Format: 1.8
Date: Thu, 24 Feb 2022 14:42:40 -0500
Source: glibc
Binary: libc-bin libc-dev-bin libc6 libc6-dbg libc6-dev libc6-pic libc6-prof libc6-udeb locales-all nscd
Architecture: ppc64el_translations ppc64el
Version: 2.31-0ubuntu9.7
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-ppc64el-023.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libc-bin   - GNU C Library: Binaries
 libc-dev-bin - GNU C Library: Development binaries
 libc6      - GNU C Library: Shared libraries
 libc6-dbg  - GNU C Library: detached debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-pic  - GNU C Library: PIC archive library
 libc6-prof - GNU C Library: Shared Libraries
 libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
 locales-all - GNU C Library: Precompiled locale data
 nscd       - GNU C Library: Name Service Cache Daemon
Changes:
 glibc (2.31-0ubuntu9.7) focal-security; urgency=medium
 .
   * SECURITY UPDATE: infinite loop in iconv
     - debian/patches/any/CVE-2016-10228-1.patch: rewrite iconv option
       parsing in iconv/Makefile, iconv/Versions, iconv/gconv_charset.c,
       iconv/gconv_charset.h, iconv/gconv_int.h, iconv/gconv_open.c,
       iconv/iconv_open.c, iconv/iconv_prog.c, iconv/tst-iconv-opt.c,
       iconv/tst-iconv_prog.sh, intl/dcigettext.c.
     - debian/patches/any/CVE-2016-10228-2.patch: handle translation output
       codesets with suffixes in iconv/Versions, iconv/gconv_charset.c,
       iconv/gconv_charset.h, iconv/gconv_int.h, iconv/iconv_open.c,
       iconv/iconv_prog.c, intl/dcigettext.c, intl/tst-codeset.c.
     - CVE-2016-10228
   * SECURITY UPDATE: buffer over-read in iconv
     - debian/patches/any/CVE-2019-25013.patch: fix buffer overrun in EUC-KR
       conversion module in iconvdata/bug-iconv13.c, iconvdata/euc-kr.c,
       iconvdata/ksc5601.h.
     - CVE-2019-25013
   * SECURITY UPDATE: another infinite loop in iconv
     - debian/patches/any/CVE-2020-27618.patch: fix issue in
       iconv/tst-iconv_prog.sh, iconvdata/ibm1364.c.
     - CVE-2020-27618
   * SECURITY UPDATE: DoS via assert in iconv
     - debian/patches/any/CVE-2020-29562.patch: fix incorrect UCS4 inner
       loop bounds in iconv/Makefile, iconv/gconv_simple.c,
       iconv/tst-iconv8.c.
     - CVE-2020-29562
   * SECURITY UPDATE: signed comparison issue in ARMv7 memcpy
     - debian/patches/any/CVE-2020-6096-pre1.patch: add
       support_blob_repeat_allocate_shared in support/blob_repeat.c,
       support/blob_repeat.h, support/tst-support_blob_repeat.c.
     - debian/patches/any/CVE-2020-6096-1.patch: add test case in
       string/Makefile, string/tst-memmove-overflow.c.
     - debian/patches/any/CVE-2020-6096-2.patch: mark test as as XFAIL in
       string/tst-memmove-overflow.c, sysdeps/arm/Makefile.
     - debian/patches/any/CVE-2020-6096-3.patch: fix memcpy and memmove for
       negative length  in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
     - debian/patches/any/CVE-2020-6096-4.patch: fix multiarch memcpy for
       negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
     - debian/patches/any/CVE-2020-6096-5.patch: remove
       string/tst-memmove-overflow XFAIL in sysdeps/arm/Makefile.
     - CVE-2020-6096
   * SECURITY UPDATE: double-free in nscd
     - debian/patches/any/CVE-2021-27645.patch: track live allocation better
       in nscd/netgroupcache.c.
     - CVE-2021-27645
   * SECURITY UPDATE: assertion fail in iconv
     - debian/patches/any/CVE-2021-3326.patch: fix assertion failure in
       ISO-2022-JP-3 module in iconvdata/Makefile, iconvdata/bug-iconv14.c,
       iconvdata/iso-2022-jp-3.c.
     - CVE-2021-3326
   * SECURITY UPDATE: overflow in wordexp via crafted pattern
     - debian/patches/any/CVE-2021-35942.patch: handle overflow in
       positional parameter number in posix/wordexp-test.c, posix/wordexp.c.
