Change log for glibc package in Ubuntu
| 1 → 75 of 199 results | First • Previous • Next • Last |
| Published in bionic-release on 2017-10-24 |
| Published in artful-release on 2017-10-14 |
| Deleted in artful-proposed (Reason: moved to release) |
glibc (2.26-0ubuntu2) artful; urgency=medium
* Cherry-pick some changes from Debian git for a few pending Ubuntu bugfixes:
- Update to master and drop redundant submitted-tst-tlsopt-powerpc.diff.
- debian/patches/any/local-cudacc-float128.diff: Local patch to prevent
defining __HAVE_FLOAT128 on NVIDIA's CUDA compilers (LP: #1717257)
- debian/patches/arm/git-arm64-memcmp.diff: Backport optimized memcmp
for AArch64, improving performance from 25% to 500% (LP: #1720832)
- debian/patches/amd64/git-x86_64-search.diff: Backport upstream commit
to put x86_64 back in the search path, like in 2.25 (LP: #1718928)
- debian/rules.d/debhelper.mk: Filter python hooks in stage1 (LP: #1715366)
-- Adam Conrad <email address hidden> Wed, 11 Oct 2017 14:21:40 -0600
Available diffs
| Superseded in artful-release on 2017-10-14 |
| Deleted in artful-proposed on 2017-10-15 (Reason: moved to release) |
glibc (2.26-0ubuntu1) artful; urgency=medium
* Merge with current 2.26 from Debian experimental git, remaining changes:
- Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel.
- Heavily mangle the way we do service restarting on major upgrades.
- Build i386 variants as -march=i686, build amd64 with -O3, and build
ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize.
- Build generic i386 flavour with -mno-tls-direct-seg-refs for Xen.
- Drop the libc6-xen flavour, as the above change covers Xen's needs.
- Enable systemtap support, which is currently disabled in Debian.
- Don't build libc-l10n, its contents get stripped for language-packs.
- Drop libc-bin manpages Recommends to Suggests to keep it in standard.
- Revert dropping the ldconfig wrapper, xenial still has a lot of
packages that don't ship a trigger but instead call in postinst.
- Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
- Mangle locales package to support Ubuntu language packs seamlessly.
* debian/rules.d/build.mk: Configure with --enable-obsolete-nsl until we
sort out a reasonable nsswitch migration strategy from compat to files.
Available diffs
- diff from 2.24-12ubuntu1 to 2.26-0ubuntu1 (9.1 MiB)
- diff from 2.24-17ubuntu1 to 2.26-0ubuntu1 (9.1 MiB)
| Superseded in artful-proposed on 2017-09-05 |
glibc (2.24-17ubuntu1) artful; urgency=medium * Merge with Debian.
Available diffs
- diff from 2.24-12ubuntu1 to 2.24-17ubuntu1 (28.1 KiB)
| Superseded in artful-release on 2017-09-19 |
| Deleted in artful-proposed on 2017-09-21 (Reason: moved to release) |
glibc (2.24-12ubuntu1) artful; urgency=medium
* Merge with Debian testing, bringing in packaging and upstream fixes.
- any/cvs-resolv-internal-qtype.diff: Revert to avoid an ABI break.
- ubuntu/local-disable-ld_audit.diff: Rewrite to apply to new code.
* any/cvs-common-symbols.diff: Apply to fix build with newer binutils.
* arm/cvs-rtld-startup.diff: Backport fix for rtld startup on arm64.
* arm/submitted-strip-bit-0.diff: ML fix to the ld.so crash on armv7t.
-- Adam Conrad <email address hidden> Sat, 01 Jul 2017 15:13:50 -0600
Available diffs
- diff from 2.24-9ubuntu2 to 2.24-12ubuntu1 (97.8 KiB)
glibc (2.23-0ubuntu9) xenial-security; urgency=medium
* SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
- debian/patches/any/CVE-2017-1000366.patch: Completely ignore
LD_LIBRARY_PATH for AT_SECURE=1 programs
- CVE-2017-1000366
* SECURITY UPDATE: LD_PRELOAD stack corruption
- debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
Reject overly long names or names containing directories in
LD_PRELOAD for AT_SECURE=1 programs.
* debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
additional consistency check for 1-byte overflows
* debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
LD_HWCAP_MASK for AT_SECURE=1 programs
-- Steve Beattie <email address hidden> Fri, 16 Jun 2017 12:04:15 -0700
Available diffs
- diff from 2.23-0ubuntu7 to 2.23-0ubuntu9 (3.8 KiB)
- diff from 2.23-0ubuntu8 to 2.23-0ubuntu9 (2.3 KiB)
glibc (2.24-3ubuntu2.2) yakkety-security; urgency=medium
* SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
- debian/patches/any/CVE-2017-1000366.patch: Completely ignore
LD_LIBRARY_PATH for AT_SECURE=1 programs
- CVE-2017-1000366
* SECURITY UPDATE: LD_PRELOAD stack corruption
- debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
Reject overly long names or names containing directories in
LD_PRELOAD for AT_SECURE=1 programs.
- debian/patches/any/cve-i686-Add-missing-IS_IN-libc-guards.patch:
prerequisite patch
* debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
additional consistency check for 1-byte overflows
* debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
LD_HWCAP_MASK for AT_SECURE=1 programs
-- Steve Beattie <email address hidden> Fri, 16 Jun 2017 11:55:05 -0700
Available diffs
glibc (2.24-9ubuntu2.2) zesty-security; urgency=medium
* SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
- debian/patches/any/CVE-2017-1000366.patch: Completely ignore
LD_LIBRARY_PATH for AT_SECURE=1 programs
- CVE-2017-1000366
* SECURITY UPDATE: LD_PRELOAD stack corruption
- debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
Reject overly long names or names containing directories in
LD_PRELOAD for AT_SECURE=1 programs.
- debian/patches/any/cve-i686-Add-missing-IS_IN-libc-guards.patch:
prerequisite patch
* debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
additional consistency check for 1-byte overflows
* debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
LD_HWCAP_MASK for AT_SECURE=1 programs
-- Steve Beattie <email address hidden> Fri, 16 Jun 2017 11:42:30 -0700
Available diffs
| Superseded in artful-release on 2017-07-25 |
| Published in zesty-release on 2017-04-08 |
| Deleted in zesty-proposed (Reason: moved to release) |
glibc (2.24-9ubuntu2) zesty; urgency=medium
* debian/patches/any/cvs-resolv-internal-qtype.diff: Revert to avoid
failure in name resolution on upgrades from yakkety (LP: #1674532)
-- Adam Conrad <email address hidden> Tue, 21 Mar 2017 15:27:15 -0600
Available diffs
- diff from 2.24-7ubuntu2 to 2.24-9ubuntu2 (67.2 KiB)
- diff from 2.24-7ubuntu1 (in Ubuntu) to 2.24-9ubuntu2 (34.4 KiB)
- diff from 2.24-9ubuntu1 to 2.24-9ubuntu2 (513 bytes)
glibc (2.23-0ubuntu7) xenial-security; urgency=medium
* REGRESSION UPDATE: Previous update introduced ABI breakage in
internal glibc query ABI
- Revert patches/any/CVE-2015-5180-regression.diff
(LP: #1674532)
-- Steve Beattie <email address hidden> Tue, 21 Mar 2017 08:54:23 -0700
Available diffs
| Superseded in zesty-proposed on 2017-03-21 |
glibc (2.24-9ubuntu1) zesty; urgency=medium
* Merge with Debian testing, bringing in packaging and upstream fixes.
* debian/patches/any/cvs-ttyname-namespaces.diff: Pull upstream commit
to return ENODEV for ttyname() when /proc/self/fd* point to nonsense
in namespaces (LP: #1669578)
* debian/patches/any/cvs-pthread-free.diff: Pull an upstream commit to
fix use after free in pthread_create() (LP: #1651525)
* debian/patches/powerpc/cvs-lock-elision.diff: Pull upstream commit
to fix write-after-destroy in lock elision on powerpc (LP: #1640518)
Available diffs
- diff from 2.24-7ubuntu2 to 2.24-9ubuntu1 (67.1 KiB)
glibc (2.23-0ubuntu6) xenial-security; urgency=medium
* SECURITY UPDATE: DNS resolver NULL pointer dereference with
crafted record type
- patches/any/CVE-2015-5180.diff: use out of band signaling for
internal queries
- CVE-2015-5180
* Rebuild to get the following fixes into the xenial-security pocket:
- SECURITY UPDATE: stack-based buffer overflow in the glob
implementation
+ patches/git-updates.diff: Simplify the interface for the
GLOB_ALTDIRFUNC callback gl_readdir
+ CVE-2016-1234
- SECURITY UPDATE: getaddrinfo: stack overflow in hostent
conversion
+ patches/git-updates.diff: Use a heap allocation instead
+ CVE-2016-3706:
- SECURITY UPDATE: stack exhaustion in clntudp_call
+ patches/git-updates.diff: Use malloc/free for the error
payload.
