-
eglibc (2.19-0ubuntu6.15) trusty-security; urgency=medium
* Fix NSS loading for static binaries (LP: #1821752)
- debian/patches/any/local-static-dlopen-search-path.diff: fix static
dlopen default library search path in elf/dl-support.c.
-- Marc Deslauriers <email address hidden> Tue, 26 Mar 2019 09:53:00 -0400
-
eglibc (2.19-0ubuntu6.14) trusty-security; urgency=medium
* SECURITY UPDATE: Memory leak in dynamic loader (ld.so)
- debian/patches/any/cvs-compute-correct-array-size-in-_dl_init_paths.diff:
Compute correct array size in _dl_init_paths
- CVE-2017-1000408
* SECURITY UPDATE: Buffer overflow in dynamic loader (ld.so)
- debian/patches/any/cvs-count-components-of-expanded-path-in-_dl_init_paths.diff:
Count components of the expanded path in _dl_init_path
- CVE-2017-1000409
* SECURITY UPDATE: One-byte overflow in glob
- debian/patches/any/cvs-fix-one-byte-glob-overflow.diff: Fix one-byte
overflow in glob
- CVE-2017-15670
* SECURITY UPDATE: Buffer overflow in glob
- debian/patches/any/cvs-fix-glob-buffer-overflow.diff: Fix buffer overflow
during GLOB_TILDE unescaping
- CVE-2017-15804
* SECURITY UPDATE: Local privilege escalation via mishandled RPATH / RUNPATH
- debian/patches/any/cvs-elf-check-for-empty-tokens.diff: elf: Check for
empty tokens before dynamic string token expansion
- CVE-2017-16997
* SECURITY UPDATE: Buffer underflow in realpath()
- debian/patches/any/cvs-make-getcwd-fail-if-path-is-no-absolute.diff:
Make getcwd(3) fail if it cannot obtain an absolute path
- CVE-2018-1000001
-- Chris Coulson <email address hidden> Mon, 15 Jan 2018 09:37:19 +0000
-
eglibc (2.19-0ubuntu6.13) trusty-security; urgency=medium
* SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
- debian/patches/any/CVE-2017-1000366.patch: Completely ignore
LD_LIBRARY_PATH for AT_SECURE=1 programs
- CVE-2017-1000366
* SECURITY UPDATE: LD_PRELOAD stack corruption
- debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
Reject overly long names or names containing directories in
LD_PRELOAD for AT_SECURE=1 programs.
* debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
additional consistency check for 1-byte overflows
* debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
LD_HWCAP_MASK for AT_SECURE=1 programs
-- Steve Beattie <email address hidden> Fri, 16 Jun 2017 12:06:00 -0700
-
eglibc (2.19-0ubuntu6.11) trusty-security; urgency=medium
* REGRESSION UPDATE: Previous update introduced ABI breakage in
internal glibc query ABI
- Back out patches/any/CVE-2015-5180-regression.diff
(LP: #1674532)
-- Steve Beattie <email address hidden> Tue, 21 Mar 2017 03:28:13 -0700
-
eglibc (2.19-0ubuntu6.10) trusty-security; urgency=medium
* SECURITY UPDATE: multiple overflows in strxfrm()
- patches/any/CVE-2015-8982.diff: Fix memory handling in strxfrm_l
- CVE-2015-8982
* SECURITY UPDATE: _IO_wstr_overflow integer overflow
- patches/any/CVE-2015-8983.diff: Add checks for integer overflow
- CVE-2015-8983
* SECURITY UPDATE: buffer overflow (read past end of buffer) in
internal_fnmatch
- patches/any/CVE-2015-8984.diff: Remove extra increment when
skipping over collating symbol inside a bracket expression.
- CVE-2015-8984
* SECURITY UPDATE: DNS resolver NULL pointer dereference with
crafted record type
- patches/any/CVE-2015-5180.diff: Use out of band signaling for
internal queries
- CVE-2015-5180
* SECURITY UPDATE: stack-based buffer overflow in the glob
implementation
- patches/any/CVE-2016-1234.diff: Simplify the interface for the
GLOB_ALTDIRFUNC callback gl_readdir
- CVE-2016-1234
* SECURITY UPDATE: getaddrinfo: stack overflow in hostent conversion
- patches/any/CVE-2016-3706.diff: Use a heap allocation instead
- CVE-2016-3706:
* SECURITY UPDATE: stack exhaustion in clntudp_call
- patches/any/CVE-2016-4429.diff: Use malloc/free for the error
payload.
- CVE-2016-4429
* SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
- patches/any/CVE-2016-6323.diff: mark __startcontext as
.cantunwind
- CVE-2016-6323
* debian/testsuite-checking/expected-results-aarch64-linux-gnu-libc,
debian/testsuite-checking/expected-results-arm-linux-gnueabihf-libc:
Allow nptl/tst-signal6 to fail on ARM, ARM64
-- Steve Beattie <email address hidden> Mon, 06 Mar 2017 16:49:25 -0800
-
eglibc (2.19-0ubuntu6.9) trusty-security; urgency=medium
* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
dependency from libm to libc (LP: #1585614)
- debian/patches/any/CVE-2014-9761-2.diff: keep exporting
__strto*_nan symbols added to libc.
-- Steve Beattie <email address hidden> Thu, 26 May 2016 01:04:18 -0700
-
eglibc (2.19-0ubuntu6.8) trusty-security; urgency=medium
* SECURITY UPDATE: buffer overflow in gethostbyname_r and related
functions
- debian/patches/any/CVE-2015-1781.diff: take alignment padding
into account when computing if buffer is too small.
- CVE-2015-1781
* SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
- debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
database during iteration.
- debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
between getXXent and getXXbyYY NSS calls.
- CVE-2014-8121
* SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
conversion
- debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
of NaN payloads.
- debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions
handling of payload strings
- CVE-2014-9761
* SECURITY UPDATE: NSS files long line buffer overflow
- debian/patches/any/CVE-2015-5277.diff: Don't ignore too long
lines in nss_files
- CVE-2015-5277
* SECURITY UPDATE: out of range data to strftime() causes segfault
(denial of service)
- debian/patches/any/CVE-2015-8776.diff: add range checks to
strftime() processing
- CVE-2015-8776
* SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
AT_SECURE programs (e.g. setuid), allowing disabling of pointer
mangling
- debian/patches/any/CVE-2015-8777.diff: Always enable pointer
guard
- CVE-2015-8777
* SECURITY UPDATE: integer overflow in hcreate and hcreate_r
- debian/patches/any/CVE-2015-8778.diff: check for large inputs
- CVE-2015-8778
* SECURITY UPDATE: unbounded stack allocation in catopen()
- debian/patches/any/CVE-2015-8779.diff: stop using unbounded
alloca()
- CVE-2015-8779
* SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
- debian/patches/any/CVE-2016-3075.diff: do not make unneeded
memory copy on the stack.
- CVE-2016-3075
* SECURITY UPDATE: pt_chown privilege escalation
- debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
about pty group and permission mode
- debian/sysdeps/linux.mk: don't build pt_chown
- debian/rules.d/debhelper.mk: only install pt_chown when built.
- CVE-2016-2856, CVE-2013-2207
* debian/debhelper.in/libc.postinst: add reboot notifications for
security updates (LP: #1546457)
* debian/patches/ubuntu/submitted-no-stack-backtrace.diff: update
patch to eliminate compiler warning.
-- Steve Beattie <email address hidden> Fri, 08 Apr 2016 23:26:02 -0700
-
eglibc (2.19-0ubuntu6.7) trusty-security; urgency=medium
* SECURITY UPDATE: glibc getaddrinfo stack-based buffer overflow
- debian/patches/any/CVE-2015-7547-pre1.diff: fix memory leak in
resolv/nss_dns/dns-host.c.
- debian/patches/any/CVE-2015-7547-pre2.diff: fix memory leak in
include/resolv.h, resolv/gethnamaddr.c, resolv/nss_dns/dns-canon.c,
resolv/nss_dns/dns-host.c, resolv/nss_dns/dns-network.c,
resolv/res_query.c, resolv/res_send.c.
- debian/patches/any/CVE-2015-7547.diff: fix buffer handling in
resolv/nss_dns/dns-host.c, resolv/res_query.c, resolv/res_send.c.
- CVE-2015-7547
-- Marc Deslauriers <email address hidden> Tue, 16 Feb 2016 11:35:05 -0500
-
eglibc (2.19-0ubuntu6.6) trusty-security; urgency=medium
* SECURITY UPDATE: getaddrinfo writes to random file descriptors under
high load
- debian/patches/any/cvs-resolv-reuse-fd.diff: reload file descriptor
after calling reopen in resolv/res_send.c.
- CVE-2013-7423
* SECURITY UPDATE: denial of service via endless loop in getaddr_r
- debian/patches/any/cvs-getnetbyname.diff: iterate over alias names in
resolv/nss_dns/dns-network.c.
- CVE-2014-9402
* SECURITY UPDATE: buffer overflow in wscanf
- debian/patches/any/cvs-wscanf.diff: calculate correct size in
stdio-common/vfscanf.c, added test to stdio-common/tst-sscanf.c.
- CVE-2015-1472
- CVE-2015-1473
-- Marc Deslauriers <email address hidden> Wed, 25 Feb 2015 09:04:10 -0500
-
eglibc (2.19-0ubuntu6.5) trusty; urgency=medium
* patches/amd64/local-blacklist-on-TSX-Haswell.diff: new patch from
Henrique de Moraes Holschuh to disable TSX on processors which might get
it disabled through a microcode update. (LP: #1398975)
-- Chris J Arges <email address hidden> Thu, 04 Dec 2014 08:30:10 -0600
-
eglibc (2.19-0ubuntu6.4) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service in IBM gconv modules
- debian/patches/any/cvs-CVE-2014-6040.diff: fix checks in
iconvdata/ibm*.c.
- CVE-2014-6040
* SECURITY UPDATE: arbitrary command execution via wordexp (LP: #1396471)
- debian/patches/any/CVE-2014-7817.diff: properly handle WRDE_NOCMD in
posix/wordexp.c, added tests to posix/wordexp-test.c.
- CVE-2014-7817
-- Marc Deslauriers <email address hidden> Mon, 01 Dec 2014 12:05:33 -0500
-
eglibc (2.19-0ubuntu6.3) trusty; urgency=medium
* SECURITY UPDATE: heap overflow in __gconv_translit_find() (LP: #1362409)
- debian/patches/any/cvs-CVE-2014-5119.diff: Backport upstream commit to
completely remove support for loadable gconv transliteration modules.
-- Adam Conrad <email address hidden> Wed, 27 Aug 2014 22:19:15 -0600
-
eglibc (2.19-0ubuntu6.2) trusty; urgency=medium
* debian/patches/any/cvs-use-zonedir-instead-of-current.diff: Ensure that
time zone files are detected correctly. (LP: #1294861)
-- Chris J Arges <email address hidden> Tue, 19 Aug 2014 15:20:18 -0500
-
eglibc (2.19-0ubuntu6.1) trusty-security; urgency=medium
* SECURITY UPDATE: Directory traversal in locale environment handling
- debian/patches/any/CVE-2014-0475.diff: validate locale names in
locale/findlocale.c, locale/setlocale.c, added test to
localedata/tst-setlocale3.c, localedata/Makefile.
- CVE-2014-0475
* SECURITY UPDATE: use-after-free via posix_spawn_file_actions_addopen
failing to copy the path argument
- debian/patches/any/CVE-2014-4043.diff: properly copy path in
posix/spawn_faction_addopen.c, posix/spawn_faction_destroy.c,
posix/spawn_int.h, added test to posix/tst-spawn.c.
