-
glibc (2.19-10ubuntu2.3) utopic-security; urgency=medium
* SECURITY UPDATE: denial of service via endless loop in getaddr_r
- debian/patches/any/cvs-getnetbyname.diff: iterate over alias names in
resolv/nss_dns/dns-network.c.
- CVE-2014-9402
* SECURITY UPDATE: buffer overflow in wscanf
- debian/patches/any/cvs-wscanf.diff: calculate correct size in
stdio-common/vfscanf.c, added test to stdio-common/tst-sscanf.c.
- CVE-2015-1472
- CVE-2015-1473
-- Marc Deslauriers <email address hidden> Wed, 25 Feb 2015 08:57:22 -0500
-
glibc (2.19-10ubuntu2.2) utopic; urgency=medium
* patches/amd64/local-blacklist-on-TSX-Haswell.diff: new patch from
Henrique de Moraes Holschuh to disable TSX on processors which might get
it disabled through a microcode update. (LP: #1398975)
-- Chris J Arges <email address hidden> Thu, 04 Dec 2014 10:13:13 -0600
-
glibc (2.19-10ubuntu2.1) utopic-security; urgency=medium
* SECURITY UPDATE: denial of service in IBM gconv modules
- debian/patches/any/cvs-CVE-2014-6040.diff: fix checks in
iconvdata/ibm*.c.
- CVE-2014-6040
* SECURITY UPDATE: arbitrary command execution via wordexp (LP: #1396471)
- debian/patches/any/CVE-2014-7817.diff: properly handle WRDE_NOCMD in
posix/wordexp.c, added tests to posix/wordexp-test.c.
- CVE-2014-7817
-- Marc Deslauriers <email address hidden> Fri, 28 Nov 2014 10:48:58 -0500
-
glibc (2.19-10ubuntu2) utopic; urgency=medium
* Add patches/ubuntu/unsubmitted-increase-dtv-surplus.diff from Fedora to
allow up to 32 dlopened modules to use static TLS (LP: #1375555).
-- Colin Watson <email address hidden> Tue, 30 Sep 2014 14:33:02 +0100
-
glibc (2.19-10ubuntu1) utopic; urgency=medium
* Merge with Debian unstable, bringing in several CVE fixes (LP: #1362409)
* Enable systemtap support for Ubuntu which was dropped in Debian for now.
* Move MIN_KERNEL_SUPPORTED to 2.6.32 on x86 now that hardy PPAs are dead.
* libc-dev no longer Recommends 'gcc | c-compiler' (LP: #990982, #1005097)
glibc (2.19-10) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/rules: drop the i486 to i586 GNU triplet conversion.
* debian/control.in/main: build-depends on dpkg-dev (>= 1.17.1) and
gcc-4.8 (>= 4.8.3-8) to make sure to get the new i586 GNU triplet on
i386, hurd-i386 and kfreebsd-i386.
* Remove iconv(1), iconvconfig(8), localedef(1) and sprof(1) manpages,
provided by the manpages packages starting with version 3.71.
* patches/any/cvs-CVE-2014-5119.diff: New patch from upstream to remove
support for loadable gconv transliteration modules (CVE-2014-5119).
[ Samuel Thibault ]
* patches/hurd-i386/cvs-libpthread_guardsize.diff: Fix guard size computation.
Fixes the creation of thousands of threads, and thus pulseaudio testsuite.
Closes: #758671.
* patches/hurd-i386/cvs-libpthread_std_thread.diff: New patch to deal with
std::thread using __pthread_key_create to detect presence of libpthread.
Fixes build of webkitgtk and most probably other libstdc++-related
failures.
* patches/hurd-i386/submitted-bind_umask.diff: New patch to fix bind() when
umask is 0000, fixes clamav testsuite. Closes: #759218.
[ Adam Conrad ]
* debian/patches/series: Actually apply the submitted arm64 alignment and
setcontext patches mentioned in 2.19-0experimental0 (closes: #759042)
glibc (2.19-9) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/rules.d/control.mk: don't add libc6{,-dev}-{armel,armhf}
packages in debian/control as we don't build them in Debian. New dak
code checks for NEW packages directly in debian/control.
glibc (2.19-8) unstable; urgency=medium
[ Helmut Grohne ]
* debian/patches/build stage2 without selinux. Closes: #742640.
* Don't emit dependencies on libgcc when building stage2. Closes: #755580.
* Add a "nobiarch" build profile that inhibits all multilib packages from
being built. Closes: #745380.
[ Aurelien Jarno ]
* debian/patches/arm64/cvs-includes-cleanup.diff: new patch from upstream to
clean sys/user.h and sys/procfs.h. Closes: #755169.
* debian/patches/s390/cvs-s390-abi-reversal.diff: new patch backported from
upstream to revert the S/390 jmp_buf/ucontext_t ABI change.
* Update Turkish debconf translation, by Mert Dirik. Closes: #757495.
* Remove ia64 support. Closes: #756095.
* Update debian/copyright with the libidn/punycode.{c,h} license. Closes:
#754731.