+ CVE-2016-4429
- SECURITY UPDATE: memory exhaustion DoS in libresolv
+ patches/git-updates.diff: Simplify handling of nameserver
configuration in resolver
+ CVE-2016-5417
- SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
+ patches/git-updates.diff: mark __startcontext as .cantunwind
+ CVE-2016-6323
-- Steve Beattie <email address hidden> Mon, 06 Mar 2017 16:47:32 -0800
Available diffs
| Superseded in zesty-release on 2017-04-08 |
| Deleted in zesty-proposed on 2017-04-09 (Reason: moved to release) |
glibc (2.24-7ubuntu2) zesty; urgency=medium * Disable lock-elision on all targets to avoid regressions (LP: #1642390)
Available diffs
| Superseded in zesty-proposed on 2016-12-05 |
glibc (2.24-7ubuntu1) zesty; urgency=medium * Merge with Debian (2.24-7).
Available diffs
| Superseded in yakkety-updates on 2017-06-19 |
| Deleted in yakkety-proposed on 2017-06-20 (Reason: moved to -updates) |
glibc (2.24-3ubuntu2) yakkety; urgency=medium * Disable lock-elision on all targets to avoid regressions (LP: #1642390) -- Adam Conrad <email address hidden> Wed, 16 Nov 2016 13:53:50 -0700
Available diffs
| Superseded in xenial-updates on 2017-03-21 |
| Deleted in xenial-proposed on 2017-03-22 (Reason: moved to -updates) |
glibc (2.23-0ubuntu5) xenial; urgency=medium * Disable lock-elision on all targets to avoid regressions (LP: #1642390) -- Adam Conrad <email address hidden> Wed, 16 Nov 2016 13:53:50 -0700
Available diffs
| Superseded in xenial-updates on 2016-12-08 |
| Deleted in xenial-proposed on 2016-12-09 (Reason: moved to -updates) |
glibc (2.23-0ubuntu4) xenial; urgency=medium
* debian/rules.d/tarball.mk: Apply --no-renames to make the diff readable.
* debian/patches/git-updates.diff: Update from release/2.23/master branch:
- Include fix for potential makecontext() hang on ARMv7 (CVE-2016-6323)
- Include fix for SEGV in sock_eq with nss_hesiod module (LP: #1571456)
- Include malloc fixes, addressing multithread deadlocks (LP: #1630302)
- debian/patches/hurd-i386/cvs-libpthread.so.diff: Dropped, upstreamed.
- debian/patches/any/submitted-argp-attribute.diff: Dropped, upstreamed.
- debian/patches/hurd-i386/tg-hurdsig-fixes-2.diff: Rebased to upstream.
* debian/patches/ubuntu/local-altlocaledir.diff: Updated to latest version
from Martin that limits scope to LC_MESSAGES, fixing segv (LP: #1577460)
* debian/patches/any/cvs-cos-precision.diff: Fix cos() bugs (LP: #1614966)
* debian/testsuite-xfail-debian.mk: Allow nptl/tst-signal6 to fail on ARM.
-- Adam Conrad <email address hidden> Fri, 14 Oct 2016 00:00:34 -0600
Available diffs
- diff from 2.23-0ubuntu3 (in Ubuntu) to 2.23-0ubuntu4 (57.4 KiB)
- diff from 2.23-0ubuntu2 to 2.23-0ubuntu4 (pending)
| Superseded in zesty-release on 2017-02-01 |
| Published in yakkety-release on 2016-10-06 |
| Deleted in yakkety-proposed (Reason: moved to release) |
glibc (2.24-3ubuntu1) yakkety; urgency=medium
* Merge with 2.24 from Debian sid, bringing in minor packaging changes and
upstream updates, including the security fix for CVE-2016-6323 on ARMv7.
* debian/patches/ubuntu/local-altlocaledir.diff: Updated to latest version
from Martin that limits scope to LC_MESSAGES, fixing segv (LP: #1577460)
* debian/testsuite-xfail-debian.mk: Allow nptl/tst-signal6 to fail on ARM.
-- Adam Conrad <email address hidden> Wed, 05 Oct 2016 14:25:57 -0600
Available diffs
- diff from 2.24-0ubuntu1 to 2.24-3ubuntu1 (35.5 KiB)
| Superseded in yakkety-release on 2016-10-06 |
| Deleted in yakkety-proposed on 2016-10-08 (Reason: moved to release) |
glibc (2.24-0ubuntu1) yakkety; urgency=medium
* Merge with current 2.24 from Debian experimental git, remaining changes:
- Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel.
- Heavily mangle the way we do service restarting on major upgrades.
- Build i386 variants as -march=i686, build amd64 with -O3, and build
ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize.
- Build generic i386 flavour with -mno-tls-direct-seg-refs for Xen.
- Drop the libc6-xen flavour, as the above change covers Xen's needs.
- Enable systemtap support, which is currently disabled in Debian.
- Don't build libc-l10n, its contents get stripped for language-packs.
- debian/control.in/libc: Remove a Breaks on s390x against a binary
NMU version of check that will never exist in the Ubuntu archive.
- Drop libc-bin manpages Recommends to Suggests to keep it in standard.
- Revert dropping the ldconfig wrapper, xenial still has a lot of
packages that don't ship a trigger but instead call in postinst.
- Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
- Mangle locales package to support Ubuntu language packs seamlessly.
- Evaluate and merge localedata patches from the old langpack-locales.
* debian/sysdeps/{amd64,i386}.mk: Don't build i386 libc with -fno-regmove.
* debian/patches/ubuntu/localedata/bn-language.diff: Rebased to 2.24.
* debian/patches/ubuntu/localedata/ckb_IQ-new_locale.diff: Rebased to 2.24.
* debian/patches/ubuntu/localedata/en_IE-am_pm.diff: Rebased to 2.24.
* debian/patches/ubuntu/localedata/eo_US.diff: Rebased to 2.24.
* debian/patches/ubuntu/localedata/es_DO-am_pm.diff: Rebased to 2.24.
* debian/patches/ubuntu/localedata/ln_CD-new_locale.diff: Applied upstream.
* debian/patches/ubuntu/localedata/lv_LV-currency.diff: Rebased to 2.24.
* debian/patches/ubuntu/localedata/sd_PK.diff: Rebased to 2.24.
* <email address hidden>: Rebased to 2.24.
* debian/testsuite-xfail-debian.mk: Drop now unnecessary s390x Ubuntu delta.
Available diffs
- diff from 2.23-1ubuntu1 to 2.24-0ubuntu1 (5.4 MiB)
| Superseded in yakkety-release on 2016-08-19 |
| Deleted in yakkety-proposed on 2016-08-20 (Reason: moved to release) |
glibc (2.23-1ubuntu1) yakkety; urgency=medium
* Merge with most recent upload from Debian unstable, remaining changes:
- Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel.
- Heavily mangle the way we do service restarting on major upgrades.
- Build i386 variants as -march=i686, build amd64 with -O3, and build
ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize.
- Build generic i386/i686 flavour with -mno-tls-direct-seg-refs.
- Drop the libc6-xen flavour, as the above change covers Xen's needs.
- Enable systemtap support, which is currently disabled in Debian.
- Don't build libc-l10n, its contents get stripped for language-packs.
- debian/control.in/libc: Remove a Breaks on s390x against a binary
NMU version of check that will never exist in the Ubuntu archive.
- Drop libc-bin manpages Recommends to Suggests to keep it in standard.
- Adjust XFAIL list to be slightly more lenient for our s390x port.
- Revert dropping the ldconfig wrapper, xenial still has a lot of
packages that don't ship a trigger but instead call in postinst.
- Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
- Mangle locales package to support Ubuntu language packs seamlessly.
- Evaluate and merge localedata patches from the old langpack-locales.
* Build with -fno-pie and -no-pie everywhere, upstream isn't PIE-ready.
* Drop debian/patches/ubuntu/local-warn-bsd-source.diff, no longer needed.
Available diffs
glibc (2.21-0ubuntu4.3) wily-security; urgency=medium
* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
dependency from libm to libc (LP: #1585614)
- debian/patches/any/CVE-2014-9761-2.diff: keep exporting
__strto*_nan symbols added to libc.
-- Steve Beattie <email address hidden> Thu, 26 May 2016 01:28:23 -0700
Available diffs
| Superseded in yakkety-release on 2016-07-11 |
| Published in xenial-release on 2016-04-15 |
| Deleted in xenial-proposed (Reason: moved to release) |
glibc (2.23-0ubuntu3) xenial; urgency=medium
* Merge with 2.23 from experimental, bringing in upstream updates:
- Save/restore fprs/vrs while resolving symbols (LP: #1564918)
- Fix _nss_dns_getnetbyname_r() stack overflow (CVE-2016-3075)
- Merge libnss-dns-udeb and libnss-files-udeb into libc6-udeb.
* Tidy up locale-gen, thanks to Gunnar Hjalmarsson (LP: #1560577):
- Fix thinko that broke handling of multiple locale arguments.
- Recognize UTF-8 locales without charset suffix in SUPPORTED.
- Fix bug that led to the unsupported message not being shown.
* Show reboot-required notification for all updates (LP: #1546457)
-- Adam Conrad <email address hidden> Thu, 14 Apr 2016 10:26:16 -0600
Available diffs
- diff from 2.23-0ubuntu2 to 2.23-0ubuntu3 (16.3 KiB)
| Deleted in wily-security on 2016-05-26 (Reason: Reverting update; see https://bugs.launchpad.net/ubuntu/+...) |
| Deleted in wily-updates on 2016-05-26 (Reason: Reverting update; see https://bugs.launchpad.net/ubuntu/+...) |
| Deleted in wily-proposed on 2016-05-26 (Reason: moved to -updates) |
glibc (2.21-0ubuntu4.2) wily-security; urgency=medium
* SECURITY UPDATE: buffer overflow in gethostbyname_r and related
functions
- debian/patches/any/CVE-2015-1781.diff: take alignment padding
into account when computing if buffer is too small.
- CVE-2015-1781
* SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
- debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
database during iteration.
- debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
between getXXent and getXXbyYY NSS calls.
- CVE-2014-8121
* SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
conversion
- debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
of NaN payloads.
- debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions
handling of payload strings
- CVE-2014-9761
* SECURITY UPDATE: out of range data to strftime() causes segfault
(denial of service)
- debian/patches/any/CVE-2015-8776.diff: add range checks to
strftime() processing
- CVE-2015-8776
* SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
AT_SECURE programs (e.g. setuid), allowing disabling of pointer
mangling
- debian/patches/any/CVE-2015-8777.diff: Always enable pointer
guard
- CVE-2015-8777
* SECURITY UPDATE: integer overflow in hcreate and hcreate_r
- debian/patches/any/CVE-2015-8778.diff: check for large inputs
- CVE-2015-8778
* SECURITY UPDATE: unbounded stack allocation in catopen()
- debian/patches/any/CVE-2015-8779.diff: stop using unbounded
alloca()
- CVE-2015-8779
* SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
- debian/patches/any/CVE-2016-3075.diff: do not make unneeded
memory copy on the stack.
- CVE-2016-3075
* SECURITY UPDATE: pt_chown privilege escalation
- debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
about pty group and permission mode
- debian/sysdeps/linux.mk: don't build pt_chown
- debian/rules.d/debhelper.mk: only install pt_chown when built.
- CVE-2016-2856, CVE-2013-2207
* debian/debhelper.in/libc.postinst: add reboot notifications for
security updates (LP: #1546457)
-- Steve Beattie <email address hidden> Fri, 08 Apr 2016 09:44:34 -0700
Available diffs
| Superseded in xenial-release on 2016-04-15 |
| Deleted in xenial-proposed on 2016-04-18 (Reason: moved to release) |
glibc (2.23-0ubuntu2) xenial; urgency=medium
* Merge with 2.23 from experimental, bringing in upstream updates.
* Revert dropping the ldconfig wrapper, xenial still has a lot of
packages that don't ship a trigger but instead call in postinst.
* Add more belocs options to locale-gen to appease our installers.
* Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
* Tweak locales.config to allow langpacks for /etc/default/locale.
-- Adam Conrad <email address hidden> Tue, 22 Mar 2016 15:10:45 -0600
Available diffs
- diff from 2.23-0ubuntu1 to 2.23-0ubuntu2 (107.5 KiB)
| Superseded in xenial-release on 2016-03-23 |
| Deleted in xenial-proposed on 2016-03-24 (Reason: moved to release) |
glibc (2.23-0ubuntu1) xenial; urgency=medium * Merge with 2.23 from experimental (LP: #1521172), remaining changes: - Remove the libc6 recommends on libc6-i686, which we don't build. - Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel. - Ship update-locale and validlocale in /usr/sbin in libc-bin. - Don't build locales or locales-all in Ubuntu, we rely on langpacks. - Heavily mangle the way we do service restarting on major upgrades. - Build i386 variants as -march=i686, build amd64 with -O3, and build ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize. - Build generic i386/i686 flavour with -mno-tls-direct-seg-refs. - Drop the libc6-xen flavour, as the above change covers Xen's needs. - Enable systemtap support, which is currently disabled in Debian. - debian/patches/ubuntu/local-warn-bsd-source.diff: Don't warn on _BSD_SOURCE || _SVID_SOURCE, so we don't have to fix everything that might define them and build with -Werror, drop after xenial. - Don't build libc-l10n, its contents get stripped for language-packs. - debian/control.in/libc: Remove a Breaks on s390x against a binary NMU version of check that will never exist in the Ubuntu archive. * Drop libc-bin manpages Recommends to Suggests to keep it in standard. * Build with -fno-pie and -no-pie on s390x, upstream isn't PIE-ready. * debian/testsuite-xfail-debian.mk: XFAIL tst-malloc-thread-{fail,exit}. * debian/patches/any/cvs-netinet-in-4.2.diff: Dropped, merged upstream. * debian/patches/any/cvs-netinet-tcp-4.2.diff: Dropped, merged upstream. * debian/patches/any/cvs-selinux-nscd.diff: Dropped, merged upstream. * debian/patches/powerpc/local-tune-power8.diff: Dropped, we build for P8. * debian/patches/ubuntu/submitted-no-stack-backtrace.diff: Rebase patch. * debian/patches/ubuntu/unsubmitted-increase-dtv-surplus.diff: Dropped. * Evaluate and merge/drop/rebase localedata patches from langpack-locales. - debian-*patch: Drop all langpack-locales patches copied from Debian. - ubuntu/localedata/bn-language.patch: Rebase for glibc. - ubuntu/localedata/ce_RU-new_locale.patch: Drop, merged upstream. - ubuntu/localedata/ckb_IQ-new_locale.patch: Rebase for glibc. - ubuntu/localedata/de_AT-february.patch: Drop, merged upstream. - ubuntu/localedata/en_CA-dateformat.patch: Rebase for glibc. - ubuntu/localedata/en_IE-am_pm.patch: Rebase for glibc. - ubuntu/localedata/eo_US.patch: Rebase for glibc. - ubuntu/localedata/es-decimal_point-thousands_sep.patch: Drop, merged. - ubuntu/localedata/es_DO-am_pm.patch: Rebase for glibc. - ubuntu/localedata/es_EV.patch: Drop, merged upstream. - ubuntu/localedata/gd_GB-days-months.patch: Drop, merged upstream. - ubuntu/localedata/it_IT-thousands_sep.patch: Drop, also in Debian. - ubuntu/localedata/ln_CD-new_locale.patch: Rebase for glibc. - ubuntu/localedata/lt_LT-currency.patch: Drop, merged upstream. - ubuntu/localedata/lv_LV-currency.patch: Rebase for glibc. - ubuntu/localedata/pt_BR-d_fmt.patch: Rebase for glibc. - ubuntu/localedata/sd_PK.patch: Rebase for glibc. - ubuntu/localedata/tr_TR-currency_symbol.patch: Drop, merged upstream. - ubuntu/localedata/ug_CN.patch: Drop, merged upstream. - <email address hidden>: Rebase for glibc. * Merge locales back into glibc and provide locales-all (LP: #1394929): - debian/control.in/*: Reinstate all locales{,-all} Breaks from Debian. - debian/control.in/main: Let locales overwrite files from old libc-bin. - debian/debhelper.in/libc.postinst: Move locale-gen purge to locales. - debian/debhelper.in/locales.{config,postinst}: Upgrade local locales. - debian/debhelper.in/locales.install: Install our language-pack hooks. - debian/rules.d/debhelper.mk: Mark our language-pack hooks executable. - debian/local/usr_sbin/locale-gen: Add support for langpack snippets. - debian/rules: Reinstate building locales and locales-all for Ubuntu.