- CVE-2014-4043
-- Marc Deslauriers <email address hidden> Mon, 28 Jul 2014 12:59:23 -0400
-
eglibc (2.19-0ubuntu6) trusty; urgency=medium
* debian/patches/arm64/submitted-setcontext.diff: Update to new version
of Will's setcontext patch to fix sigmask handling bug (LP: #1306829)
-- Adam Conrad <email address hidden> Sat, 12 Apr 2014 01:47:43 -0600
-
eglibc (2.19-0ubuntu5) trusty; urgency=medium
* Merge with unreleased 2.19 from Debian experimental, fixing more bugs:
- Pull in arm64 patches to fix setcontext corruption (LP: #1279620)
- Apply the IBM 2.19 branch for POWER8 bug fixes and optimizations.
- Change M_CHECK_ACTION to abort if first MALLOC_CHECK_ bit is set.
-- Adam Conrad <email address hidden> Wed, 09 Apr 2014 18:27:57 -0600
-
eglibc (2.19-0ubuntu4) trusty; urgency=low
* debian/debhelper.in/libc.preinst:
- do not show glibc/restart-services question when the system
is uprading via the desktop session (LP: #1298281)
-- Michael Vogt <email address hidden> Wed, 09 Apr 2014 11:33:31 +0200
-
eglibc (2.19-0ubuntu3) trusty; urgency=medium
* Merge with unreleased 2.19 from Debian experimental, fixing more bugs:
- Fix bzero/__bzero definition on powerpc/ppc64 with static builds.
- Enable IFUNC on arm64 builds, now that the toolchain supports it.
- Revert removal of the XDR currency for installation-locale FTBFS.
- Pull update from 2.19 branch, fixing bad math in __sin and __cos.
* debian/sysdeps/{i386,amd64}.mk: Build i386 flavours with -fno-regmove,
this can be reverted when gcc-4.9 becomes the default distro compiler.
* debian/*: Drop the redundant libc6-xen packages on i386 (LP: #1271534)
-- Adam Conrad <email address hidden> Sun, 09 Mar 2014 12:21:48 -0600
-
eglibc (2.19-0ubuntu2) trusty; urgency=medium
* Merge with unreleased 2.19 from Debian experimental, fixing some bugs:
- debian/patches/any/local-no-malloc-backtrace.diff: Lower the default
for MALLOC_CHECK_ to 1, and add it to the list of insecure variables
that can't be set for suid binaries. This allows us to not backtrace
malloc failures by default (Closes: #739913, LP: #1266492) and skips
backtrace for suid binaries where an attacker calling into a corrupt
malloc internal data structure with malloc could lead to Bad Things.
- Make ldconfig stop operating on the linker entirely, so our packaged
symlinks take precedence and hack the postinst to skip ldconfig when
we detect a broken setup that the old ldconfig mangles (LP: #915995)
-- Adam Conrad <email address hidden> Sun, 23 Feb 2014 22:39:18 -0700
-
eglibc (2.19-0ubuntu1) trusty; urgency=medium
* Merge with unreleased 2.19 from Debian experimental, remaining changes:
- Drop the Breaks line from libc6, which refers to a Debian transition
- Remove the libc6 recommends on libc6-i686, which we don't build
- Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel
- Ship update-locale and validlocale in /usr/sbin in libc-bin
- Don't build locales or locales-all in Ubuntu, we rely on langpacks
- Heavily mangle the way we do service restarting on major upgrades
- Use different MIN_KERNEL_SUPPORTED versions than Debian, due to
buildd needs. This should be universally bumped to 2.6.32 once all
our buildds (including the PPA guests) are running precise kernels
- Build i386 variants as -march=i686, build amd64 with -O3, and build
ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize
- debian/patches/ubuntu/local-CVE-2012-3406.diff: switch to malloc when
array grows too large to handle via alloca extension (CVE-2012-3406)
- Build generic i386/i686 flavour with -mno-tls-direct-seg-refs
* debian/patches/series.ppc64el: Drop ppc64el patches included upstream.
* debian/patches/ubuntu/delete-header-pot.diff: Removed, fixed upstream.
* expected-results-aarch64-linux-gnu-libc: Ignore two new arm64 failures
for now, so we can get glibc built and test other packages against it.
eglibc (2.19-0experimental0) UNRELEASED; urgency=medium
* New upstream release: version 2.19, orig tarball built at SVN r25252:
- debian/patches/alpha/local-string-functions.diff: Rebased.
- debian/patches/any/local-disable-test-tgmath2.diff: Rebased.
- debian/patches/any/local-localedef-fix-trampoline.diff: Rebased.
- debian/patches/any/submitted-longdouble.diff: Rebased.
- debian/patches/hurd-i386/local-enable-ldconfig.diff: Rebased.
- debian/patches/kfreebsd/local-fbtl-depends.diff: Rebased.
- debian/patches/kfreebsd/local-scripts.diff: Rebased.
- debian/patches/locale/preprocessor-collate-uli-sucks.diff: Rebased.
- debian/patches/localedata/fix-lang.diff: Rebased.
- debian/patches/localedata/locale-en_DK.diff: Rebased.
- debian/patches/localedata/locale-hsb_DE.diff: Rebased.
- debian/patches/localedata/locale-ku_TR.diff: Rebased.
- debian/patches/localedata/locales-fr.diff: Rebased.
- debian/patches/localedata/sort-UTF8-first.diff: Rebased.
- debian/patches/powerpc/local-math-logb.diff: Rebased.
- debian/patches/sparc/local-fork.diff: Rebased.
- debian/patches/sparc/local-sparcv9-target.diff: Rebased.
- debian/patches/alpha/submitted-PTR_MANGLE.diff: Fixed upstream.
