
Closes: #827876.
-- Aurelien Jarno <email address hidden> Mon, 27 Jun 2016 00:51:43 +0200
-
glibc (2.22-12) unstable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- fix FTBFS with recent binutils versions on mips* and sparc*. Closes:
#827477.
* debian/sysdeps/kfreebsd-i386.mk: fix libc0.1-i686 package name.
* debian/rules.d/build.mk: in case of build failure due testsuite
issues, display again the failed tests so that they appear at the end of
the build log.
* debian/local/etc/nsswitch.conf: add gshadow line to default
/etc/nsswitch.conf (addresses #699090).
* debian/debhelper.in/libc-bin.postinst: update /etc/nsswitch.conf to the
current default if it matches a version shipped by bases-file or
libc-bin. This is based on a patch from Santiago Vila, thanks. Closes:
#827105.
[ Samuel Thibault ]
* hurd-i386/tg-eintr.diff: New patch to fix "Interrupted" issues in ghc.
-- Aurelien Jarno <email address hidden> Mon, 20 Jun 2016 00:01:21 +0200
-
glibc (2.22-11) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/tg-poll_errors_fixes.diff: Fix crash when calling poll or select
on a fd which had never been allocated. Closes: #826175.
* hurd-i386/tg-faccessat.diff: Finish faccessat implementation. Fixes
findutils.
[ Aurelien Jarno ]
* Update from upstream stable branch.
* debian/control: re-add libc0.1-i686, libc0.3-i686, libc6-i686 as a
dummy package to ease the upgrades. Closes: #825421, #826290.
* debian/sysdeps/i386.mk: add libc6-i686 dummy package.
* debian/sysdeps/hurd-i386.mk: add libc0.1-i686 dummy package.
* debian/sysdeps/kfreebsd-i386.mk: add libc0.3-i686 dummy package.
* debian/debhelper.in/libc.NEWS: drop the new about libc6-i686, libc0.1-i686
and libc0.3-i686 packages removal.
* debian/script.in/nohwcap.sh: drop sparc optimized packages.
-- Aurelien Jarno <email address hidden> Sun, 05 Jun 2016 00:04:04 +0200
-
glibc (2.22-9) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/cvs-libpthread.so.diff: Fix building malloc tests.
* debian/testsuite-xfail-debian.mk: Update LFS tests.
[ Aurelien Jarno ]
* debian/testsuite-xfail-debian.mk: drop check on i586 flavours.
* debian/patches/kfreebsd/local-tst-malloc-backtrace.diff: drop, obsoleted
by hurd-i386/cvs-libpthread.so.diff.
* debian/patches/arm/unsubmitted-ldconfig-cache-abi.diff: correctly apply
patch. Really fix #822489.
* control.in/main: Bump Standards-Version to 3.9.8 (no changes).
-- Aurelien Jarno <email address hidden> Thu, 12 May 2016 12:55:01 +0200
-
glibc (2.22-7) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/submitted-auxv.diff: Update from upstream commit into
cvs-auxv.diff.
* hurd-i386/unsubmitted-prof-eintr.diff: Fix recording profiling from
ext2fs.
* hurd-i386/submitted-anon-mmap-shared.diff: Disable, actually breaks
booting hurd-i386.
* control: Add myself as uploader.
-- Samuel Thibault <email address hidden> Tue, 19 Apr 2016 11:48:08 +0200
-
glibc (2.22-6) unstable; urgency=medium
[ Samuel Thibault ]
* hurd-i386/submitted-auxv.diff: New patch, fixes cvs crash.
* hurd-i386/submitted-anon-mmap-shared.diff: New patch, fixes inheritence of
shared anonymous memory.
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix stack overflow when getnetbyname is invoked on a very long name
(CVE-2016-3075).
- Fix HTM on powerpc/ppc64/ppc64el.
-- Aurelien Jarno <email address hidden> Sat, 09 Apr 2016 13:35:19 +0200
-
glibc (2.22-5) unstable; urgency=medium
[ Samuel Thibault ]
* testsuite-xfail-debian.mk: Disable the problematic test-lfs test on hurd.