Available diffs
| Superseded in xenial-release on 2016-03-22 |
| Deleted in xenial-proposed on 2016-03-23 (Reason: moved to release) |
glibc (2.21-0ubuntu6) xenial; urgency=medium
* SECURITY UPDATE: glibc getaddrinfo stack-based buffer overflow
- debian/patches/any/CVE-2015-7547.diff: fix buffer handling in
resolv/nss_dns/dns-host.c, resolv/res_query.c, resolv/res_send.c.
- CVE-2015-7547
-- Marc Deslauriers <email address hidden> Tue, 16 Feb 2016 16:42:23 -0500
Available diffs
| Superseded in wily-security on 2016-05-26 |
| Superseded in wily-updates on 2016-05-26 |
| Superseded in wily-updates on 2016-05-25 |
| Superseded in wily-security on 2016-05-25 |
glibc (2.21-0ubuntu4.1) wily-security; urgency=medium
* SECURITY UPDATE: glibc getaddrinfo stack-based buffer overflow
- debian/patches/any/CVE-2015-7547.diff: fix buffer handling in
resolv/nss_dns/dns-host.c, resolv/res_query.c, resolv/res_send.c.
- CVE-2015-7547
-- Marc Deslauriers <email address hidden> Tue, 16 Feb 2016 11:42:41 -0500
Available diffs
| Superseded in xenial-release on 2016-02-17 |
| Deleted in xenial-proposed on 2016-02-18 (Reason: moved to release) |
glibc (2.21-0ubuntu5) xenial; urgency=medium
* debian/patches/any/cvs-selinux-nscd.diff: Fix build with selinux.
* debian/control.in/libc: Remove a Breaks on s390x against a binary
NMU version of check that will never exist in the Ubuntu archive.
* debian/control: Regenerate for the above s390x-vs-binNMU changes.
-- Adam Conrad <email address hidden> Thu, 03 Dec 2015 13:24:51 -0700
Available diffs
| Deleted in wily-proposed on 2015-09-20 (Reason: Causes issues; being looked at) |
glibc (2.22-0ubuntu1) wily; urgency=medium * Merge with 2.22 from experimental (LP: #1497473), remaining changes: - Drop the Breaks line from libc which refers to a Debian transition. - Remove the libc6 recommends on libc6-i686, which we don't build. - Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel. - Ship update-locale and validlocale in /usr/sbin in libc-bin. - Don't build locales or locales-all in Ubuntu, we rely on langpacks. - Heavily mangle the way we do service restarting on major upgrades. - Build i386 variants as -march=i686, build amd64 with -O3, and build ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize. - Build generic i386/i686 flavour with -mno-tls-direct-seg-refs. - Drop the libc6-xen flavour, as the above change covers Xen's needs. - Enable systemtap support, which is currently disabled in Debian. - debian/patches/ubuntu/local-warn-bsd-source.diff: Don't warn on _BSD_SOURCE || _SVID_SOURCE, so we don't have to fix everything that might define them and build with -Werror, drop after wily. - Force tuning POWER7 builds to POWER8, as POWER7 is just a stopgap. * debian/patches/any/cvs-netinet-in-4.2.diff: Pull patch from git that updates netinet/in.h to match the kernel UAPI header's values in 4.2. * debian/patches/any/cvs-netinet-tcp-4.2.diff: Ditto for netinet/tcp.h. * debian/rules: Don't build libc-l10n, its contents get stripped and put in language-packs in Ubuntu, so the package would be completely empty.
Available diffs
- diff from 2.21-0ubuntu4 to 2.22-0ubuntu1 (1.9 MiB)
| Superseded in xenial-release on 2015-12-04 |
| Published in wily-release on 2015-05-04 |
| Published in vivid-release on 2015-03-26 |
| Deleted in vivid-proposed (Reason: moved to release) |
glibc (2.21-0ubuntu4) vivid; urgency=medium
* debian/patches/arm/local-arm-futex.diff: Lie about the minimum
kernel support for futex_atomic_cmpxchg_inatomic to restore the
previous state and make pulsesink happier on ARM (LP: #1436162)
* debian/debhelper.in/libc.preinst: Wipe ld.so.cache on upgrades.
-- Adam Conrad <email address hidden> Wed, 25 Mar 2015 14:31:51 -0600
Available diffs
- diff from 2.21-0ubuntu3 to 2.21-0ubuntu4 (1.3 KiB)
| Superseded in vivid-release on 2015-03-26 |
| Deleted in vivid-proposed on 2015-03-28 (Reason: moved to release) |
glibc (2.21-0ubuntu3) vivid; urgency=medium
* debian/patches/ubuntu/local-warn-bsd-source.diff: Don't warn on
_BSD_SOURCE || _SVID_SOURCE, so we don't have to fix everything
that might define them and build with -Werror, drop post-vivid.
-- Adam Conrad <email address hidden> Mon, 23 Mar 2015 09:01:43 -0600
Available diffs
- diff from 2.21-0ubuntu2 to 2.21-0ubuntu3 (834 bytes)
| Superseded in vivid-release on 2015-03-24 |
| Deleted in vivid-proposed on 2015-03-25 (Reason: moved to release) |
glibc (2.21-0ubuntu2) vivid; urgency=medium
* debian/patches/powerpc/cvs-ppc-sqrt.diff: Fix sqrt() on powerpc.
* debian/patches/powerpc/cvs-ppc-sqrtf.diff: Likewise for sqrtf().
* debian/patches/powerpc/cvs-ppc-pow.diff: Likewise for pow().
* debian/patches/powerpc/cvs-ppc-feraiseexcept.diff: Fix inline
feraiseexcept and feclearexcept macro input conversion on PPC.
* debian/patches/any/submitted-longdouble.diff: Refresh for above.
* debian/patches/any/local-disable-test-tgmath2.diff: Likewise.
* debian/patches/any/cvs-logbl-accuracy.diff: Fix ldbl-128ibm logbl.
* debian/patches/powerpc/local-math-logb.diff: Refresh and move to
debian/patches/any/local-math-logb.diff, as it's not PPC-specific.
* debian/patches/any/cvs-localplt-new-readelf.diff: Preemptively
fix localplt test breakage with binutils 2.26 before it lands.
* debian/patches/any/cvs-make-typo.diff: Fix typo in elf/Makefile.
* debian/patches/powerpc/cvs-power7-strncpy.diff: Optimize strncpy
for POWER7 drastically (10-70%) on strings longer than 16 chars.
* debian/patches/powerpc/cvs-ppc-tabort-le.diff: Fix TABORT encoding
when building on toolchains without HTM support (no-op on gcc-4.9)
* debian/patches/arm/cvs-arm-sfi_breg.diff: Fix LDR_GLOBAL macro.
* debian/patches/arm/cvs-memcpy-memmove-always-bx.diff: Fix memcpy
and memmove for the ARM_ALWAYS_BX class of hardware like ArmadaXP.
-- Adam Conrad <email address hidden> Fri, 20 Mar 2015 15:19:40 -0600
Available diffs
- diff from 2.19-15ubuntu2 to 2.21-0ubuntu2 (8.4 MiB)
- diff from 2.21-0ubuntu2~ppa4 to 2.21-0ubuntu2 (279 bytes)
| Superseded in vivid-proposed on 2015-03-21 |
glibc (2.21-0ubuntu2~ppa4) vivid; urgency=medium
* debian/patches/powerpc/cvs-ppc-sqrt.diff: Fix sqrt() on powerpc.