- debian/patches/ia64/submitted-fpu-ulps.diff: Regenerated upstream.
- debian/patches/powerpc/submitted-gettimeofday-vdso.diff: Dropped.
- debian/patches/any/local-use-glibc-predef.diff: Merged upstream.
- debian/patches/any/submitted-getaddrinfo-lo.diff: Merged upstream.
- debian/patches/any/local-getaddrinfo-interface.diff: Merged upstream.
- debian/patches/any/submitted-resolv-init.diff: Merged upstream.
- Drop all cvs-* patches that are included in the 2.19 upstream release.
- Most hurd-i386 and kfreebsd-* patches not rebased yet, needs work.
* debian/sysdeps/ppc64el.mk: Use --with-cpu=power7 to optimize properly.
* debian/*: Update occurences of 2.18 to 2.19 and update symbols to match.
* debian/patches/any/unsubmitted-tst-ftell-locale.diff: Apply the correct
environment for the tst-ftell-partial-wide.out test to find its locales.
* debian/*: Remove references to libbsd-compat.a which is no longer built.
* debian/sysdeps/powerpc.mk: Follow rename of stubs-64.h to stubs-64-v1.h.
* debian/patches/any/submitted-sysdeps-auxv.diff: Fix implicit declaration
when including <sys/auxv.h> in the testsuite by fixing up header guards.
eglibc (2.18-1) unstable; urgency=medium
[ Adam ConradĀ ]
* debian/patches/hurd-i386/libpthread_version.diff: Remove stderr vomit.
* debian/patches/arm/cvs-arm__{longjmp,sigsetjmp}-thumb.diff: Pull patch
from upstream to allow building longjmp and sigsetjmp code with Thumb.
* debian/patches/arm/cvs-arm-pointer-mangle-frame.diff: Upstream diff to
no longer apply pointer encryption to the frame pointer (LP: #1268937)
* debian/patches/powerpc/cvs-gettimeofday-32.diff: Replace the submitted
version of this patch with the upstream commit, which also fixes time.
* debian/debhelper.in/libc.postinst: Track samba to smbd service rename.
[ Aurelien Jarno ]
* debian/testsuite-checking/expected-results-mips*: Update following
the prlimit64 fix deployment on the build daemons.
* patches/alpha/cvs-tls-macros.diff: New patch from upstream to fix
FTBFS on alpha. Closes: #735774.
[ Samuel Thibault ]
* patches/hurd-i386/cvs-libpthread.diff: New snapshot, brings thread
destruction fixes and name resolution fix.
* patches/hurd-i386/libpthread_build.diff: Refresh.
* patches/hurd-i386/libpthread_fix.diff: Remove, fixed upstream.
* patches/hurd-i386/libpthread_globsigdisp.diff: Remove, merged upstream.
* patches/hurd-i386/tg-tls_thread_leak.diff: Re-enable, now working.
* control.d/libc: Upgrade hurd Breaks to version which include the fix again
gcc-4.8-built libc.
-- Adam Conrad <email address hidden> Sat, 15 Feb 2014 19:56:22 -0700
-
eglibc (2.18-0ubuntu7) trusty; urgency=medium
* debian/patches/ppc64el/ibm-branch.diff: Drop min shlib vers to 2.17.
* debian/patches/ppc64el/lookup-hack.diff: Treat 2.18 symbols as 2.17.
-- Adam Conrad <email address hidden> Sun, 16 Feb 2014 08:01:02 +0000
-
eglibc (2.18-0ubuntu6) trusty; urgency=medium
* debian/sysdeps/ppc64el.mk: Use --with-cpu=power7 to optimize properly.
* debian/patches/ppc64el/cvs-ppc64-MCOUNT.diff: Fix uses of CALL_MCOUNT.
-- Adam Conrad <email address hidden> Wed, 15 Jan 2014 17:28:49 -0700
-
eglibc (2.18-0ubuntu5) trusty; urgency=medium
* debian/patches/arm/cvs-arm__{longjmp,sigsetjmp}-thumb.diff: Pull patch
from upstream to allow building longjmp and sigsetjmp code with Thumb.
* debian/patches/arm/cvs-arm-pointer-mangle-frame.diff: Upstream diff to
no longer apply pointer encryption to the frame pointer (LP: #1268937)
-- Adam Conrad <email address hidden> Tue, 14 Jan 2014 15:18:45 -0700
-
eglibc (2.18-0ubuntu4) trusty; urgency=medium
* debian/patches/ppc64el/ibm-branch.diff: Rebase against vfscanf patch.
eglibc (2.18-0ubuntu3) trusty; urgency=medium
* Merge with Debian experimental, pulling in some POWER and build fixes.
* debian/patches/ppc64el/ibm-branch.diff: Rebase against vDSO backports.
* debian/patches/hurd-i386/libpthread_version.diff: Remove stderr vomit.
eglibc (2.18-0experimental1) experimental; urgency=low
[ Adam ConradĀ ]
* debian/patches/i386/cvs-nonascii-case-strcmp.diff: Pull upstream patch
to fix LC_CTYPE nonascii-case fallback in i686 strcasecmp/strncasecmp.
* debian/testsuite-checking/*: Update 686 targets to match the 586 ones.
* Generate expected-results-powerpc64le-linux-gnu-libc for ppc64el port.
* debian/testsuite-checking/*: Normalize expected results for ARM ports.
* debian/patches/i386/cvs-sse42-strstr*: Backport upstream commits which
drop buggy SSE4.2 srtstr implementations in favour of an SSE2 version.
* debian/patches/any/cvs-ptrace_peeksiginfo_args.diff: Prepend __ prefix
to ptrace_peeksiginfo_args struct to prevent namespace clash w/ linux.
* debian/patches/powerpc/cvs-ppc64-vdso-ifunc.diff: Pull upstream fix to
squash undefined behaviour in PowerPC64 vDSO IFUNC symbol resolutions.