     - CVE-2021-35942
   * SECURITY UPDATE: Off-by-one buffer overflow/underflow in getcwd()
     - debian/patches/any/CVE-2021-3999.patch: set errno to ERANGE for
       size == 1 in sysdeps/posix/getcwd.c.
     - CVE-2021-3999
   * SECURITY UPDATE: DoS via long svcunix_create path argument
     - debian/patches/any/CVE-2022-23218-pre1.patch: add the
       __sockaddr_un_set function in include/sys/un.h, socket/Makefile,
       socket/sockaddr_un_set.c, socket/tst-sockaddr_un_set.c.
     - debian/patches/any/CVE-2022-23218.patch: fix buffer overflow in
       sunrpc/svc_unix.c.
     - CVE-2022-23218
   * SECURITY UPDATE: DoS via long clnt_create hostname argument
     - debian/patches/any/CVE-2022-23219.patch: fix buffer overflow in
       sunrpc/clnt_gen.c.
     - CVE-2022-23219
   * debian/rules.d/build.mk: build with --with-default-link=no.
   * This package does _NOT_ contain the changes from (2.31-0ubuntu9.5) in
     focal-proposed.
Checksums-Sha1:
 d3f0a8d6cc36d960528dee5fc526da05b498001d 10763 glibc_2.31-0ubuntu9.7_ppc64el.buildinfo
 e8bea1a09afdebbf58eae0b581f008a95db40e08 1813418 glibc_2.31-0ubuntu9.7_ppc64el_translations.tar.gz
 4569d2fd55eeea4379201ab8a6d7b56ff7eb62cc 2774976 libc-bin-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 365254bab3cbc666e305ce1ed05c84128ae76fe2 631368 libc-bin_2.31-0ubuntu9.7_ppc64el.deb
 99609d3c668b9ddafd92ef45b1c29ee0a78bf5b0 162104 libc-dev-bin-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 49c376887f80feba9e2731c64e58fe51c0d19a3b 72888 libc-dev-bin_2.31-0ubuntu9.7_ppc64el.deb
 48ceca23ff2d300132a20383962acd25a9c9b1c1 10680388 libc6-dbg_2.31-0ubuntu9.7_ppc64el.deb
 c3a5cb8f7e522a07e197ae7efd64ebcc47409609 2516996 libc6-dev_2.31-0ubuntu9.7_ppc64el.deb
 5a2a6ee7e01236a802091b1146dcc09c7104fb67 1522540 libc6-pic_2.31-0ubuntu9.7_ppc64el.deb
 6e3992c584728cbecc25b2696776e7e5c63bc10d 1396688 libc6-prof_2.31-0ubuntu9.7_ppc64el.deb
 c50cee7eccd0f9770972ba552ed4935b855f3424 1261156 libc6-udeb_2.31-0ubuntu9.7_ppc64el.udeb
 93adc55d86ad4040d5f5226e76d66c3313d8c755 2685912 libc6_2.31-0ubuntu9.7_ppc64el.deb
 a16512ca33b6704c1efdc471e09ac759a4bbfa82 10582052 locales-all_2.31-0ubuntu9.7_ppc64el.deb
 9ed2822d214e62338d7f66b47b75ea9411361687 325044 nscd-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 cf9193d70f094f590f9c2879a1bf7d8ccd696f6c 76472 nscd_2.31-0ubuntu9.7_ppc64el.deb
Checksums-Sha256:
 3a71068418fa8e5184893c7a9200341a2667a79a8fe302d60becd1b57d1e1417 10763 glibc_2.31-0ubuntu9.7_ppc64el.buildinfo
 b141c767f0a4f17e3d73ea0e6d7c53b5dffbd36d4cd6b30c74ab2f6591ca4c8a 1813418 glibc_2.31-0ubuntu9.7_ppc64el_translations.tar.gz
 4cf0dda7bf8e539bebdde323d965002dbe16c754e1151b488bcda0721c0e2701 2774976 libc-bin-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 ec0ddaeb098514c40503723b32f6bd1cc5dd48a1b1c90422158c3693c2f44207 631368 libc-bin_2.31-0ubuntu9.7_ppc64el.deb