* debian/patches/powerpc/cvs-ppc-sqrtf.diff: Likewise for sqrtf().
* debian/patches/powerpc/cvs-ppc-pow.diff: Likewise for pow().
* debian/patches/powerpc/cvs-ppc-feraiseexcept.diff: Fix inline
feraiseexcept and feclearexcept macro input conversion on PPC.
* debian/patches/any/submitted-longdouble.diff: Refresh for above.
* debian/patches/any/local-disable-test-tgmath2.diff: Likewise.
* debian/patches/any/cvs-logbl-accuracy.diff: Fix ldbl-128ibm logbl.
* debian/patches/powerpc/local-math-logb.diff: Refresh and move to
debian/patches/any/local-math-logb.diff, as it's not PPC-specific.
* debian/patches/any/cvs-localplt-new-readelf.diff: Preemptively
fix localplt test breakage with binutils 2.26 before it lands.
* debian/patches/any/cvs-make-typo.diff: Fix typo in elf/Makefile.
* debian/patches/powerpc/cvs-power7-strncpy.diff: Optimize strncpy
for POWER7 drastically (10-70%) on strings longer than 16 chars.
* debian/patches/powerpc/cvs-ppc-tabort-le.diff: Fix TABORT encoding
when building on toolchains without HTM support (no-op on gcc-4.9)
* debian/patches/arm/cvs-arm-sfi_breg.diff: Fix LDR_GLOBAL macro.
* debian/patches/arm/cvs-memcpy-memmove-always-bx.diff: Fix memcpy
and memmove for the ARM_ALWAYS_BX class of hardware like ArmadaXP.
-- Adam Conrad <email address hidden> Fri, 20 Mar 2015 15:19:40 -0600
Available diffs
| Superseded in vivid-proposed on 2015-03-21 |
glibc (2.21-0ubuntu1) vivid; urgency=medium * Merge with 2.21 from experimental (LP: #1425623), remaining changes: - Drop the Breaks line from libc which refers to a Debian transition. - Remove the libc6 recommends on libc6-i686, which we don't build. - Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel. - Ship update-locale and validlocale in /usr/sbin in libc-bin. - Don't build locales or locales-all in Ubuntu, we rely on langpacks. - Heavily mangle the way we do service restarting on major upgrades. - Build i386 variants as -march=i686, build amd64 with -O3, and build ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize. - Build generic i386/i686 flavour with -mno-tls-direct-seg-refs. - Drop the libc6-xen flavour, as the above change covers Xen's needs. - Enable systemtap support, which is currently disabled in Debian. - Force tuning POWER7 builds to POWER8, as POWER7 is just a stopgap. * debian/patches/ubuntu/lddebug-scopes.diff: Disable tst-dl-iter-static. * debian/patches/ubuntu/submitted-no-stack-backtrace.diff: Fix missing include leading to FTBFS with -Werror=implicit-function-declaration. * debian/testsuite-checking/compare.sh: Turn testsuite failures back on. * debian/sysdeps/linux.mk: Also symlink sys/sdt-config.h (LP: #1418239)
Available diffs
| Superseded in vivid-release on 2015-03-21 |
| Deleted in vivid-proposed on 2015-03-23 (Reason: moved to release) |
glibc (2.19-15ubuntu2) vivid; urgency=medium
* debian/patches/any/cvs-vismain-pie.diff: Compile vismain with -fPIE
and link with -pie to fix testsuite failure with the new binutils.
-- Adam Conrad <email address hidden> Sat, 28 Feb 2015 00:59:56 -0700
Available diffs
glibc (2.19-10ubuntu2.3) utopic-security; urgency=medium
* SECURITY UPDATE: denial of service via endless loop in getaddr_r
- debian/patches/any/cvs-getnetbyname.diff: iterate over alias names in
resolv/nss_dns/dns-network.c.
- CVE-2014-9402
* SECURITY UPDATE: buffer overflow in wscanf
- debian/patches/any/cvs-wscanf.diff: calculate correct size in
stdio-common/vfscanf.c, added test to stdio-common/tst-sscanf.c.
- CVE-2015-1472
- CVE-2015-1473
-- Marc Deslauriers <email address hidden> Wed, 25 Feb 2015 08:57:22 -0500
Available diffs
| Superseded in vivid-release on 2015-03-02 |
| Deleted in vivid-proposed on 2015-03-03 (Reason: moved to release) |
glibc (2.19-15ubuntu1) vivid; urgency=medium
* Merge with Debian unstable, bringing in several security and bug fixes
from upstream and swapping some Ubuntu patches for Debian equivalents.
Available diffs
- diff from 2.19-13ubuntu3 to 2.19-15ubuntu1 (39.5 KiB)
| Superseded in vivid-release on 2015-02-10 |
| Deleted in vivid-proposed on 2015-02-11 (Reason: moved to release) |
glibc (2.19-13ubuntu3) vivid; urgency=medium
* any/cvs-CVE-2014-7817.diff: Backport fix from trunk for wordexp,
making it honour the WRDE_NOCMD flag in all cases (LP: #1396471)
* Update to release/2.19/master, fixing arm64 frame bug in _start.
-- Adam Conrad <email address hidden> Thu, 04 Dec 2014 16:56:41 -0700
Available diffs
| Superseded in utopic-updates on 2015-02-26 |
| Deleted in utopic-proposed on 2015-02-27 (Reason: moved to -updates) |
glibc (2.19-10ubuntu2.2) utopic; urgency=medium
* patches/amd64/local-blacklist-on-TSX-Haswell.diff: new patch from
Henrique de Moraes Holschuh to disable TSX on processors which might get
it disabled through a microcode update. (LP: #1398975)
-- Chris J Arges <email address hidden> Thu, 04 Dec 2014 10:13:13 -0600
Available diffs
glibc (2.19-10ubuntu2.1) utopic-security; urgency=medium
* SECURITY UPDATE: denial of service in IBM gconv modules
- debian/patches/any/cvs-CVE-2014-6040.diff: fix checks in
iconvdata/ibm*.c.
- CVE-2014-6040
* SECURITY UPDATE: arbitrary command execution via wordexp (LP: #1396471)
- debian/patches/any/CVE-2014-7817.diff: properly handle WRDE_NOCMD in
posix/wordexp.c, added tests to posix/wordexp-test.c.
- CVE-2014-7817
-- Marc Deslauriers <email address hidden> Fri, 28 Nov 2014 10:48:58 -0500
Available diffs
| Superseded in vivid-release on 2014-12-14 |
| Deleted in vivid-proposed on 2014-12-15 (Reason: moved to release) |
glibc (2.19-13ubuntu2) vivid; urgency=medium * No, really, remove obsolete /etc/ld.so.conf.d/i686-linux-gnu.conf.
Available diffs
- diff from 2.19-10ubuntu2 to 2.19-13ubuntu2 (124.7 KiB)
- diff from 2.19-13ubuntu1~ppa3 (in Ubuntu) to 2.19-13ubuntu2 (1.0 KiB)
- diff from 2.19-13ubuntu1 to 2.19-13ubuntu2 (604 bytes)
| Superseded in vivid-proposed on 2014-11-12 |
glibc (2.19-13ubuntu1) vivid; urgency=medium * Merge with Debian unstable, pulling in upstream and package fixes. * Re-enable the testsuite that was disabled in Debian for the freeze. * Drop obsolete /etc/ld.so.conf.d/i686-linux-gnu.conf (LP: #1381656) * Update to release/2.19/master, and readjust patches to compensate: - localedata/unsubmitted-tst-setlocale3-ENV.diff: Superseded. - s390/cvs-s390-abi-reversal.diff: Superseded. - any/cvs-resolv-reuse-fd.diff: Superseded. - any/cvs-posix_spawn_file_actions_addopen.diff: Superseded. - any/cvs-setlocale-alloca.diff: Superseded. - any/cvs-CVE-2014-0475.diff: Superseded. - any/cvs-CVE-2014-5119.diff: Superseded. - any/cvs-CVE-2014-6040.diff: Superseded. - any/cvs-resolv-first-query-failure.diff: Rebased with upstream. * testsuite-checking: Ignore failures of the tst-dl-iter-static test, which are caused by the lddebug-scopes patch, while we work out a better solution upstream to the GDB versus linux-vdso.so.1 problem. * Pull in latest PPC fixes from ibm/2.19/master branch (LP: #1341569) -- Adam Conrad <email address hidden> Tue, 11 Nov 2014 18:48:22 -0700
Available diffs
- diff from 2.19-10ubuntu2 to 2.19-13ubuntu1 (124.6 KiB)
| Superseded in vivid-release on 2014-11-12 |
| Obsolete in utopic-release on 2016-11-03 |
| Deleted in utopic-proposed on 2016-11-03 (Reason: moved to release) |
glibc (2.19-10ubuntu2) utopic; urgency=medium
* Add patches/ubuntu/unsubmitted-increase-dtv-surplus.diff from Fedora to
allow up to 32 dlopened modules to use static TLS (LP: #1375555).