* debian/control/libc: drop Recommends on: gcc | c-compiler. Closes:
#747933.
glibc (2.19-7) unstable; urgency=high
* debian/patches/localedata/unsubmitted-tst-setlocale3-ENV.diff: Apply
correct environment for the tst-setlocale3 test to find its locales.
glibc (2.19-6) unstable; urgency=high
[ Aurelien Jarno ]
* debian/patches/any/cvs-CVE-2014-0475.diff: fix a directory traversal in
locale environment handling (CVE-2014-0475).
* debian/patches/any/cvs-setlocale-alloca.diff: Additional setlocale
hardening.
* debian/control.in/main, debian/sysdeps/linux.mk: drop systemtap support.
sdt.h has been moved to a different location in the latest upload, and
it's not really clear on which architectures systemtap support should
be enabled.
[ Helmut Grohne ]
* debian/rules.d/debhelper.mk: fix dh_strip call in stage1. Closes:
#754350.
[ Petr Salinger ]
* kfreebsd/local-sysdeps.diff: update to revision 5490 (from glibc-bsd).
* kfreebsd/local-fbtl.diff: likewise.
* update testsuite-checking/expected-results-*-kfreebsd-gnu-*
glibc (2.19-5) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/sysdeps/mips*.mk: replace EGLIBC_PASSES into GLIBC_PASSES.
* debian/patches/alpha/cvs-__pointer_chk_guard.diff: new patch from
upstream to fix testsuite failures on alpha.
* debian/patches/alpha/local-string-functions.diff: disable strcmp
and strncmp as these functions behaves incorrectly when crossing
pages. This fixes badsalttest in the testsuite.
* debian/debhelper.in/libc.postinst: don't run "telinit u" under systemd
Closes: #753725.
* debian/testsuite-checking/expected-results-alpha-linux-gnu-libc: ignore
floating point failures, as alpha is not fully IEEE compliant. Closes:
#753099.
* testsuite-checking/expected-results-*s390*: ignore tst-cancelx17.out
failure, it is due to a bug in the test (see BZ #12683).
[ Helmut Grohne ]
* Rename the bootstrap stage to DEB_BUILD_PROFILES=stage1 to conform
with https://wiki.debian.org/BuildProfileSpec. (Closes: #752480)
* Don't try to install xen headers in i386 bootstrap build, because
they are not built. Closes: #743676.
[ Adam Conrad ]
* debian/patches/alpha/cvs-unwind-backtrace.diff: Backport upstream
fix to enable unwind tables when building the backtrace routines.
-- Adam Conrad <email address hidden> Wed, 27 Aug 2014 22:47:48 -0600
-
glibc (2.19-4ubuntu2) utopic; urgency=medium
* debian/sysdeps/linux.mk: Adjust for the change to sdt.h location.
-- Adam Conrad <email address hidden> Thu, 10 Jul 2014 10:08:36 -0600
-
glibc (2.19-4ubuntu1) utopic; urgency=medium
* Merge with Debian unstable, switching us to glibc and fixing bugs:
- Fix invalid fd reuse while sending DNS queries (LP: #1328975)
- Avoid Freescale 8xx dcbz workaround on ppc64el (LP: #1333499)
- Remove wrong ibm long double assembly routines (LP: #1294588)
- Fix incorrect frexpl results with long doubles (LP: #1333506)
* debian/patches/powerpc/local-tune-power8.diff: When configured for
--with-cpu=power7, adjust -mtune for power8 instead (LP: #1333524)
glibc (2.19-4) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/debhelper.in/libc.{preinst,postrm,postinst}: correctly remove
old ld.so configuration if more than one libc6 package is installed
(multiarch case). Closes: #752389, #752404.
[ Samuel Thibault ]
* patches/hurd-i386/tg-tls-threadvar.diff: Update to fix gcc-4.9 build.
[ Adam Conrad ]
* debian/control.in/main: glibc-source Conflics/Replaces eglibc-source.
* debian/patches/powerpc/local-powerpc8xx-dcbz.diff: Restrict the trap
to 32-bit builds, since the Freescale 8xx CPUs aren't 64-bit capable.
glibc (2.19-3experimental0) experimental; urgency=medium
[ Aurelien Jarno]
* Switch back to glibc sources:
- debian/control.in/*: replace eglibc by glibc, update descriptions.
- rename debian/debhelper.in/eglibc-source.install into
glibc-source.install.
- rename debian/debhelper.in/eglibc-source.lintian-overrides into
glibc-source.lintian-overrides.
- rename debian/eglibc-source.filelist into glibc-source.filelist
- debian/copyright: update.
- debian/rules, debian/rules.d/*: replace eglibc by glibc.
- source/lintian-overrides: replace eglibc by glibc.
- debian/sysdeps/*: replace eglibc by glibc.
- debian/po/*: update using debconf-updatepo.
- debian/rules.d/tarball.mk: rewrite to generate the orig tarball and
to fetch the branch updates through git.
- patches/any/submitted-nl_langinfo-static.diff: refresh.
