-
glibc (2.39-0ubuntu8.1) noble-security; urgency=medium
* SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
- debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes when
writing escape sequence in iconvdata/Makefile,
iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
- CVE-2024-2961
-- Marc Deslauriers <email address hidden> Thu, 18 Apr 2024 09:52:32 -0400
-
glibc (2.39-0ubuntu8) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <email address hidden> Sat, 30 Mar 2024 07:42:05 +0000
-
glibc (2.39-0ubuntu7) noble; urgency=medium
* d/p/ubuntu/apparmor: tests: gracefully handle AppArmor userns mitigation
* d/tests: disable apparmor userns restrictions (LP: #2059278)
* Disable CET on the i386 variant on the x32 arch (for c-t-b-p)
* Add a bug reference to the block of conformance test xfails
* xfail elf/tst-decorate-maps on ppc64el, failing due to page size (LP: #2058466)
* debian/patches/git-updates.diff: update from upstream stable branch:
- LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf
- powerpc: Placeholder and infrastructure/build support to add Power11 related changes.
- powerpc: Add HWCAP3/HWCAP4 data to TCB for Power Architecture.
- linux: Use rseq area unconditionally in sched_getcpu (bug 31479)
- Use gcc __builtin_stdc_* builtins in stdbit.h if possible
- S390: Do not clobber r7 in clone [BZ #31402] (LP: #2055175)
- math: Update mips64 ulps
- mips: FIx clone3 implementation (BZ 31325)
- arm: Remove wrong ldr from _dl_start_user (BZ 31339)
* d/p/fix-fortify-source.patch: Fix FTBFS on Noble
* XFAIL elf/tst-shstk-legacy-1g (tracked in LP 2059603)
-- Simon Chopin <email address hidden> Thu, 28 Mar 2024 15:16:51 +0100
-
glibc (2.39-0ubuntu6) noble; urgency=medium
* Renable CET on x32 from i386 again as it may not work but disabling breaks
the build.
-- Michael Hudson-Doyle <email address hidden> Thu, 14 Mar 2024 10:39:45 +1300
-
glibc (2.39-0ubuntu5) noble; urgency=medium
* debian/testsuite-xfail-debian.mk: XFAIL a bunch of the conformance tests
on armhf presumably caused by the compiler now defaulting to 64-bit time_t
and off_t. We should understand the issue but to make progress we'll
ignore them for now.
-- Michael Hudson-Doyle <email address hidden> Fri, 01 Mar 2024 18:02:21 +1300
-
glibc (2.39-0ubuntu4) noble; urgency=medium
* debian/sysdeps/linux.mk: undefine _TIME_BITS, glibc build breaks if
this is set.
[ Simon Chopin ]
* Add Breaks on scipy (LP: #2052659)
* Disable CET on x32 from i386 as it doesn't work in that configuration
-- Steve Langasek <email address hidden> Thu, 29 Feb 2024 18:44:11 +0000
-
glibc (2.39-0ubuntu3) noble; urgency=medium
* Drop transitional dependency from libc6-dev to libnsl-dev; required
for bootstrapping libnsl against libtirpc3t64.
-- Steve Langasek <email address hidden> Thu, 29 Feb 2024 17:52:56 +0000
-
glibc (2.39-0ubuntu2) noble; urgency=medium
[ Helmut Grohne ]
* DEP17: Move files to /usr. (Closes: #1061248)
[ Julian Andres Klode ]
* Further adjustments for Ubuntu's ldconfig.real
-- Julian Andres Klode <email address hidden> Thu, 22 Feb 2024 12:44:06 +0100
-
glibc (2.39-0ubuntu1) noble; urgency=medium
* New upstream release
Contains fixes for the following CVEs:
- CVE-2023-6246: Heap buffer overflow in __vsyslog_internal()
- CVE-2023-6779: Heap buffer overflow in __vsyslog_internal()
- CVE-2023-6780: Integer overflow in __vsyslog_internal()
Patches:
- Several patches refreshed
- d/p/localedata/lv_LV-current.patch: dropped, applied upstream
- d/p/lp{2031495,2032624}: dropped, applied upstream
- d/p/any/git-c-utf-8-language.diff: dropped, applied upstream
* d/p/ubuntu/submitted-tests-gracefully-handle-AppArmor-userns-containment.patch:
Fix the tests in recent apparmor environments (LP: #2048375)
* Drop libnss-nis and libnss-nisplus to Suggests (LP: #2045241)
* Fix Replaces version for libsotruss.so file move (LP: #2042665)
* Remove libc6-dev dependency on libtirpc-dev (LP: #2045763)
* Dropped a lot of Ubuntu-specific xfails that are now passing.
* Drop the -prof variant to instead use frame pointers on all 64-bit
architectures by default to match the rest of the distro (LP: #2042790)
-- Simon Chopin <email address hidden> Thu, 01 Feb 2024 09:44:24 +0100
-
glibc (2.38-3ubuntu1) noble; urgency=medium
* debian/patches/git-updates.diff: update from upstream stable branch
Dropped changes, superseded by the upstream git updates:
- debian/patches/CVE-2023-4911.patch: terminate immediately if end of
input is reached in elf/dl-tunables.c.
- d/p/u/0001-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV:
Cherry-picked to fix a regression in one of the previous CVE fixes
* Merge 2.38-3 from Debian experimental
Dropped changes, included in Debian:
- debian/patches/hurd-i386/git-powerpc-longjmp.diff: Fix build after chk
hidden builtin fix.
* Drop d/p/lp2032624.patch as advised by upstream.
Downstream users will have to actually implement those types or stop
pretending they're GCC. (LP: #2032624)
* d/p/lp2031495.patch: fix test suite on armhf for -prof variant
(LP: #2031495)
* d/control.in/i386: fix math-vector-fortran.h file move (LP: #2039234)
-- Simon Chopin <email address hidden> Mon, 23 Oct 2023 18:54:07 +0200
-
glibc (2.38-1ubuntu6) mantic; urgency=medium
* SECURITY UPDATE: privilege escalation in ld.so
- debian/patches/CVE-2023-4911.patch: terminate immediately if end of
input is reached in elf/dl-tunables.c.
- CVE-2023-4911
-- Marc Deslauriers <email address hidden> Mon, 02 Oct 2023 13:30:48 -0400