-- Colin Watson <email address hidden> Tue, 30 Sep 2014 14:33:02 +0100
Available diffs
| Superseded in utopic-release on 2014-10-01 |
| Deleted in utopic-proposed on 2014-10-03 (Reason: moved to release) |
glibc (2.19-10ubuntu1) utopic; urgency=medium * Merge with Debian unstable, bringing in several CVE fixes (LP: #1362409) * Enable systemtap support for Ubuntu which was dropped in Debian for now. * Move MIN_KERNEL_SUPPORTED to 2.6.32 on x86 now that hardy PPAs are dead. * libc-dev no longer Recommends 'gcc | c-compiler' (LP: #990982, #1005097)
Available diffs
- diff from 2.19-4ubuntu2 to 2.19-10ubuntu1 (64.5 KiB)
| Superseded in utopic-release on 2014-08-29 |
| Deleted in utopic-proposed on 2014-08-31 (Reason: moved to release) |
glibc (2.19-4ubuntu2) utopic; urgency=medium * debian/sysdeps/linux.mk: Adjust for the change to sdt.h location. -- Adam Conrad <email address hidden> Thu, 10 Jul 2014 10:08:36 -0600
Available diffs
- diff from 2.19-4ubuntu1 to 2.19-4ubuntu2 (661 bytes)
| Superseded in utopic-release on 2014-08-20 |
| Deleted in utopic-proposed on 2014-08-21 (Reason: moved to release) |
glibc (2.19-4ubuntu1) utopic; urgency=medium
* Merge with Debian unstable, switching us to glibc and fixing bugs:
- Fix invalid fd reuse while sending DNS queries (LP: #1328975)
- Avoid Freescale 8xx dcbz workaround on ppc64el (LP: #1333499)
- Remove wrong ibm long double assembly routines (LP: #1294588)
- Fix incorrect frexpl results with long doubles (LP: #1333506)
* debian/patches/powerpc/local-tune-power8.diff: When configured for
--with-cpu=power7, adjust -mtune for power8 instead (LP: #1333524)
Available diffs
- diff from 2.9-9ubuntu2 to 2.19-4ubuntu1 (17.2 MiB)
glibc (2.7-10ubuntu8.3) hardy-security; urgency=low
* debian/patches/any/strtod_overflow_bug7066.patch: Fix array
overflow in floating point parser triggered by applying patch for
CVE-2012-3480 (LP: #1090740)
-- Marc Deslauriers <email address hidden> Sat, 15 Dec 2012 09:39:36 -0500
Available diffs
glibc (2.7-10ubuntu8.2) hardy-security; urgency=low
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/any/CVE-2012-3404.patch: Fix allocation when
handling positional parameters in printf.
- CVE-2012-3404
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/any/CVE-2012-3405.patch: fix extension of array
- CVE-2012-3405
* SECURITY UPDATE: stack buffer overflow in vfprintf handling
(LP: #1031301)
- debian/patches/any/CVE-2012-3406.patch: switch to malloc when
array grows too large to handle via alloca extension
- CVE-2012-3406
* SECURITY UPDATE: stdlib strtod integer/buffer overflows
- debian/patches/any/CVE-2012-3480.patch: rearrange calculations
and modify types to void integer overflows
- CVE-2012-3480
* debian/expected_test_summary: update expected results to prevent FTBFS
-- Steve Beattie <email address hidden> Fri, 28 Sep 2012 08:21:34 -0700
Available diffs
- diff from 2.7-10ubuntu8.1 to 2.7-10ubuntu8.2 (12.9 KiB)
- diff from 2.7-10ubuntu8.2~test2 to 2.7-10ubuntu8.2 (602 bytes)
glibc (2.7-10ubuntu8.1) hardy-security; urgency=low * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961) - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from TZ file header - CVE-2009-5029 * SECURITY UPDATE: - debian/patches/any/submitted-nis-shadow.diff remove encrypted passwords from passwd entries, and add them in shadow entries and fix incorrect password overwriting - CVE-2010-0015 * SECURITY UPDATE: memory consumption denial of service in fnmatch - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much stack use in fnmatch. - CVE-2011-1071 * SECURITY UPDATE: /etc/mtab corruption denial of service - debian/patches/any/glibc-CVE-2011-1089.patch: Report write error in addmnt even for cached streams - CVE-2011-1089 * SECURITY UPDATE: insufficient locale environment sanitization - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of LANG environment variable. - CVE-2011-1095 * SECURITY UPDATE: ld.so insecure handling of privileged programs' RPATHs with $ORIGIN - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of RPATH and ORIGIN - CVE-2011-1658 * SECURITY UPDATE: fnmatch integer overflow - debian/patches/any/glibc-CVE-2011-1659.patch: check size of pattern in wide character representation - CVE-2011-1659 * SECURITY UPDATE: signedness bug in memcpy_ssse3 - debian/patches/any/glibc-CVE-2011-2702.patch: use unsigned comparison instructions - CVE-2011-2702 * SECURITY UPDATE: DoS in RPC implementation (LP: #901716) - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too many open fds is detected - CVE-2011-4609 * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY check bypass - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer overflow - CVE-2012-0864 -- Steve Beattie <email address hidden> Tue, 06 Mar 2012 10:06:52 -0800
Available diffs
- diff from 2.7-10ubuntu8 to 2.7-10ubuntu8.1 (15.1 KiB)
glibc (2.7-10ubuntu8) hardy-security; urgency=low
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/any/dst-expansion-fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
which was already had a work-around in 2.7-10ubuntu7.
-- Kees Cook <email address hidden> Mon, 10 Jan 2011 21:07:49 -0800
Available diffs
- diff from 2.7-10ubuntu7 to 2.7-10ubuntu8 (4.5 KiB)
glibc (2.7-10ubuntu7) hardy-security; urgency=low
* SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
- debian/patches/any/dst-expansion-fix.diff: upstream fixes.
- CVE-2010-3847
- debian/patches/any/disable-ld_audit.diff: turn off LD_AUDIT
for setuid binaries.
-- Kees Cook <email address hidden> Thu, 21 Oct 2010 17:10:58 -0700
Available diffs
- diff from 2.7-10ubuntu6 to 2.7-10ubuntu7 (1.5 KiB)
glibc (2.9-4ubuntu6.3) jaunty-security; urgency=low
* SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
- debian/patches/any/dst-expansion-fix.diff: upstream fixes.
- CVE-2010-3847
- debian/patches/any/disable-ld_audit.diff: turn off LD_AUDIT
for setuid binaries.
-- Kees Cook <email address hidden> Thu, 21 Oct 2010 14:31:36 -0700
Available diffs
glibc (2.7-10ubuntu6) hardy-security; urgency=low
* SECURITY UPDATE: integer overflow in strfmon() might lead to arbitrary
code execution.
- debian/patches/any/git-strfmon-overflow.diff: backport from upstream.
- CVE-2008-1391
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
- debian/patches/any/git-mntent-newline-escape.diff: upstream fixes.
- CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
- debian/patches/any/git-fix-dtag-cast.diff: upstream fixes.
- CVE-2010-0830
* debian/patches/any/git-readdir-padding.diff: fix readdir padding when
processing getdents64() in a 32-bit execution environment (LP: #392501).
-- Kees Cook <email address hidden> Wed, 19 May 2010 16:59:18 -0700
Available diffs
glibc (2.9-4ubuntu6.2) jaunty-security; urgency=low
* SECURITY UPDATE: integer overflow in strfmon() might lead to arbitrary
code execution.