* debian/patches/powerpc/submitted-gettimeofday-vdso.diff: New diff from
Adhemerval Zanella at IBM to fix gettimeofday vDSO/IFUNC interactions.
* debian/patches/powerpc/submitted-gettimeofday-32.diff: Pull patch from
Adhemerval Zanella at IBM to fix 32-bit gettimeofday VSYSCALL lookups.
* debian/rules.d/build.mk, debian/sysdeps/{hurd,linux,kfreebsd}.mk: Make
pt_chown keyed off a new variable that we can use to enable or disable
it per kernel type rather than just the primary libc (Closes: #734607)
* debian/patches/kfreebsd/submitted-waitid.diff: On Linux, we must undef
waitflags before we define them or we'll conflict with kernel headers.
[ Aurelien Jarno ]
* debian/patches/any/cvs-vfscanf-0e+0.diff: new patch from upstream to
fix parsing of 0e+0. Closes: #732993.
* debian/patches/mips/submitted-wordsize-clang.diff: drop now that clang
correctly defines_MIPS_SZPTR.
[ Samuel Thibault ]
* patches/hurd-i386/tg-nfds-poll.diff: New patch to fix poll call with big
array.
* patches/hurd-i386/tg-sigstate_locking.diff: New patch to fix sigstate
creation.
* patches/hurd-i386/tg-sigstate_thread_reference.diff: New patch to fix
sigstate thread reference counting.
* patches/hurd-i386/{libpthreadlibpthread_stubs,libpthread_hurd_cond_wait,
submitted-libpthread-elf,cvs-libpthread_lock,libpthread_cancellation,
libpthread_hurd_cond_timedwait,libpthread_ctypes,cvs-pthread_atfork,
cvs-tls-threadvar-threadself,cvs-libpthread-tls,
cvs-libpthread-userstack}.diff: Remove, replaced by...
* patches/hurd-i386/cvs-libpthread.diff: ... this git snapshot, and...
* patches/hurd-i386/libpthread_build.diff: ... these build fixes.
* patches/hurd-i386/tg-aio_misc.diff: New patch to fix aio build.
* control.d/main: Build-depend on newer gnumach-dev to get
thread_terminate_release RPC.
* libc0.3.symbols.hurd-i386: Add thread_terminate_release.
-- Adam Conrad <email address hidden> Sat, 11 Jan 2014 03:46:41 -0700
-
eglibc (2.18-0ubuntu3) trusty; urgency=medium
* Merge with Debian experimental, pulling in some POWER and build fixes.
* debian/patches/ppc64el/ibm-branch.diff: Rebase against vDSO backports.
* debian/patches/hurd-i386/libpthread_version.diff: Remove stderr vomit.
-- Adam Conrad <email address hidden> Sat, 11 Jan 2014 02:37:18 -0700
-
eglibc (2.18-0ubuntu2) trusty; urgency=medium
* debian/patches/i386/cvs-sse42-strstr*: Backport upstream commits which
drop buggy SSE4.2 srtstr implementations in favour of an SSE2 version.
* debian/patches/kfreebsd/submitted-waitid.diff: Drop this patch pending
the resolution of the upstream bug and the Linux/libc header mismatch.
-- Adam Conrad <email address hidden> Thu, 19 Dec 2013 17:44:12 -0700
-
eglibc (2.18-0ubuntu1) trusty; urgency=low
* Merge with latest 2.18 from Debian experimental, remaining changes:
- Drop the Breaks line from libc6, which refers to a Debian transition
- Remove the libc6 recommends on libc6-i686, which we don't build
- Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel
- Ship update-locale and validlocale in /usr/sbin in libc-bin
- Don't build locales or locales-all in Ubuntu, we rely on langpacks
- Heavily mangle the way we do service restarting on major upgrades
- Use different MIN_KERNEL_SUPPORTED versions than Debian, due to
buildd needs. This should be universally bumped to 2.6.32 once all
our buildds (including the PPA guests) are running precise kernels
- Build i386 variants as -march=i686, build amd64 with -O3, and build
ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize
- debian/patches/ubuntu/local-CVE-2012-3406.diff: switch to malloc when
array grows too large to handle via alloca extension (CVE-2012-3406)
- Build generic i386/i686 flavour with -mno-tls-direct-seg-refs
* debian/patches/ubuntu/local-linaro-cortex-strings.diff: Dropped at the
request of Will Newton, who will upstream something more performant.
* debian/patches/i386/cvs-nonascii-case-strcmp.diff: Pull upstream patch
to fix LC_CTYPE nonascii-case fallback in i686 strcasecmp/strncasecmp.
* debian/testsuite-checking/*: Update 686 targets to match the 586 ones.
* Generate expected-results-powerpc64le-linux-gnu-libc for ppc64el port.
eglibc (2.18-0experimental0) experimental; urgency=low
[ Adam Conrad ]
* New upstream release: version 2.18, orig tarball built at SVN r24653:
- patches/alpha/local-string-functions.diff: Rebased.
- patches/alpha/submitted-PTR_MANGLE.diff: Rebased.
- patches/any/local-allocalim-header.diff: Rebased.
- patches/any/local-disable-test-tgmath2.diff: Rebased.
- patches/any/local-dlfptr.diff: Rebased.
- patches/any/local-ld-multiarch.diff: Rebased.
- patches/any/local-ldso-disable-hwcap.diff: Rebased.
- patches/any/local-mktemp.diff: Rebased.
- patches/any/local-nss-overflow.diff: Rebased.
- patches/any/submitted-bits-fcntl_h-at.diff: Rebased.
- patches/any/submitted-longdouble.diff: Rebased.
- patches/arm/local-vfp-sysdeps.diff: Rebased.
- patches/arm/unsubmitted-ldconfig-cache-abi.diff: Rebased.
