diff -Nru libffi-3.1~rc1+r3.0.13/debian/changelog libffi-3.1~rc1+r3.0.13/debian/changelog --- libffi-3.1~rc1+r3.0.13/debian/changelog 2014-03-28 08:57:07.000000000 +0000 +++ libffi-3.1~rc1+r3.0.13/debian/changelog 2017-06-27 11:53:35.000000000 +0000 @@ -1,3 +1,24 @@ +libffi (3.1~rc1+r3.0.13-12ubuntu0.2) trusty-security; urgency=medium + + * SECURITY UPDATE: executable stack + - debian/patches/CVE-2017-1000376.patch: add missing GNU stack markings + in src/x86/win32.S. + - debian/patches/pax_status.patch: check /proc/self/status for PaX + status in src/closures.c. + - debian/rules: build with --enable-pax_emutramp. + - CVE-2017-1000376 + + -- Marc Deslauriers Tue, 27 Jun 2017 07:52:51 -0400 + +libffi (3.1~rc1+r3.0.13-12ubuntu0.1) trusty; urgency=medium + + * Fix an AArch64 issue, taken from upstream: + For any 1-16 byte structure not passed in registers, we weren't copying + from the object to be passed, but from the array of objects. + (LP: #1513958) + + -- dann frazier Fri, 06 Nov 2015 13:33:54 -0700 + libffi (3.1~rc1+r3.0.13-12) trusty; urgency=medium * Revert 3.1~rc1-2 upload, it causes an unannounced ABI break on at least diff -Nru libffi-3.1~rc1+r3.0.13/debian/control libffi-3.1~rc1+r3.0.13/debian/control --- libffi-3.1~rc1+r3.0.13/debian/control 2014-01-14 12:28:26.000000000 +0000 +++ libffi-3.1~rc1+r3.0.13/debian/control 2015-11-06 20:04:57.000000000 +0000 @@ -1,6 +1,7 @@ Source: libffi Priority: optional -Maintainer: Debian GCC Maintainers +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Debian GCC Maintainers Uploaders: Matthias Klose Build-Depends: debhelper (>= 5), g++-multilib [amd64 i386 mips mipsel powerpc ppc64 s390 sparc kfreebsd-amd64], diff -Nru libffi-3.1~rc1+r3.0.13/debian/patches/aarch64-fix.diff libffi-3.1~rc1+r3.0.13/debian/patches/aarch64-fix.diff --- libffi-3.1~rc1+r3.0.13/debian/patches/aarch64-fix.diff 1970-01-01 00:00:00.000000000 +0000 +++ libffi-3.1~rc1+r3.0.13/debian/patches/aarch64-fix.diff 2015-11-06 20:02:59.000000000 +0000 @@ -0,0 +1,11 @@ +--- a/src/aarch64/ffi.c ++++ b/src/aarch64/ffi.c +@@ -668,7 +668,7 @@ aarch64_prep_args (struct call_context * + state.ngrn = N_X_ARG_REG; + + memcpy (allocate_to_stack (&state, stack, ty->alignment, +- ty->size), ecif->avalue + i, ty->size); ++ ty->size), ecif->avalue[i], ty->size); + } + break; + diff -Nru libffi-3.1~rc1+r3.0.13/debian/patches/CVE-2017-1000376.patch libffi-3.1~rc1+r3.0.13/debian/patches/CVE-2017-1000376.patch --- libffi-3.1~rc1+r3.0.13/debian/patches/CVE-2017-1000376.patch 1970-01-01 00:00:00.000000000 +0000 +++ libffi-3.1~rc1+r3.0.13/debian/patches/CVE-2017-1000376.patch 2017-06-21 19:36:01.000000000 +0000 @@ -0,0 +1,28 @@ +From 978c9540154d320525488db1b7049277122f736d Mon Sep 17 00:00:00 2001 +From: Samuli Suominen +Date: Sat, 31 May 2014 08:53:10 -0400 +Subject: [PATCH] Add missing GNU stack markings in win32.S + +--- + src/x86/win32.S | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +Index: libffi-3.1~rc1+r3.0.13/src/x86/win32.S +=================================================================== +--- libffi-3.1~rc1+r3.0.13.orig/src/x86/win32.S 