- debian/patches/any/git-strfmon-overflow.diff: backport from upstream.
- CVE-2008-1391
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
- debian/patches/any/git-mntent-newline-escape.diff: upstream fixes.
- CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
- debian/patches/any/git-fix-dtag-cast.diff: upstream fixes.
- CVE-2010-0830
* debian/patches/any/git-readdir-padding.diff: fix readdir padding when
processing getdents64() in a 32-bit execution environment (LP: #392501).
-- Kees Cook <email address hidden> Wed, 19 May 2010 16:58:40 -0700
Available diffs
glibc (2.3.6-0ubuntu20.6) dapper-security; urgency=low
* SECURITY UPDATE: integer overflow in strfmon() might lead to arbitrary
code execution.
- debian/patches/any/git-strfmon-overflow.dpatch: backport from upstream.
- CVE-2008-1391
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
- debian/patches/any/git-mntent-newline-escape.dpatch: upstream fixes.
- CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
- debian/patches/any/git-fix-dtag-cast.dpatch: upstream fixes.
- CVE-2010-0830
* debian/patches/any/git-readdir-padding.dpatch: fix readdir padding when
processing getdents64() in a 32-bit execution environment (LP: #392501).
-- Kees Cook <email address hidden> Wed, 19 May 2010 16:59:53 -0700
Available diffs
| Superseded in jaunty-updates on 2010-05-25 |
| Deleted in jaunty-proposed on 2010-05-26 (Reason: moved to -updates) |
glibc (2.9-4ubuntu6.1) jaunty-proposed; urgency=low
* patches/ubuntu/submitted-leading-zero-stack-guard.diff: require that
the stack guard start with a zero-byte to protect against str*
function more completely (LP: #413278).
-- Kees Cook <email address hidden> Tue, 25 Aug 2009 00:06:51 -0700
Available diffs
- diff from 2.9-4ubuntu6 to 2.9-4ubuntu6.1 (1.2 KiB)
| Superseded in hardy-updates on 2010-05-25 |
| Deleted in hardy-proposed on 2010-05-26 (Reason: moved to -updates) |
glibc (2.7-10ubuntu5) hardy-proposed; urgency=low
* stack-guard-quick-randomization.diff: use stack guard randomimzation
patch from Intrepid (along with Jaunty tests patch) to stop using static
sentinel (LP: #275493).
-- Kees Cook <email address hidden> Wed, 29 Jul 2009 23:45:51 -0700
Available diffs
- diff from 2.7-10ubuntu4 to 2.7-10ubuntu5 (1.5 KiB)
| Deleted in karmic-release on 2009-07-20 (Reason: (From Debian) ROM; package replaced by eglibc) |
glibc (2.9-9ubuntu2) karmic; urgency=low
* Add debian/patches/ubuntu/retain-fatal-msg.diff: attempt to retain the
assert and internal error messages so they can be examined during core
dump analysis.
-- Kees Cook <email address hidden> Wed, 27 May 2009 23:04:16 +0200
Available diffs
- diff from 2.9-9ubuntu1 to 2.9-9ubuntu2 (1.6 KiB)
| Superseded in karmic-release on 2009-06-02 |
glibc (2.9-9ubuntu1) karmic; urgency=low
* Merge with Debian (r3342, trunk); remaining changes:
- Packaging:
+ External tzdata
+ Addition of Niagara and Niagara2 optimised libraries
+ GFDL Documentation added back in, build glibc-doc from this source.
+ Transition from /usr/include/ppc64-linux-gnu to powerpc64-linux-gnu
+ Use dpkg triggers for ldconfig
+ Do not die if extra libc libraries or symlinks found
+ Do not do a test run of nscd when starting
+ Only apply patches we actually use in Ubuntu
+ Use /lib and /usr/lib for amd64
+ amd64 biarch is i686, not i486.
+ Non-optimised i386 glibc is Xen-friendly.
+ Support sparcv9v, v9v2, 64b, 64v, 64v2
+ Add support for lpia.
+ Use <triplet>.conf for files in /etc/ld.so.conf.d.
+ Add vfp pass for armel.
- Patches:
+ Applied any/local-ipv6-lookup.
+ Not applied any/local-sysctl.
+ Applied debian/patches/all/fedora-nss_dns-gethostbyname4-disable.diff.
+ Updated arm/local-no-hwcap.
+ Don't declare the fwrite and fwrite_unlocked functions with
__attribute__((warn_unused_result)).
* Fix build failure with recent binutils.
* Set DEB_BUILD_OPTIMIZING_SIZE=0 on lpia.
Available diffs
- diff from 2.9-4ubuntu6 to 2.9-9ubuntu1 (83.8 KiB)
glibc (2.9-4ubuntu6) jaunty; urgency=low
* sysdeps/depflags.pl: Drop Conflicts: belocs-locales-bin, just keep the
Replaces:. Not having "locale" available during some points in the upgrade
can break the upgrade entirely. This will stop belocs-locales-bin from
being properly removed during upgrade, but we can still add a Conflicts:
to it to the next LTS version. All of its useful files get overridden
anyway. (LP: #330048)
-- Martin Pitt <email address hidden> Wed, 08 Apr 2009 22:53:01 -0700
Available diffs
- diff from 2.9-4ubuntu5 to 2.9-4ubuntu6 (666 bytes)
| Superseded in jaunty-release on 2009-04-09 |
glibc (2.9-4ubuntu5) jaunty; urgency=low * This upload allows NEON hwcap usage; FFE LP: #343602. * New patch, arm/local-hwcap-updates, add support for some recent ARM hwcaps additions. * Update patch arm/local-no-hwcap to also flag HWCAP_ARM_NEON as an important hwcap; this adds /lib/neon, /usr/lib/neon etc. to the ldconfig and ld.so search pathes. -- Loic Minier <email address hidden> Tue, 31 Mar 2009 20:28:41 +0200
Available diffs
- diff from 2.9-4ubuntu4 to 2.9-4ubuntu5 (1.8 KiB)
| Superseded in jaunty-release on 2009-03-31 |
glibc (2.9-4ubuntu4) jaunty; urgency=low
* Don't declare the fwrite and fwrite_unlocked functions with
__attribute__((warn_unused_result)). See
https://lists.ubuntu.com/archives/ubuntu-devel/2009-March/027832.html
-- Matthias Klose <email address hidden> Fri, 27 Mar 2009 21:17:24 +0100
Available diffs
- diff from 2.9-4ubuntu3 to 2.9-4ubuntu4 (767 bytes)
| Superseded in jaunty-release on 2009-03-27 |
glibc (2.9-4ubuntu3) jaunty; urgency=low
[ Colin Watson ]
* Rename Debian's Vcs-* fields in debian/control to XS-Debian-Vcs-* to
reduce confusion.
[ Loic Minier ]
* Add vfp pass for armel.
- sysdeps/armel.mk: add vfp pass with the same add-ons as the libc pass,
with "-mfpu=vfp -mfloat-abi=softfp" appended to CFLAGS, using
/lib/vfp as slibdir (could as well be /lib/tls/vfp but the armel port
was always NPTL which implies TLS), and configured with
--disable-profile like the other optimized passes.
- control.in/opt, control: add libc6-vfp package on armel.
- script.in/nohwcap.sh: list libc6-vfp in hwcappkgs on armel.
- testsuite-checking/expected-results-arm-linux-gnueabi-vfp: copied from
testsuite-checking/expected-results-arm-linux-gnueabi-libc.
-- Loic Minier <email address hidden> Thu, 19 Mar 2009 21:34:59 +0100
Available diffs
- diff from 2.9-4ubuntu2 to 2.9-4ubuntu3 (2.0 KiB)
| Superseded in jaunty-release on 2009-03-19 |
glibc (2.9-4ubuntu2) jaunty; urgency=low
* Merge with Debian (r3342, trunk); remaining changes:
- Packaging:
+ External tzdata
+ Addition of Niagara and Niagara2 optimised libraries
+ GFDL Documentation added back in, build glibc-doc from this source.
+ Transition from /usr/include/ppc64-linux-gnu to powerpc64-linux-gnu
+ Use dpkg triggers for ldconfig
+ Do not die if extra libc libraries or symlinks found
+ Do not do a test run of nscd when starting
+ Only apply patches we actually use in Ubuntu
+ Use /lib and /usr/lib for amd64
+ amd64 biarch is i686, not i486.