 9146366766fe9edbb27b1628d063379f3315d38c6c36836bdbc66c1c9d4169d6 162104 libc-dev-bin-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 51a1fcde50165d2e002e4af7602de1262563d9397d8adb5cd20aabe9e53fb724 72888 libc-dev-bin_2.31-0ubuntu9.7_ppc64el.deb
 2da9b4e640c82ae0043cdddc8474a428c580e718174d8597f351b66c384f5e27 10680388 libc6-dbg_2.31-0ubuntu9.7_ppc64el.deb
 f028a2181a15231beceec8f4da4a899f2709ca44a589e31165467af6bd3de7fe 2516996 libc6-dev_2.31-0ubuntu9.7_ppc64el.deb
 c4d88c2a3b835c3c08a66bcc8cf375c2647e50336eeb51e14a188c0700b0d1bb 1522540 libc6-pic_2.31-0ubuntu9.7_ppc64el.deb
 7c3e2a1285136b8f7c75014373912008fe0f9f9c62b6e126e9c757b0c31dfb10 1396688 libc6-prof_2.31-0ubuntu9.7_ppc64el.deb
 c5b33c8bbda7d5cbe83a2c34523128345b5227508202e635760a69bf55e57320 1261156 libc6-udeb_2.31-0ubuntu9.7_ppc64el.udeb
 33c1c472542ee9e5b4a586ff95c46cae6c8eb3e53663fe26b64d0bee9a514d48 2685912 libc6_2.31-0ubuntu9.7_ppc64el.deb
 4750e6b09e1d37b03b73dc50cc95b59cea32320817217928a7a5f9db9bf9b672 10582052 locales-all_2.31-0ubuntu9.7_ppc64el.deb
 03e3303d824dccc71255210b28b32e6b8246544755ef60bd618884da512076fd 325044 nscd-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 dc69d10348cc0a47d5c3a7a7f13b7c4d7cf8dec33990c3181438f90b439c6f2a 76472 nscd_2.31-0ubuntu9.7_ppc64el.deb
Files:
 5911eb459b1121698d5599854c4ce9a2 10763 libs required glibc_2.31-0ubuntu9.7_ppc64el.buildinfo
 10e53615a0ed373f4d804c6e3244ab30 1813418 raw-translations - glibc_2.31-0ubuntu9.7_ppc64el_translations.tar.gz
 b626aa6d418f258a68e21753bcb7aea4 2774976 debug optional libc-bin-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 d6992264c77e24ef68b624c73a99a0c8 631368 libs required libc-bin_2.31-0ubuntu9.7_ppc64el.deb
 fcda1c82edb77b7704e012eb6979d8da 162104 debug optional libc-dev-bin-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 f9cf0e26510ec4ba3921d052f835dd82 72888 libdevel optional libc-dev-bin_2.31-0ubuntu9.7_ppc64el.deb
 afb9d0415560c0902d8a9b8edcd3a821 10680388 debug optional libc6-dbg_2.31-0ubuntu9.7_ppc64el.deb
 b089354a9b93e154bad16497532d6c2f 2516996 libdevel optional libc6-dev_2.31-0ubuntu9.7_ppc64el.deb
 04057bfc06b1effa468f48e58af98b79 1522540 libdevel optional libc6-pic_2.31-0ubuntu9.7_ppc64el.deb
 57a1cdffa37b00125ddca58c2125bfd2 1396688 libs optional libc6-prof_2.31-0ubuntu9.7_ppc64el.deb
 44c3e2632ef956a24b4c1e4036d01fa9 1261156 debian-installer optional libc6-udeb_2.31-0ubuntu9.7_ppc64el.udeb
 bb3e91be9214079d4923e412515ba223 2685912 libs optional libc6_2.31-0ubuntu9.7_ppc64el.deb
 fcb574b41a417e6c4ea16d6fe5fd496a 10582052 localization optional locales-all_2.31-0ubuntu9.7_ppc64el.deb
 bd3057c5be5a0ef2e7b349f0372e25a8 325044 debug optional nscd-dbgsym_2.31-0ubuntu9.7_ppc64el.ddeb
 898ccabcc4ba4d0bae5d11bf56386eee 76472 admin optional nscd_2.31-0ubuntu9.7_ppc64el.deb
Original-Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Original-Vcs-Browser: https://salsa.debian.org/glibc-team/glibc
Original-Vcs-Git: https://salsa.debian.org/glibc-team/glibc.git