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix assertion failure with unconnectable name server addresses. Closes:
#816669.
* Drop libnss-dns-udeb and libnss-files-udeb and merge the files they
include in libc6-udeb.
* debian/patches/any/cvs-sys-personality-h.diff: new patch to synchronise
<sys/personality.h> with kernel headers. Closes: #697456.
-- Aurelien Jarno <email address hidden> Tue, 29 Mar 2016 00:44:21 +0200
-
glibc (2.22-4) unstable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix a memory leak in the resolver. Closes: #818178.
* debian/patches/localedata/fr_CA-first_weekday.diff: drop. Closes:
#769051.
* debian/rules, debian/rules.d/build.mk: move the C.UTF-8 locale and
locales-all generation to a separate target instead of building them
in the build_libc target.
* debian/control.in/main, debian/rules, debian/rules.d/build.mk: make sure
to use the just built localedef when building locales. When
cross-compiling use the system localedef with the correct endianness and
build-depends on the correct version.
[ Samuel Thibault ]
* patches/hurd-i386/tg-sendmsg-SCM_RIGHTS.diff,tg-sendmsg-SCM_CREDS.diff:
Update.
* patches/hurd-i386/cvs-errnos.d.diff: New patch to fix build dependency
loop.
* patches/hurd-i386/cvs-mach-syscalls.mk.diff: New patch to fix missing
dependency.
[ Adam Conrad ]
* debian/glibc-source.filelist: Refresh list of source files and sort.
-- Aurelien Jarno <email address hidden> Mon, 21 Mar 2016 18:41:37 +0100
-
glibc (2.22-3) unstable; urgency=medium
* Update from upstream stable branch:
- Fix linking shared objects that use libmvec.so functions. Closes:
#817879.
* debian/sysdeps/sh4.mk: build with -fno-delete-null-pointer-checks to
workaround a missing SH4 specific __builtin_trap implementation in GCC.
* debian/patches/localedata/locale-C.diff: fix LC_TIME week and d_t_fmt
fields in C.UTF-8 locale. Closes: #817895.
* debian/sysdeps/powerpcspe.mk: pass --without-fp to the configure script
on powerpcspe. Closes: #817926.
* debian/rules.d/control.mk: add nios2 architecture. Closes: #817944.
* debian/patches/any/submitted-dlopen-noload.diff: new patch to fix a crash
in dlopen() with RTLD_NOLOAD. Closes: #817900.
-- Aurelien Jarno <email address hidden> Sat, 12 Mar 2016 22:40:15 +0100
-
glibc (2.21-9) unstable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fixes bug18240 failing with a timeout on machines with a lot of swap.
Closes: #814958.
-- Aurelien Jarno <email address hidden> Wed, 17 Feb 2016 18:45:59 +0100
-
glibc (2.21-8) unstable; urgency=critical
* Update from upstream stable branch:
- Fix an integer overflow in hcreate() and hcreate_r() (CVE-2015-8778).
Closes: #812441.
* patches/any/local-CVE-2015-7547.diff: new patch to fix glibc getaddrinfo
stack-based buffer overflow (CVE-2015-7547).
-- Aurelien Jarno <email address hidden> Mon, 15 Feb 2016 21:38:15 +0100
-
glibc (2.21-7) unstable; urgency=medium
[ Aurelien Jarno ]
* patches/localedata/cvs-bg_BG-t_fmt.diff: new patch from upstream to
use colon as time separator in the Bulgarian locale. Closes:
#808143.
* Update French debconf translation, by Christian Perrier. Closes:
#809636.
* Update Brazilian Portuguese debconf translation, by Adriano Rafael
Gomes. Closes: #809741.
* patches/hppa/cvs-update-mman.h.diff: new patch from upstream to add huge
pages support on hppa. Closes: #809776.
* patches/hppa/submitted-dladdr.diff: new patch from John David Anglin to
fix dladdr issues on hppa. Closes: #810053.