+ Non-optimised i386 glibc is Xen-friendly.
+ Support sparcv9v, v9v2, 64b, 64v, 64v2
+ Add support for lpia.
+ Use <triplet>.conf for files in /etc/ld.so.conf.d.
- Patches:
+ Applied any/local-ipv6-lookup.
+ Not applied any/local-sysctl.
+ Applied debian/patches/all/fedora-nss_dns-gethostbyname4-disable.diff.
+ Updated arm/local-no-hwcap.
* Remove some passing testcases from the expected test results.
-- Matthias Klose <email address hidden> Mon, 02 Mar 2009 08:57:05 +0100
Available diffs
- diff from 2.9-4ubuntu1 to 2.9-4ubuntu2 (7.1 KiB)
| Superseded in jaunty-release on 2009-03-02 |
glibc (2.9-4ubuntu1) jaunty; urgency=low
* Test build, explicitely fail after running the tests.
* Merge with Debian (r3320, trunk); remaining changes:
- Packaging:
+ External tzdata
+ Addition of Niagara and Niagara2 optimised libraries
+ GFDL Documentation added back in, build glibc-doc from this source.
+ Transition from /usr/include/ppc64-linux-gnu to powerpc64-linux-gnu
+ Use dpkg triggers for ldconfig
+ Do not die if extra libc libraries or symlinks found
+ Do not do a test run of nscd when starting
+ Only apply patches we actually use in Ubuntu
+ Use /lib and /usr/lib for amd64
+ amd64 biarch is i686, not i486.
+ Non-optimised i386 glibc is Xen-friendly.
+ Support sparcv9v, v9v2, 64b, 64v, 64v2
+ Add support for lpia.
+ Use <triplet>.conf for files in /etc/ld.so.conf.d.
- Patches:
+ Applied any/local-ipv6-lookup.
+ Not applied any/local-sysctl.
+ Applied debian/patches/all/fedora-nss_dns-gethostbyname4-disable.diff.
+ Updated arm/local-no-hwcap.
Available diffs
- diff from 2.9-0ubuntu12 to 2.9-4ubuntu1 (30.4 KiB)
| Superseded in jaunty-release on 2009-02-26 |
glibc (2.9-0ubuntu12) jaunty; urgency=low
* debian/patches/all/fedora-nss_dns-gethostbyname4-disable.diff: Patch
from Fedora 2.9-3 to temporarily disable _nss_dns_gethostbyname4_r,
which caused problems for systems with broken IPv6 connectivity
(LP: #313218, https://bugzilla.redhat.com/show_bug.cgi?id=459756).
-- Colin Watson <email address hidden> Sat, 21 Feb 2009 07:40:16 +0000
Available diffs
- diff from 2.9-0ubuntu11 to 2.9-0ubuntu12 (2.2 KiB)
| Superseded in jaunty-release on 2009-02-21 |
glibc (2.9-0ubuntu11) jaunty; urgency=low
* Update patch arm/local-no-hwcap to flag HWCAP_ARM_VFP as an important
hwcap; this adds /lib/vfp, /usr/lib/vfp etc. to the ldconfig and ld.so
search path.
* Update patch arm/local-no-hwcap to drop HWCAP_ARM_FAST_MULT from important
hwcaps as fastmult is even present on StrongARM according to Wookey;
suggested by Riku Voipio.
-- Loic Minier <email address hidden> Mon, 16 Feb 2009 13:32:55 +0100
Available diffs
- diff from 2.9-0ubuntu10 to 2.9-0ubuntu11 (1.9 KiB)
| Superseded in jaunty-release on 2009-02-20 |
glibc (2.9-0ubuntu10) jaunty; urgency=low
* Move locale generation programs back to libc6, belocs-locales-bin
is dead upstream, and more and more incapable of building current
locale definitions:
- debhelper.in/libc.install: Install localedef, locale,
update-locale, and validlocale again. (locale-def will be
shipped in langpack-locales, since it is closely related to it).
- debhelper.in/libc.manpages: Install manpages for above programs.
- sysdeps/depflags.pl: Conflicts/Replaces: belocs-locales-bin.
* Merged current fixes from Debian's glibc-2.9 branch (r3269).
-- Martin Pitt <email address hidden> Fri, 13 Feb 2009 18:31:04 +0100
Available diffs
- diff from 2.9-0ubuntu9 to 2.9-0ubuntu10 (20.1 KiB)
| Superseded in jaunty-release on 2009-02-14 |
glibc (2.9-0ubuntu9) jaunty; urgency=low
* Merge with Debian, glibc-2.9 branch, r3244.
- Fix testsuite failure in locale test.
-- Matthias Klose <email address hidden> Mon, 19 Jan 2009 21:42:02 +0100
Available diffs
- diff from 2.9-0ubuntu8 to 2.9-0ubuntu9 (1.4 KiB)
| Superseded in jaunty-release on 2009-01-19 |
glibc (2.9-0ubuntu8) jaunty; urgency=low * Merge with Debian, glibc-2.9 branch, r3241. * Apply localedata patches. LP: #318507. * Remove progressions from expected test results. -- Matthias Klose <email address hidden> Mon, 19 Jan 2009 18:26:53 +0100
Available diffs
- diff from 2.9-0ubuntu7 to 2.9-0ubuntu8 (42.5 KiB)
| Obsolete in intrepid-updates on 2013-02-20 |
| Deleted in intrepid-proposed on 2013-02-27 (Reason: moved to -updates) |
glibc (2.8~20080505-0ubuntu9) intrepid-proposed; urgency=low
[Daniel J Blueman]
* Add debian/patches/any/cvs-nscd-crash-fix.diff: address nscd
daemon crashing in mem.c (LP: #256157).
-- Matthias Klose <email address hidden> Mon, 19 Jan 2009 09:38:23 +0100
Available diffs
| Superseded in jaunty-release on 2009-01-19 |
glibc (2.9-0ubuntu7) jaunty; urgency=low
[ Matthias Klose ]
* Merge with Debian, glibc-2.9 branch, r3226.
[ Kees Cook ]
* Added debian/patches/any/cvs-bz-9720-resource.diff: upstream
fixes for resource.h mis-compile (LP: #302087).
-- Kees Cook <email address hidden> Thu, 08 Jan 2009 13:27:48 -0800
Available diffs
- diff from 2.9-0ubuntu6 to 2.9-0ubuntu7 (26.2 KiB)
glibc (2.8~20080505-0ubuntu8) intrepid-proposed; urgency=low
* Add debian/patches/ubuntu/no-sprintf-pre-truncate.diff: do not
pre-clear target buffers on sprintf to retain backward compatibility
(LP: #305901).
-- Kees Cook <email address hidden> Wed, 07 Jan 2009 20:15:15 -0800
Available diffs
| Superseded in jaunty-release on 2009-01-09 |
glibc (2.9-0ubuntu6) jaunty; urgency=low
[ Matthias Klose ]
* Merge with Debian, glibc-2.9 branch, r3200.
[ Kees Cook ]
* Add debian/patches/ubuntu/no-sprintf-pre-truncate.diff: do not
pre-clear target buffers on sprintf to retain backward compatibility
(LP: #305901).
-- Kees Cook <email address hidden> Thu, 01 Jan 2009 13:28:59 -0800
Available diffs
- diff from 2.9-0ubuntu5 to 2.9-0ubuntu6 (2.6 KiB)
| Superseded in jaunty-release on 2009-01-05 |
glibc (2.9-0ubuntu5) jaunty; urgency=low * Mark tst-pselect.out as failing on armel. -- Matthias Klose <email address hidden> Wed, 03 Dec 2008 23:16:24 +0100
Available diffs
- diff from 2.9-0ubuntu4 to 2.9-0ubuntu5 (568 bytes)
| Superseded in jaunty-release on 2008-12-04 |
glibc (2.9-0ubuntu4) jaunty; urgency=low * Mark tst-mqueue5.out as failing on sparcv9b. * Mark tst-cpuclock2.out as failing on sparc. -- Matthias Klose <email address hidden> Wed, 03 Dec 2008 01:33:20 +0100
Available diffs
- diff from 2.9-0ubuntu3 to 2.9-0ubuntu4 (438 bytes)
| 1 → 75 of 199 results | First • Previous • Next • Last |
