Change logs for eglibc source package in Maverick

  • eglibc (2.12.1-0ubuntu10.4) maverick-security; urgency=low
    
      * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
        - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
          TZ file header
        - CVE-2009-5029
      * SECURITY UPDATE: memory consumption denial of service in fnmatch
        - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
          stack use in fnmatch.
        - CVE-2011-1071
      * SECURITY UPDATE: /etc/mtab corruption denial of service
        - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
          error in addmnt even for cached streams
        - CVE-2011-1089
      * SECURITY UPDATE: insufficient locale environment sanitization
        - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
          LANG environment variable.
        - CVE-2011-1095
      * SECURITY UPDATE: ld.so insecure handling of privileged programs'
        RPATHs with $ORIGIN
        - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
          RPATH and ORIGIN
        - CVE-2011-1658
      * SECURITY UPDATE: fnmatch integer overflow
        - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
          pattern in wide character representation
        - CVE-2011-1659
      * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
        - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
          many open fds is detected
        - CVE-2011-4609
      * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
        check bypass
        - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
          overflow
        - CVE-2012-0864
     -- Steve Beattie <email address hidden>   Tue, 06 Mar 2012 12:12:55 -0800
  • eglibc (2.12.1-0ubuntu10.3) maverick-proposed; urgency=low
    
      * Re-enable the upstream change:
        2010-06-02  Kirill A. Shutemov  <email address hidden>
            * elf/dl-reloc.c: Flush cache after solving TEXTRELs if arch
            requires it.
        Working OpenJDK ARM assembler interpreter. LP: #605042.
     -- Matthias Klose <email address hidden>   Sun, 27 Mar 2011 17:57:07 +0100
  • eglibc (2.12.1-0ubuntu10.2) maverick-proposed; urgency=low
    
      [ Clint Byrum ]
      * do not run 'telinit u' on upgrade, as this will break upstart.
        touch /var/run/init.upgraded instead, which will force a re-exec just
        before remounting root read-only. LP: #672177, LP: #694772.
    
      [ Matthias Klose ]
      * Call locale-gen --purge when updating from eglibc-2.11.x. LP: #504198.
     -- Matthias Klose <email address hidden>   Wed, 19 Jan 2011 03:12:11 +0100
  • eglibc (2.12.1-0ubuntu10.1) maverick-security; urgency=low
    
      * SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
        - debian/patches/any/dst-expansion-fix.diff: refresh with new
          proposed solution, avoiding iconv issues.
        - any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
          which was already had a work-around in 2.12.1-0ubuntu8.
     -- Kees Cook <email address hidden>   Tue, 11 Jan 2011 13:01:36 -0800
  • eglibc (2.12.1-0ubuntu10) maverick-proposed; urgency=low
    
      * any/cvs-at-pagesize.diff: Don't assume AT_PAGESIZE is always available.
        LP: #672352.
      * Fix issue #12159, x86-64 strchr propagation of search byte into all bytes
        of SSE register.
      * Fix issue12113, alignment of AVX safe area on x86_64. LP: #662511.
      * Fix ifunc thunk for strspn on x86 in static libc. LP: #615953.
     -- Matthias Klose <email address hidden>   Sun, 14 Nov 2010 23:49:36 +0100
  • eglibc (2.12.1-0ubuntu9) maverick-proposed; urgency=low
    
      * debian/patches/any/cvs-getlogin_r-error-handling-1.patch,
        debian/patches/any/cvs-getlogin_r-error-handling-2.patch,
        debian/patches/any/cvs-getlogin_r-error-handling-3.patch:
        Take upstream commits c8727fa6, 5305f9b0, d48b7607 from
        release/2.12/master to fix a crash in getlogin().  (LP: #658907)
     -- Anders Kaseorg <email address hidden>   Mon, 01 Nov 2010 15:42:35 -0400
  • eglibc (2.12.1-0ubuntu8) maverick-security; urgency=low
    
      * SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
        - debian/patches/any/dst-expansion-fix.diff: upstream fixes.
        - CVE-2010-3847
        - debian/patches/any/disable-ld_audit.diff: turn off LD_AUDIT
          for setuid binaries.
     -- Kees Cook <email address hidden>   Thu, 21 Oct 2010 12:45:24 -0700
  • eglibc (2.12.1-0ubuntu7) maverick-proposed; urgency=low
    
      * Fix issue #12092, strstr broken for some inputs on pre-SSE4 machines.
        LP: #655463.
     -- Matthias Klose <email address hidden>   Thu, 07 Oct 2010 09:01:06 +0200
  • eglibc (2.12.1-0ubuntu6) maverick; urgency=low
    
      * Fix applying the local-syscall-mcount.diff.
     -- Matthias Klose <email address hidden>   Fri, 10 Sep 2010 18:47:31 +0200
  • eglibc (2.12.1-0ubuntu5) maverick; urgency=low
    
      [ Steve Langasek ]
      * debian/patches/arm/local-syscall-mcount.diff: unset CALL_MCOUNT for
        __libc_do_syscall.  Thanks to Peter Pearse
        <email address hidden>.  Closes LP: #605030.
    