* sysdeps/armel.mk, sysdeps/armhf.mk: re-enable IFUNC support now that
binutils has been fixed.
* debian/control.in/main: update Vcs-* fields to point to the new git
repository.
* Update Dutch debconf translation, by Frans Spiesschaert. Closes: #812351.
* Update from upstream stable branch:
- Fix segmentation fault caused by passing out-of-range data to strftime()
(CVE-2015-8776).
- Fix multiple unbounded stack allocations in catopen() (CVE-2015-8779).
* patches/any/submitted-hle-checking-mutex.diff: add proposed patch to fix
a wrong assertion in pthread_mutex_unlock() on systems with hardware lock
elision. Closes: #810322.
[ Samuel Thibault ]
* patches/hurd-i386/cvs-libpthread-sigstate.diff: New patch to fix spurious
signal blocking leading to sigill. Fixes rsyslog tests.
* patches/hurd-i386/cvs-raise-longjump.diff: New patch to fix longjump from
signal handler. Closes: #800900.
* patches/hurd-i386/cvs-O_DIRECTORY.diff: New patch to fix O_DIRECTORY lookup
on trivial translators.
-- Aurelien Jarno <email address hidden> Sun, 24 Jan 2016 00:21:18 +0100
-
glibc (2.21-6) unstable; urgency=medium
[ Aurelien Jarno ]
* sysdeps/kfreebsd.mk: test if the header directory exists before
trying to link directories from there. Fixes FTBFS on GNU/kFreeBSD.
* patches/s390/submitted-socketcall.diff: new patch to fix broken
socketcall related function on s390x when built against 4.3+ kernel
headers.
-- Aurelien Jarno <email address hidden> Fri, 25 Dec 2015 03:35:01 +0100
-
glibc (2.21-5) unstable; urgency=medium
[ Samuel Thibault ]
* Team upload.
* patches/hurd-i386/cvs-libpthread-api.diff: Update patch, add missing throw
specifications.
* patches/any/local-stdio-lock.diff: Update to git commit, and
rename into patches/any/cvs-stdio-lock.diff.
* debhelper.in/libc.lintian-overrides: Override error about the embedded
libidn.
[ Aurelien Jarno ]
* sysdeps/armel.mk, sysdeps/armhf.mk: pass --disable-multi-arch on armel and
armhf as IFUNC support is broken in binutils (see #807974).
-- Samuel Thibault <email address hidden> Tue, 22 Dec 2015 15:23:35 +0100
-
glibc (2.21-4) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/debhelper.in/libc.{preinst,prerm}: remove code handling the
upgrade from squeeze to wheezy, as we don't support squeeze to stretch
upgrades. Move tests which might exit with a failure at the beginning.
* debian/sysdeps/amd64.mk, debian/sysdeps/i386.mk: downgrade the minimal
Linux kernel version to 2.6.32 to support RHEL6 kernels.
* debhelper.in/libc.preinst: add a note explainling that pre-3.2 kernel
are not officially supported.
* debhelper.in/libc.preinst, debhelper.in/libc.templates, po/*: display
kernel related notes using debconf if available.
* patches/any/cvs-grantpt-pty-owner.diff: new patch from upstream to
improve granpt when /dev/pts is not mounted with the correct options.
Closes: #806882.
[ Samuel Thibault ]
* patches/hurd-i386/cvs-libpthread-api.diff: New patch, cleans libpthread
API. Fixes conflicting declarations between pthread.h and sigthread.h.
-- Aurelien Jarno <email address hidden> Thu, 10 Dec 2015 22:34:54 +0100
-
glibc (2.21-1) unstable; urgency=medium
[ Aurelien Jarno ]
* testsuite-checking/expected-results-mips64el-linux-gnu-*: allow
nptl/tst-cancel24-static to fail on mips64el. It's an upstream regression
only affecting static binaries currently under investigation.
* patches/hppa/submitted-mathdef.diff: update to include the ABI baseline
changes.
* testsuite-checking/expected-results-*kfreebsd-gnu-*: re-add rt/tst-shm as
it seems it can still occasionally fail on the buildds.