- patches/hppa/submitted-nptl-carlos.diff: Rebased.
- patches/sparc/local-fork.diff: Rebased.
- patches/ia64/submitted-fpu-ulps.diff: Rebased.
- patches/localedata/first_weekday.diff: Rebased.
- patches/locale/LC_IDENTIFICATION-optional-fields.diff: Rebased.
- patches/powerpcspe/unsubmitted-nearbyint.diff: Applied upstream.
- patches/m68k/cvs-sysdep-cfi.diff: Applied upstream.
- patches/i386/cvs-simd-exception.diff: Applied upstream.
- patches/any/local-rtld.diff: Applied upstream.
- patches/any/cvs-tst-array-as-needed.diff: Applied upstream.
- patches/any/cvs-use-glibc-wchar.diff: Applied upstream.
- patches/any/submitted-setfsid-wur.diff: Applied upstream.
- patches/any/cvs-sys-param-h-DEV_BSIZE.diff: Applied upstream.
- patches/any/cvs-getaddrinfo-stack-overflow.diff: Applied upstream.
- patches/any/cvs-regexp-overrun.diff: Applied upstream.
- patches/any/cvs-gethostbyname-numeric.diff: Applied upstream.
- patches/any/cvs-getaddrinfo-EAI_NONAME.diff: Applied upstream.
- patches/any/cvs-tst-cancel4-buf.diff: Applied upstream.
- patches/arm64/cvs-setjmp-clobber.diff: Applied upstream.
- patches/any/cvs-tst-cancel4-buf.diff: Applied upstream.
- patches/any/cvs-CVE-2013-4332-pvalloc.diff: Rebased.
- patches/any/cvs-CVE-2013-4332-valloc.diff: Rebased.
- patches/any/cvs-CVE-2013-4788-static-ptrguard.diff: Rebased.
- patches/any/cvs-CVE-2013-4788-static-ptrguard-arm.diff: Rebased.
- patches/any/cvs-CVE-2013-2207-pt_chown.diff: Applied upstream.
* debian/patches/any/cvs-tst-tls-atexit-deps.diff: Fix compilation of
stdlib/tst-tls-atexit with binutils defaulting to ld --as-needed.
* debian/control: Build-dep on netbase for service lookups in tests.
* debian/sysdeps/{linux,hurd}.mk: Force on pt_chown on linux and hurd.
* debian/rules.d/debhelper.mk: Compress $(libc), multiarch-support, and
libc-bin with gzip, and let the rest default to dpkg's new defaults.
* debian/debhelper.in/libc-bin.lintian-overrides: The manpages for zic
zdump, ldd, ldconfig, and getent have moved to the manpages package.
* debian/debhelper.in/libc.lintian-overrides: Don't whine about ldconfig.
* debian/testsuite-checking/*: Allow powerpc to fail test-{double,float}.
* debian/testsuite-checking/expected-results-aarch64-linux-gnu-libc: New.
* debian/testsuite-checking/expected-results-arm-linux-gnueabi-armel: New.
* debian/testsuite-checking/expected-results-i686-linux-gnu-libc: New.
* debian/patches/any/local-rtlddir-cross.diff: Revert to the state found
in 2.17 where ld.so was installed to slibdir and so listed in libc.so.
* Skeleton in packaging support for the new powerpc64le-linux-gnu:
- debian/sysdeps/ppc64el.mk: Define base ppc64el libc targets.
- debian/rules.d/control.mk: Add ppc64el to the list of libc_arches.
- debian/control.in/main: Build-depend on gcc-4.8 for ppc64el builds.
* debian/libc6.symbols.ppc64: Add missing libc6 symbols file for ppc64.
* debian/libc6.symbols.arm64: Add missing libc6 symbols file for arm64.
* debian/sysdeps/*: Enable new IFUNC support on armel and armhf builds.
* debian/patches/arm/cvs-ifunc-hwcap-fix.diff: Fix IFUNC on non-NEON.
* debian/patches/arm/cvs-arm-pointer-mangling.diff: Add ARM support for
pointer encryption in glibc internal structures in C and assembler.
* debian/patches/any/cvs-tst-cleanup2-ret.diff: Fix return regression
on recent versions of gcc in nptl/tst-cleanup2 and nptl/tst-cleanupx2.
* debian/patches/any/unsubmitted-tst-tlsmod-as-needed.diff: Fix linking
tst-tlsmod5.so and tst-tlsmod6.so with an as-needed default toolchain.
* debian/patches/any/unsubmitted-scanf-includes.diff: Fix includes for
the scanf15 and scanf17 tests for arches that need misc/bits/syscall.h.
* debian/patches/any/local-use-glibc-predef.diff: Backport stdc-predef.h
from glibc instead of eglibc, avoiding bits/predefs.h (closes: #717557)
* debian/rules.d/quilt.mk: Fix unpatch with only one arch patch applied.
* debian/patches/arm64/cvs-arm64-sigcontext.diff: arm64 sigcontextinfo.h.
* debian/patches/arm64/cvs-arm64-relocs.diff: Add arm64 reloc definitions.
* debian/patches/arm64/cvs-arm64-mcount-profiling.diff: mcount profiling.
* debian/patches/arm64/cvs-arm64-ifunc.diff: Enable arm64 IFUNC support.
* debian/{rules,sysdeps/arm64.mk,control}: Enable libc6-prof on aarch64.
* debian/{control.in/main,rules,sysdeps/*}: Switch to using gcc-4.8 on all
architectures as gcc-4.6 and gcc-4.7 are going away in the near future.
* debian/rules: Build for i586 where dpkg-architecture claims i486, which
matches the default that gcc-4.8 has had on i386 for the last two years.
* debian/rules: Set configure_build the same as configure_target above, so
we don't think we're cross-building and skip half the testsuite on i386.
* debian/patches/i386/local-i586-ulps.diff: Regen ulps for i586, not i686.