      [ Matthias Klose ]
      * Fix _FORITY_SOURCE version of longjmp for Linux/x86-64 (Chung-Lin Tang)
        LP: #601030.
     -- Matthias Klose <email address hidden>   Fri, 10 Sep 2010 18:19:01 +0200
  • eglibc (2.12.1-0ubuntu4) maverick; urgency=low
    
      * Again, revert the upstream change from the last upload to
        enable running java on the babbage boards.
     -- Matthias Klose <email address hidden>   Wed, 08 Sep 2010 00:02:11 +0200
  • eglibc (2.12.1-0ubuntu3) maverick; urgency=low
    
      * Reapply the upstream change (tested by Yao Qi). LP: #605042.
        2010-06-02  Kirill A. Shutemov  <email address hidden>
            * elf/dl-reloc.c: Flush cache after solving TEXTRELs if arch
            requires it.
     -- Matthias Klose <email address hidden>   Mon, 06 Sep 2010 12:33:53 +0200
  • eglibc (2.12.1-0ubuntu2) maverick; urgency=low
    
      [ Marcin Juszkiewicz ]
      * Add build support to only build single stages. LP: #603498.
     -- Matthias Klose <email address hidden>   Mon, 23 Aug 2010 17:05:04 +0200
  • eglibc (2.12.1-0ubuntu1) maverick; urgency=low
    
      * Build eglibc_2.12.1.orig.tar.gz, based on 2.12 branch (r11211).
      * Provide packaging rules in eglibc-source binary packag. LP: #609162.
      * Don't patch the sources when PATCHED_SOURCES is set to `yes'.
        LP: #612631.
     -- Matthias Klose <email address hidden>   Mon, 16 Aug 2010 09:55:40 +0200
  • eglibc (2.12-0ubuntu5) maverick; urgency=high
    
      * Revert upstream change:
        2010-06-02  Kirill A. Shutemov  <email address hidden>
            * elf/dl-reloc.c: Flush cache after solving TEXTRELs if arch
            requires it.
        Breaks the OpenJDK ARM assembler interpreter. LP: #605042.
      * expected-results-arm-linux-gnueabi-libc: Remove scanf15, scanf17
        and tst-eintr1, passing the tests on the buildds.
     -- Matthias Klose <email address hidden>   Wed, 14 Jul 2010 01:06:39 +0200
  • eglibc (2.12-0ubuntu4) maverick; urgency=low
    
      * Update to the eglibc 2.12 branch (r10817).
        - patches/any/cvs-flush-cache-textrels.diff: Remove.
        - patches/any/cvs-redirect-throw.diff: Remove.
      * Merge with Debian (r4360, trunk, 2.11.2-2).
      * On i386, don't build with -Wa,-mtune=i686. LP: #587186.
     -- Matthias Klose <email address hidden>   Mon, 28 Jun 2010 00:47:05 +0200
  • eglibc (2.12-0ubuntu3) maverick; urgency=low
    
      * Merge with Debian (r4318, trunk).
      * Rebuild for i386. LP: #587186.
     -- Matthias Klose <email address hidden>   Fri, 04 Jun 2010 14:32:19 +0200
  • eglibc (2.12-0ubuntu2) maverick; urgency=low
    
      * Apply hppa/local-dlfptr.diff, containing architecture independent
        chunks needed for ia64.
     -- Matthias Klose <email address hidden>   Sun, 30 May 2010 14:36:27 +0200
  • eglibc (2.12-0ubuntu1) maverick; urgency=low
    
      * Build eglibc_2.12.orig.tar.gz, based on 2.12 branch (r10591).
      * Merge with Debian (r4299, trunk).
     -- Matthias Klose <email address hidden>   Sun, 30 May 2010 11:05:12 +0200
  • eglibc (2.12~20100519-0ubuntu1) maverick; urgency=low
    
      * Mark testcases as failing:
        - ia64: tst-makecontext3.out.
        - sparc: testgrp.out, tst-cancelx4.out, tst-cancelx5.out
     -- Matthias Klose <email address hidden>   Fri, 28 May 2010 14:19:11 +0200
  • eglibc (2.11.1-0ubuntu9) maverick; urgency=low
    
      * Merge with Debian (r4267, trunk).
      * Update to the eglibc 2.11 branch (r10490).
        - patches/ia64/submitted-memchr.diff, patches/any/cvs-readdir_r.diff,
          patches/any/submitted-confname.h.diff: Remove, applied upstream.
      * Stop building libc6-i686 on architecture i386.
      * Disable patches/any/arm-syscalls-out-of-line.diff to fix build
        failure on armel.
     -- Matthias Klose <email address hidden>   Wed, 19 May 2010 12:21:27 +0200
  • eglibc (2.11.1-0ubuntu8) maverick; urgency=low
    
      * Apply from the 2.11-x86 branch:
        - x86-64 SSE4 optimized memcmp.
      * [armel] make syscalls out-of-line to improve debugging. LP: #571647 .
     -- Matthias Klose <email address hidden>   Sat, 01 May 2010 14:30:23 +0200
  • eglibc (2.11.1-0ubuntu7) lucid; urgency=low
    
      * Fix logic that tests if gdm needs a restart or a reload
        to handle both the initscript and upstart cases. This fixes
        a gdm restart during a hardy to lucid upgrade (LP: #568292)
     -- Michael Vogt <email address hidden>   Thu, 22 Apr 2010 10:40:19 +0200