-- Aurelien Jarno <email address hidden> Tue, 01 Dec 2015 00:17:43 +0100
-
glibc (2.19-22) unstable; urgency=medium
* patches/hurd-i386/cvs-cache-mach_host_self.diff: Remove, since it introduces
a new symbol, which will be easier to handle in 2.21.
-- Samuel Thibault <email address hidden> Tue, 22 Sep 2015 01:38:34 +0200
-
glibc (2.19-20) unstable; urgency=medium
[ Samuel Thibault ]
* patches/hurd-i386/tg-mmap32th_bit.diff: New patch to fix libpciaccess
mapping of BARs above 2GiB. Closes: #793543.
* rules.d/build.mk: Also install crt0.o in stage1, if any.
* sysdeps/hurd-i386.mk: Fix stage1 about xen packages for hurd-i386 too.
* patches/hurd-i386/tg-sysheaders.diff: New patch to fix stage1 finding hurd
headers.
* patches/hurd-i386/cvs-libpthread_clean2.diff: New patch to drop spurious
code getting in the way for stage1.
* patches/hurd-i386/cvs-libpthread_build.diff: New patch to fix build of
generic libpthread code.
* patches/hurd-i386/libpthread_build.diff: Fix header inclusion to get
pthread headers from libpthread/ instead of system.
* sysdeps/hurd.mk: Create symlinks to kernel and hurd headers required for
build, so that we can pass --with-headers to configure to make the build
really self-hosted.
* patches/hurd-i386/local-clock_gettime_MONOTONIC.diff: Update patch to not
advertise _POSIX_CLOCK_SELECTION for vlc
* patches/hurd-i386/{local,cvs}-bootstrap.diff: New patch to fix crt*.o build
in stage1.
* rules, rules.d/build.mk: Set MIG to gnu-type alias of mig, to fix
cross-build.
* control, control.d/main: Bump mig dependency to get the gnu-type alias in
non-cross case too.
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix pthread_mutex_trylock with lock elision. Closes: #759197,
#788999.
- Fix gprof entry point on ppc64el. Closes: #794222.
- Fix a buffer overflow in getanswer_r (CVE-2015-1781). Closes: #796105.
- Fix getaddrinfo sometimes returning uninitialized data with nscd.
Closes: #798515.
* sysdeps.mk/mips*.mk: force the ISA until it gets propagated to all GCC
versions.
* Update hppa patches. Closes: #785664:
- Replace patches/hppa/local-fpu.diff by upstream patch cvs-fpu-r2.diff.
- Add patches/hppa/cvs-fpu2.diff from upstream.
- Add patches/hppa/local-fptr-table-size.diff from Carlos O'Donnell.
- Add patches/hppa/local-setcontext.diff.
- Add patches/hppa/cvs-start.diff from upstream.
* patches/any/cvs-pie-lt_executable.diff: new patch from upstream to fix
explicit loader invocation with PIE binaries. Closes: #796899.
-- Aurelien Jarno <email address hidden> Sun, 13 Sep 2015 18:39:36 +0200
-
glibc (2.19-19) unstable; urgency=medium
* patches/hurd-i386/cvs-mlock.diff: New patch to permit to use mlock from
non-root process.
-- Samuel Thibault <email address hidden> Thu, 09 Jul 2015 14:28:56 +0200
-
glibc (2.19-18+deb8u6) stable; urgency=medium
* Update from upstream stable branch:
- Fix backtrace hang on armel/armhf, possibly causing a minor
denial-of-service vulnerability (CVE-2016-6323). Closes: #834752.
- Fix open and openat functions with O_TMPFILE. Closes: #832521.
- Drop debian/patches/any/cvs-ld_pointer_guard.diff (merged upstream).
- Drop debian/patches/any/cvs-mangle-tls_dtor_list.diff (merged upstream).
- Drop debian/patches/any/cvs-strxfrm-buffer-overflows.diff (merged
upstream).