* debian/patches/i386/cvs-tst-cond25.diff: Pull fix for an intermittent
failure in nptl/tst-cond25 in pthread_cond_timedwait.S on i486 and up.
[ Samuel Thibault ]
* patches/hurd-i386/libpthread_hurd_cond_timedwait.diff: Rebased.
* patches/hurd-i386/libpthread_hurd_cond_wait.diff: Rebased.
* patches/hurd-i386/submitted-add-needed.diff: Rebased.
* patches/hurd-i386/submitted-exec_filename.diff: Rebased.
* patches/hurd-i386/tg-EIEIO-fr.diff: Rebased.
* patches/hurd-i386/tg-elfosabi_gnu.diff: Rebased.
* patches/hurd-i386/tg-exec-static.diff: Rebased.
* patches/hurd-i386/tg-hurdsig-fixes.diff: Rebased.
* patches/hurd-i386/tg-hurdsig-global-dispositions.diff: Rebased.
* patches/hurd-i386/tg-sendmsg-SCM_RIGHTS.diff: Rebased.
* patches/hurd-i386/tg-tls-threadvar.diff: Rebased.
* patches/hurd-i386/tg-tls.diff: Rebased.
* patches/hurd-i386/unsubmitted-clock_t_centiseconds.diff: Rebased.
* patches/hurd-i386/submitted-net.diff: Rebased.
* patches/hurd-i386/local-ulimit.diff: Removed, fixed upstream.
* patches/hurd-i386/libpthread_hurd_cond_timedwait.diff: Add missing
version.
* patches/hurd-i386/libpthread_hurd_cond_wait.diff: Likewise.
* patches/hurd-i386/unsubmitted-NO_HIDDEN.diff: New patch, fixes undefined
__GI_memmove/memset reference failures.
* testsuite-checking/expected-results-i486-gnu-libc,
expected-results-i686-gnu-i386, expected-results-i686-gnu-i686,
expected-results-i686-gnu-xen: Update testsuite result.
[ Petr Salinger ]
* debian/*: change version occurences from 2.17 to 2.18 for upgrades/deps.
* kfreebsd/local-sysdeps.diff: update to revision 5214 (from glibc-bsd).
* kfreebsd/local-fbtl.diff: likewise
* sysdeps/kfreebsd.mk: pt_chown is mandatory
* update symbols file for kfreebsd
* update testsuite-checking/expected-results-*-kfreebsd-gnu-*
* add kfreebsd/submitted-waitid.diff. Closes: #720188.
* add kfreebsd/submitted-auxv.diff. Closes: #717912.
* drop obsolete patches/*/local-linuxthreads*
* drop obsolete linuxthreads part of kfreebsd/local-scripts.diff
* drop obsolete kfreebsd/local-dosavesse.diff, local-pthread_at_fork.diff,
kfreebsd/local-nosavesse.diff, kfreebsd/local-use-thr-primitives.diff,
and kfreebsd/submitted-libc_once.diff.
* drop kfreebsd/local-readdir_r.diff, obsoleted by fix for CVE-2013-4237.
[ Aurelien Jarno ]
* Drop s390 support.
* sysdeps/{hurd,kfreebsd,linux}.mk: remove dead code.
* Remove linuxthreads from the tarball:
- rules.d/tarball.mk: don't fetech linuxthreads and linuxthreads_db.
- rules.d/build.mk: don't build linuxthreads manpages.
- rules: don't run make clean in linuxthreads directory.
- patches/any/local-sysctl.diff: drop the linuxthreads part.
- patches/all/local-pthread-manpages.diff: remove.
- local/manpages/pthread_*.3: import the few remaining linuxthreads
manpages.
- debhelper.in/glibc-doc.manpages: update manpage locations.
* debian/sysdeps/s390.mk: Enable new IFUNC support.
* debian/rules.d/debhelper.mk: compress locales-all with xz -z7.
* patches/any/cvs-strcasecmp-locales.diff: new patch from upstream to
fix mismatch between strcasecmp and toupper/tolower in tr_TR.iso88599
locale (Closes: #716775).
* patches/any/cvs-CVE-2013-4458-getaddrinfo.diff: new patch from upstream
to fix stack (frame) overflow in getaddrinfo() when called with AF_INET6
/ CVE-2013-4458 (Closes: #727181).
* testsuite-checking/expected-results-s390-linux-gnu-s390,
testsuite-checking/expected-results-s390x-linux-gnu-libc: cleanup.
* patches/svn-updates.diff: update with the glibc 2.18 branch to get commits
which are not yet available in eglibc. Fixes multiarch math functions on
sparc.
* testsuite-checking/expected-results-i486*: rename expected result files
from i486 to i586.
* testsuite-checking/convertlog.sh: use sort -u to avoid duplicated entries
in the test results.
* testsuite-checking/expected-results-mips*: remove duplicated entries,
cleanup.
* testsuite-checking/expected-results-arm-linux-gnueabihf-libc: cleanup.
* testsuite-checking/expected-results-arm-linux-gnueabi-libc: cleanup.
* testsuite-checking/expected-results-*86-linux-gnu*: cleanup.
* patches/any/cvs-DL_CALL_DT_INIT_FINI.diff,
patches/hppa/cvs-hppa-DL_CALL_DT_INIT_FINI.diff,
patches/ia64/cvs-ia64-DL_CALL_DT_INIT_FINI.diff: new patches from upstream
to fix a segmentation fault in ld.so on hppa and ia64.
* testsuite-checking/expected-results-sparc*-linux-gnu-*: cleanup.
* patches/s390/cvs-s390-tls-got-pointer.diff: new patch from upstream to fix
the TLS GOT pointer setup on s390.
* debian/rules.d/build.mk: define the installation in configparms to avoid
broken glibc makefiles to spuriously trigger install rules trying to
overwrite system headers.