2017-06-21 15:35:56.915725618 -0400 ++++ libffi-3.1~rc1+r3.0.13/src/x86/win32.S 2017-06-21 15:35:56.911725576 -0400 +@@ -1,5 +1,6 @@ + /* ----------------------------------------------------------------------- +- win32.S - Copyright (c) 1996, 1998, 2001, 2002, 2009 Red Hat, Inc. ++ win32.S - Copyright (c) 2014 Anthony Green ++ Copyright (c) 1996, 1998, 2001, 2002, 2009 Red Hat, Inc. + Copyright (c) 2001 John Beniton + Copyright (c) 2002 Ranjit Mathew + Copyright (c) 2009 Daniel Witte +@@ -1199,3 +1200,6 @@ _ffi_closure_STDCALL: + + #endif /* !_MSC_VER */ + ++#if defined __ELF__ && defined __linux__ ++ .section .note.GNU-stack,"",@progbits ++#endif diff -Nru libffi-3.1~rc1+r3.0.13/debian/patches/pax_status.patch libffi-3.1~rc1+r3.0.13/debian/patches/pax_status.patch --- libffi-3.1~rc1+r3.0.13/debian/patches/pax_status.patch 1970-01-01 00:00:00.000000000 +0000 +++ libffi-3.1~rc1+r3.0.13/debian/patches/pax_status.patch 2017-06-27 11:52:36.000000000 +0000 @@ -0,0 +1,43 @@ +From 52b3457093ed19b2a7c5fcf243c4014c90ce6225 Mon Sep 17 00:00:00 2001 +From: Magnus Granberg +Date: Sun, 11 May 2014 09:55:28 -0400 +Subject: [PATCH] Check /proc/self/status for PaX status. + +--- + src/closures.c | 22 +++++++++++++++++++--- + 1 file changed, 19 insertions(+), 3 deletions(-) + +diff --git a/src/closures.c b/src/closures.c +index 98f00f95..c7863f3d 100644 +--- a/src/closures.c ++++ b/src/closures.c +@@ -181,10 +181,26 @@ static int emutramp_enabled = -1; + static int + emutramp_enabled_check (void) + { +- if (getenv ("FFI_DISABLE_EMUTRAMP") == NULL) +- return 1; +- else ++ char *buf = NULL; ++ size_t len = 0; ++ FILE *f; ++ int ret; ++ f = fopen ("/proc/self/status", "r"); ++ if (f == NULL) + return 0; ++ ret = 0; ++ ++ while (getline (&buf, &len, f) != -1) ++ if (!strncmp (buf, "PaX:", 4)) ++ { ++ char emutramp; ++ if (sscanf (buf, "%*s %*c%c", &emutramp) == 1) ++ ret = (emutramp == 'E'); ++ break; ++ } ++ free (buf); ++ fclose (f); ++ return ret; + } + + #define is_emutramp_enabled() (emutramp_enabled >= 0 ? emutramp_enabled \ diff -Nru libffi-3.1~rc1+r3.0.13/debian/patches/series libffi-3.1~rc1+r3.0.13/debian/patches/series --- libffi-3.1~rc1+r3.0.13/debian/patches/series 2014-01-21 16:19:00.000000000 +0000 +++ libffi-3.1~rc1+r3.0.13/debian/patches/series 2017-06-27 11:52:36.000000000 +0000 @@ -3,3 +3,6 @@ powerpc-abiv2.diff aarch64-call-frame-info.diff fix-ffi_call_VFP-with-no-VFP-argument.diff +aarch64-fix.diff +CVE-2017-1000376.patch +pax_status.patch diff -Nru libffi-3.1~rc1+r3.0.13/debian/rules libffi-3.1~rc1+r3.0.13/debian/rules --- libffi-3.1~rc1+r3.0.13/debian/rules 2014-01-14 12:33:44.000000000 +0000 +++ libffi-3.1~rc1+r3.0.13/debian/rules 2017-06-21 19:36:16.000000000 +0000 @@ -45,6 +45,7 @@ --prefix=/usr \ --mandir=\$${prefix}/share/man \ --infodir=\$${prefix}/share/info \ + --enable-pax_emutramp \ CC="$(CC)" CXX="$(CXX)" CFLAGS="$(CFLAGS)" CCASFLAGS="$(CFLAGS) -Wa,--gdwarf2" LDFLAGS="-Wl,-z,defs $(LDFLAGS)" touch $@ # --libdir=\$${prefix}/lib/$(DEB_HOST_MULTIARCH) \