* debian/patches/any/submitted-resolv-ipv6-nameservers.diff: replace by
patch cvs-resolv-ipv6-nameservers.diff taken from upstream. This fixes
mtr on systems using only IPv6 nameservers. Closes: #818281.
-- Aurelien Jarno <email address hidden> Sat, 03 Sep 2016 22:39:43 +0200
-
glibc (2.19-18+deb8u4) stable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fixes bug18240 failing with a timeout on machines with a lot of swap.
* patches/any/cvs-grantpt-pty-owner.diff: new patch from upstream to
improve granpt when /dev/pts is not mounted with the correct options.
* rules.d/debhelper.mk: only install pt_chown when built.
* sysdeps/linux.mk: don't build pt_chown (CVE-2013-2207). Closes: #717544.
-- Aurelien Jarno <email address hidden> Sat, 27 Feb 2016 23:17:33 +0100
-
glibc (2.19-18+deb8u2) stable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix getaddrinfo sometimes returning uninitialized data with nscd.
Closes: #798515.
- Fix data corruption while reading the NSS files database
(CVE-2015-5277). Closes: #799966.
- Fix buffer overflow (read past end of buffer) in internal_fnmatch.
- Fix _IO_wstr_overflow integer overflow.
- Fix unexpected closing of nss_files databases after lookups,
causing denial of service (CVE-2014-8121). Closes: #779587.
- Fix NSCD netgroup cache. Closes: #800523.
* patches/any/cvs-ld_pointer_guard.diff: new patch from upstream to
unconditionally disable LD_POINTER_GUARD. Closes: #798316, #801691.
* patches/any/cvs-mangle-tls_dtor_list.diff: new patch from upstream to
mangle function pointers in tls_dtor_list. Closes: #802256.
* patches/any/cvs-strxfrm-buffer-overflows.diff: new patch from upstream
to fix memory allocations issues that can lead to buffer overflows on
the stack. Closes: #803927.
[ Henrique de Moraes Holschuh ]
* Replace patches/amd64/local-blacklist-on-TSX-Haswell.diff by
local-blacklist-for-Intel-TSX.diff also blacklisting some Broadwell
models. Closes: #800574.
-- Aurelien Jarno <email address hidden> Mon, 28 Dec 2015 21:39:40 +0100
-
glibc (2.19-18+deb8u1) stable; urgency=medium
[ Aurelien Jarno ]
* Update from upstream stable branch:
- Fix pthread_mutex_trylock with lock elision. Closes: #759197,
#788999.
- Fix gprof entry point on ppc64el. Closes: #794222.
- Fix a buffer overflow in getanswer_r (CVE-2015-1781).
Closes: #796105.
-- Aurelien Jarno <email address hidden> Sat, 29 Aug 2015 10:56:31 +0200
-
glibc (2.19-18) unstable; urgency=medium
[ Aurelien Jarno ]
* debhelper.in/locales.templates: allow the C.UTF-8 locale to be
selected as the default locale. Closes: #782241.
-- Aurelien Jarno <email address hidden> Tue, 14 Apr 2015 19:50:11 +0200
-
glibc (2.19-17) unstable; urgency=medium
[ Adam Conrad ]
* debian/rules.d/debhelper.mk: Unconditionally create tmp.substvars.
Closes: #780431.
-- Aurelien Jarno <email address hidden> Sat, 14 Mar 2015 10:17:56 +0100
-
glibc (2.19-15) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/patches/any/cvs-wscanf.diff: new patch from upstream to fix a
heap buffer overflow in wscanf (CVE-2015-1472, CVE-2015-1473). Closes:
#777197.
-- Aurelien Jarno <email address hidden> Sun, 08 Feb 2015 15:54:37 +0100
-
glibc (2.19-14) unstable; urgency=medium
[ Samuel Thibault ]
* patches/hurd-i386/libpthread_spin-lock.diff: New patch to fix spin-lock.h
inclusion order.
* patches/hurd-i386/tg-WRLCK-upgrade.diff: New patch to fix atomicity of
changing between rd locks and wr locks.