- patches/any/submitted-ldsodefs_rtld_debug.diff: drop.
- patches/any/local-dynamic-resolvconf.diff: new patch from the eglibc
tree to dynamically take into account changes in resolv.conf.
- patches/powerpc/local-powerpc8xx-dcbz.diff: new patch from the eglibc
tree to workaround dcbz issues on PowerPC 8XX CPUs.
- patches/sh4/local-fpscr_values.diff: new patch from eglibc tree to
export the ___fpscr_values symbol on SH4.
- patches/any/local-libpic.diff: new patch from eglibc tree to install
*_pic.a files.
- patches/any/local-bootstrap-headers.diff: new patch from eglibc tree
to ease header installation when bootstrapping.
eglibc (2.19-3) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/control.in/libc: fix libtirpc1 breaks. Closes: #751852.
* debian/rules.d/build.mk: generate ld.so configuration file using
DEB_HOST_MULTIARCH instead of DEB_HOST_GNU_TYPE to have a stable
path even when the GNU triplet change.
* debian/debhelper.in/libc.{preinst,postrm,postinst}: remove old
ld.so configuration file on hurd-i386, i386 and kfreebsd-i386.
* debian/debhelper.in/libc.postinst: don't create/modify ld.so.conf,
but instead provide it as a conffile in libc-bin. Closes: #737588.
* debian/debhelper.in/libc.preinst: remove dead code.
eglibc (2.19-2) unstable; urgency=medium
[ Adam Conrad ]
* expected-results-aarch64-linux-gnu-libc: Ignore basic-test.out on
arm64 after assurance from upstream that this isn't a regression.
[ Aurelien Jarno ]
* Add support for mipsn32, mipsn32el, mips64 and mips64el, based on
patches from Eleanor Chen, Yunqiang Su and Sphinx Jiang. Closes:
#715038.
- debian/control.in/main: bump build-depends on linux-libc-dev to (>=
3.9). Do it for all architectures as this version is in Jessie for quite
some time.
- control.in/mips32: new file.
- control.in/mipsn32: add mips64 and mips64el architectures.
- control.in/mips64: add mipsn32 and mipsn32el architectures.
- debian/rules.d/control.mk: add mipsn32, mipsn32el, mips64 and mips64el
to the architecture list.
- debian/sysdeps/mips64.mk: new file.
- debian/sysdeps/mips64el.mk: new file.
- debian/sysdeps/mipsn32.mk: new file.
- debian/sysdeps/mipsn32el.mk: new file.
* debian/control.in/libc: add a Breaks: check (<< 0.9.10-6.1+b1) on s390x,
to make sure libcheck.a is using the GLIBC_2.19 version of the *jmp*
functions.
* debian/control.in/libc: add a Breaks: libtirpc1 (<< 0.2.3), as earlier
versions try to unlock a lock which hasn't been locked, causing an
issue with lock elision. Closes: #751134.
* Update Swedish debconf translation, by Martin Bagge. Closes: #751172.
* debian/patches/alpha/submitted-lll_futex_timed_wait_bitset.diff: new
patch to fix issues in the testsuite on alpha. Closes: #750996.
* debian/testsuite-checking/expected-results-mips*-linux-gnu-*: re-add
tst-mqueue5.out (removed in the latest cleanup) as it still occasionally
fails.
* debian/patches/any/submitted-resolv-ipv6-nameservers.diff: new patch to
fix resolving issues when using IPv6 nameservers in resolv.conf. Closes:
#627531, #644406, #709867.
* patches/any/cvs-posix_spawn_file_actions_addopen.diff: new patch from
upstream to fix a vulnerability in posix_spawn_file_actions_addopen
(CVE-2014-4043). Closes: #751774.
* patches/kfreebsd/local-sysdeps.diff: update to revision 5486 (from
glibc-bsd). Closes: #751565.
eglibc (2.19-1) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/control.in/main: remove outdated Build-Depends on bzip2.
* debian/patches/any/cvs-resolv-reuse-fd.diff: new patch from upstream
to fix invalid file descriptor reuse while sending DNS query. Closes:
#722075.
* Finish debconf translation update from Esko Arajärvi. Closes: #750124.
* debian/patches/git-updates.diff: update from the 2.19 branch:
- fixes pthread_spin_lock on sparc/sparc64. Closes: #749087.
* debian/patches/any/submitted-argp-attribute.diff: new patch from Ondřej
Bílka to fix string functions with FORTIFY_SOURCE=2 when <argp.h> is
included before <string.h>. Closes: #647084.
* debian/sysdeps/{sparc,sparc64}.mk: temporarily pass --disable-multiarch
to configure to try to fix random segmentation faults on Niagara 1
machines.
[ Samuel Thibault ]
* hurd-i386/unsubmitted-pthread_posix-option.diff: Split patches into...
* ... hurd-i386/tg-{posix_thread,gai_misc}.diff.
* patches/hurd-i386/cvs-libpthread_guardsize.diff: Fix guard size
computation and enable again.
-- Adam Conrad <email address hidden> Thu, 19 Jun 2014 03:38:10 -0600