* testsuite-checking/expected-results-*-kfreebsd-gnu-*: allow
check-local-headers.out to fail as the script is linux specific and
doesn't now about kfreebsd specific headers.
* debian/rules: don't pass -fstrict-aliasing to HOST_CFLAGS, it is already
included in -O2.
* Replace patches/any/submitted-findlocale-div-by-zero.diff by upstream
version patches/any/cvs-findlocale-div-by-zero.diff.
* patches/any/cvs-CVE-2013-4332-memalign-2.diff: patch from upstream to
address some remaining issues from CVE-2013-4332.
* patches/ia64/local-rtld-compile-options.diff: new patch to workaround
miscompilation issues.
* testsuite-checking/expected-results-ia64-linux-gnu-libc: cleanup and
update.
eglibc (2.17-97) unstable; urgency=medium
[ Aurelien Jarno ]
* patches/mips/local-prlimit64.diff: remove.
* patches/mips/cvs-prlimit64.diff: new patch from upstream to fix
getrlimit64/setrlimit64 with recent 64-bit kernels (Closes: #665897).
* patches/any/submitted-findlocale-div-by-zero.diff: new patch to fix
a SIGFPE when locale-archive has been corrupted to all zeros (Closes:
#718890, #730336).
[ Petr Salinger ]
* kfreebsd/local-sysdeps.diff: raise MAXLOGNAME
eglibc (2.17-96) unstable; urgency=low
* patches/any/cvs-CVE-2013-4237-alignment.diff: Fix alignment of the
directory block in dirstream.h, fixing readdir regression on sparc.
* testsuite-checking/*: Allow ptrguard test to fail on mips and hurd.
eglibc (2.17-95) unstable; urgency=low
[ Adam Conrad ]
* patches/any/cvs-CVE-2013-4788-static-ptrguard-arm.diff: Pull fix
from git to fix the static-ptrguard testsuite regression on ARM.
* patches/series: Re-enable CVE-2013-4788 fixes (Closes: #717178)
* patches/series.kfreebsd*: Disable kfreebsd/local-readdir_r.diff.
[ Samuel Thibault ]
* patches/any/cvs-CVE-2012-44xx.diff: Include <sys/param.h> to get
MIN/MAX macros on hurd-i386.
eglibc (2.17-94) unstable; urgency=low
[ Adam Conrad]
* patches/any/cvs-CVE-2012-44xx.diff: backport overflow fixes in strcoll
addressing CVE-2012-4412 and CVE-2012-4424 (Closes: #687530, #689423)
* patches/any/cvs-CVE-2013-4237.diff: backport git fix to respect the
NAME_MAX constraints in readdir_r: CVE-2013-4237 (Closes: #719558)
* debian/patches/any/cvs-CVE-2013-2207-pt_chown.diff: backpot git patch
to disable building and using pt_chown, but leave disabled for now
until we come up with a complete plan to not break end-user machines.
* patches/any/cvs-CVE-2013-4788-static-ptrguard*: backport fix from git
for pointer mangling in static builds, disabled due to ARM regression.
* patches/arm64/cvs-setjmp-clobber.diff: __sigsetjmp clobbers register
x1 before making the tail call to __sigjmp_save, which causes the
latter to always save the signal mask. Backport git patch to fix.
* patches/ubuntu/unsubmitted-dlopen-static-crash.diff: New patch from
Maciej Rozycki to fix a dlopen segfault in statically linked programs.
[ Samuel Thibault ]
* libc0.3.symbols.hurd-i386: Refresh.
* patches/hurd-i386/tg-sendmsg-SCM_RIGHTS.diff: Fix spurious returned error
when flags are not 0. Thanks Svante Signell for the catch
(Closes: #724681)
* patches/hurd-i386/libpthread_stubs.diff: Drop stub for pthread_atfork, now
implemented.
* patches/hurd-i386/tg-tls.diff: Fix getting LDT on fork.
* patches/hurd-i386/local-dl-dynamic-weak.diff: Remove patch, issue fixed in
libpthread.
* control: Make libc0.3 break old binaries which were depending on the
previous patch.
* patches/hurd-i386/tg-extern_inline.diff: Do not expose some internals of
libc outside libc.
* patches/hurd-i386/cvs-tls-threadvar-threadself.diff: New patch, store
pthread_self in TLS instead of threadvar.
* patches/hurd-i386/cvs-libpthread-tls.diff: New patch, delay TLS
deallocation.
* patches/hurd-i386/tg-tls.diff: Update, fix errno declaration for TLS.
* patches/hurd-i386/tg-tls-threadvar.diff: Update, replace all threadvars
with TLS.
* patches/hurd-i386/cvs-libpthread-userstack.diff: New patch, allow
user-provided stacks.
* patches/hurd-i386/tg-libc_getspecific.diff: New patch, fix erroneous
__libc_getspecific weak reference.
* control: Make libc0.3 break old hurd with overzealous inlines.
* patches/hurd-i386/libpthread.diff: Synchronize with upstream.
[ Petr Salinger ]
* fbtl.diff: limit default stack size to 4 * ARCH_STACK_DEFAULT_SIZE.
See #727009, #725516.
* sysdeps.diff: fixup get/set owner of socket
-- Adam Conrad <email address hidden> Fri, 22 Nov 2013 07:19:51 -0700
-
eglibc (2.17-93ubuntu4) saucy; urgency=low
* patches/arm64/cvs-setjmp-clobber.diff: __sigsetjmp clobbers register
x1 before making the tail call to __sigjmp_save, which causes the
latter to always save the signal mask. Backport git patch to fix.
* patches/series: Revert the CVE-2013-2207 pt_chown fix until we come
up with a sane plan to avoid users shooting themselves in the foot.
* debhelper.in/libc-bin.install: Install pt_chown again for the above.
-- Adam Conrad <email address hidden> Fri, 11 Oct 2013 21:06:21 -0600