* patches/hurd-i386/cvs-static-dlopen.diff: New patch to fix dlopen from
static binaries, busybox notably.
* control.in/main: Bump mig dependency to get _routines@ symbols, bump
gnumach-dev dependency to get protected payload symbols.
* libc0.3.symbols.hurd-i386: Update symbols.
* patches/hurd-i386/submitted-startup-pid2.diff: Remove, replaced by...
* patches/hurd-i386/tg-reboot-startup.diff: ... new patch to make reboot
lookup startup through /servers/startup instead of guessing its pid and
using its message port.
[ Adam Conrad ]
* debian/rules.d/tarball.mk: Fix update-from-upstream manual/* filter rule.
[ Petr Salinger ]
* kfreebsd/local-sysdeps.diff: update to revision 5688 (from glibc-bsd).
Do not return EINTR from sigwait. Closes: #763705.
[ Aurelien Jarno ]
* debian/patches/any/cvs-wordexp.diff: new patch from upstream to fix a
command execution in wordexp() with WRDE_NOCMD specified (CVS-2014-7817).
* debian/patches/any/cvs-getnetbyname.diff: new patch from upstream to fix
an infinite loop in getnetbyname (CVE-2014-9402). Closes: #775572.
* debian/patches/any/cvs-vfprintf.diff: new patch from ustream to fix a
stack overflow in vfprintf (CVE-2012-3406). Closes: #681888.
* debian/patches/git-updates.diff: update to the latest commit of the 2.19
branch to fix a few buffer overflow, unbounded stack allocation or memory
leaks that have not been (yet ?) tagged as security issue. This branch
includes a few patches already applied manually:
- drop patches/localedata/unsubmitted-tst-setlocale3-ENV.diff (merged
upstream).
- drop patches/s390/cvs-s390-abi-reversal.diff (merged upstream).
- update patches/any/cvs-resolv-first-query-failure.diff
- drop patches/any/cvs-resolv-reuse-fd.diff (merged upstream).
- drop patches/any/cvs-posix_spawn_file_actions_addopen.diff (merged
upstream).
- drop patches/any/cvs-setlocale-alloca.diff (merged upstream).
- drop patches/any/cvs-CVE-2014-0475.diff (merged upstream).
- drop patches/any/cvs-CVE-2014-5119.diff (merged upstream).
- drop patches/any/cvs-CVE-2014-6040.diff (merged upstream).
-- Aurelien Jarno <email address hidden> Sun, 01 Feb 2015 00:32:31 +0100
-
glibc (2.19-13) unstable; urgency=medium
[ Aurelien Jarno ]
* kfreebsd/local-fbtl.diff: update to revision 5677 (from glibc-bsd).
Workarounds a kfreebsd 9.0 to 10.1 ABI break. Closes: #740509.
* patches/hppa/cvs-sigrtmin.diff: backport patch from upstream to change
__SIGRTMIN to match other architectures. Closes: #766605.
* patches/amd64/cvs-slow-sse42.diff: backport patch from upstream to fix
a performance issue with strcmp and friends functions on some machines.
* patches/any/cvs-regex-alloca.diff: new patch from upstream to fix a
segmentation fault in regex in case of heap allocation failure. Closes:
#767225.
* Don't fail to build in case of testsuite regressions, so that changes
in the environment (e.g.: kernel) do not prevent security or stable
versions to be built. It will be re-enabled after the Jessie release.
* debian/control.in/main: build-depends on debhelper (>= 9.20141010) to
get Build-Profiles features. This fixes the following lintian warning:
restriction-formula-with-debhelper-without-debhelper-version.
[ Samuel Thibault ]
* hurd-i386/cvs-libpthread.diff: Update to Sun Nov 2.
* hurd-i386/libpthread_clean.diff: Refresh, most of it merged into
cvs-libpthread.diff.
* hurd-i386/cvs-libpthread-pthread_condattr_setclock.diff,
cvs-libpthread_guardsize.diff, cvs-libpthread_std_thread.diff: Remove,
merged into cvs-libpthread.diff.
-- Aurelien Jarno <email address hidden> Thu, 06 Nov 2014 20:28:41 +0100
-
glibc (2.19-12) unstable; urgency=medium
[ Samuel Thibault ]
* patches/hurd-i386/tg-thread-cancel.diff: Update patch from upstream, fixes
a rare deadlock.
* patches/hurd-i386/local-libpthread-stacksize.diff: New patch to make
libpthread stacks size default to 8MiB like on Linux, to avoid surprises
with packages which assume the Linuxish default.
* patches/hurd-i386/tg-poll_errors_fixes.diff: Update patch, fixes
select returned value in case of errors. Closes: #764840.
[ Petr Salinger ]
* update testsuite-checking/expected-results-*-kfreebsd-gnu-*
under 10.x kernels, provided by Steven Chamberlain. Closes: #762404.
[ Aurelien Jarno ]
* Remove mtrace(1) and pldd(1) manpages, provided by the manpages package
starting with version 3.74.
* debian/control.in/*: update the syntax of the Build-Profiles field and
build depends on dpkg-dev (>= 1.17.14) to get the new feature. Closes:
#764274.
* Remove libc6-prof package as it's broken for years and there are better
way to profile code nowadays. Closes: #760450.
* patches/amd64/local-blacklist-on-TSX-Haswell.diff: new patch from
Henrique de Moraes Holschuh to disable TSX on processors which might get
it disable through a microcode update. Closes: #762195.
* Install French, German, Polish and Spanish version of validlocale(8)
manpage. Add a Replaces: manpages-fr-extra (<= 20141008).
* Update French manpages translations, by David Prévot. Closes: #715289.
* Update German manpages translations, by Helge Kreutzmann. Closes: #717979.
* kfreebsd/local-fbtl.diff: update to revision 5651 (from glibc-bsd).
Workarounds a kfreebsd 9.0 to 10.1 ABI break. Closes: #740509.
* patches/any/cvs-CVE-2014-6040.diff: new patch from upstream to fix crashes
on invalid input in IBM gconv modules (CVE-2014-6040).
* patches/any/cvs-check_pf-infinite-loop.diff: new patch from upstream to
fix an infinite loop in infinite loop in check_pf.
* patches/any/local-static-dlopen-search-path.diff: new patch to re-enable
default search path for dlopen() in static libraries. Closes: #754813,
#757941.
[ Helmut Grohne ]
* debian/patches/any/local-bootstrap-headers.diff: Update to handle
stubs-$abi.h which is required for multilib bootstraps. Closes: #756473
-- Aurelien Jarno <email address hidden> Wed, 22 Oct 2014 20:01:11 +0200
-
glibc (2.19-11) unstable; urgency=medium
[ Samuel Thibault ]
* patches/hurd-i386/tg-thread-cancel.diff: Update patch against two other
overzealous assertions.
* patches/hurd-i386/submitted-bind_umask.diff: Split into cvs-bind_umask.diff
and submitted-bind_umask2.diff as requested by upstream.
* patches/hurd-i386/cvs-fork_ss_hang.diff: New patch which fixes some dash
hangs.
* patches/hurd-i386/cvs-libpthread_guardsize.diff: Add another guard size
computation fix. Fixes gcj's boehm-gc. Closes: #760076.
[ Aurelien Jarno ]
* debian/control.in/main: Build-Depends on dpkg (>= 1.17.11) instead of
dpkg-dev (>= 1.17.1). Closes: #759495.
* debian/debhelper.in/libc.{preinst,postinst,postrm}: correctly remove old
conffiles /etc/ld.so.conf.d/i486-{kfreebsd-gnu.conf,gnu-gnu.conf,gnu.conf}.
Closes: #759568.
* Update Italian debconf translation, by Luca Monducci. Closes: #760092.
[ Petr Salinger ]
* kfreebsd/local-fbtl.diff: update to revision 5520 (from glibc-bsd).
Fixes x87 precision mode in newly created pthreads. Closes: #761175.
-- Aurelien Jarno <email address hidden> Fri, 12 Sep 2014 23:49:50 +0200