~daxtens/ubuntu/+source/glibc:xenial-math-perf-regression-1663280

Branch merges

Propose for merging

Ready for review for merging into ubuntu/+source/glibc:ubuntu/xenial-devel

Simon Quigley (community): Needs Resubmitting on 2023-01-27

Steve Langasek (community): Abstain on 2018-11-06

Andreas Hasenack: Abstain on 2018-11-06

Ubuntu Foundations Team: Pending requested 2018-11-06

Diff: 825 lines (+797/-0)

4 files modified

debian/changelog (+9/-0)
debian/patches/series (+2/-0)
debian/patches/ubuntu/xsave-part1.diff (+619/-0)
debian/patches/ubuntu/xsave-part2.diff (+167/-0)

api

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

cc771fe... by Daniel Axtens on 2018-10-04

changelog

Signed-off-by: Daniel Axtens <email address hidden>

5fce348... by Daniel Axtens on 2018-10-04

Fix performance regression with mixed AVX/SSE code

  * debian/patches/ubuntu/xsave-part1.diff and
    debian/patches/ubuntu/xsave-part2.diff: Fix a serious performance
    regression when mixing SSE and AVX code on certain processors.
    The patches are from the upstream 2.23 stable branch. (LP: #1663280)

Signed-off-by: Daniel Axtens <email address hidden>

5a1b372... by Chris Coulson on 2018-01-14

Import patches-unapplied version 2.23-0ubuntu10 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 1637ca09cd62a70b9884c1ae71686b4082c7ae27

New changelog entries:
  * SECURITY UPDATE: Memory leak in dynamic loader (ld.so)
    - debian/patches/any/cvs-compute-correct-array-size-in-_dl_init_paths.diff:
      Compute correct array size in _dl_init_paths
    - CVE-2017-1000408
  * SECURITY UPDATE: Buffer overflow in dynamic loader (ld.so)
    - debian/patches/any/cvs-count-components-of-expanded-path-in-_dl_init_paths.diff:
      Count components of the expanded path in _dl_init_path
    - CVE-2017-1000409
  * SECURITY UPDATE: One-byte overflow in glob
    - debian/patches/any/cvs-fix-one-byte-glob-overflow.diff: Fix one-byte
      overflow in glob
    - CVE-2017-15670
  * SECURITY UPDATE: Buffer overflow in glob
    - debian/patches/any/cvs-fix-glob-buffer-overflow.diff: Fix buffer overflow
      during GLOB_TILDE unescaping
    - CVE-2017-15804
  * SECURITY UPDATE: Local privilege escalation via mishandled RPATH / RUNPATH
    - debian/patches/any/cvs-elf-check-for-empty-tokens.diff: elf: Check for
      empty tokens before dynamic string token expansion
    - CVE-2017-16997
  * SECURITY UPDATE: Buffer underflow in realpath()
    - debian/patches/any/cvs-make-getcwd-fail-if-path-is-no-absolute.diff:
      Make getcwd(3) fail if it cannot obtain an absolute path
    - CVE-2018-1000001

1637ca0... by Steve Beattie on 2017-06-16

Import patches-unapplied version 2.23-0ubuntu9 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: cddea9d7b4b8650392d96a6b2bfe02698bf17289

New changelog entries:
  * SECURITY UPDATE: LD_LIBRARY_PATH stack corruption
    - debian/patches/any/CVE-2017-1000366.patch: Completely ignore
      LD_LIBRARY_PATH for AT_SECURE=1 programs
    - CVE-2017-1000366
  * SECURITY UPDATE: LD_PRELOAD stack corruption
    - debian/patches/any/upstream-harden-rtld-Reject-overly-long-LD_PRELOAD.patch:
      Reject overly long names or names containing directories in
      LD_PRELOAD for AT_SECURE=1 programs.
  * debian/patches/any/cvs-harden-glibc-malloc-metadata.patch: add
    additional consistency check for 1-byte overflows
  * debian/patches/any/cvs-harden-ignore-LD_HWCAP_MASK.patch: ignore
    LD_HWCAP_MASK for AT_SECURE=1 programs

cddea9d... by Steve Beattie on 2017-03-21

Import patches-unapplied version 2.23-0ubuntu7 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 1a71d7accbacdadfcc11892308131ea93eb6eb6f

New changelog entries:
  * REGRESSION UPDATE: Previous update introduced ABI breakage in
    internal glibc query ABI
    - Revert patches/any/CVE-2015-5180-regression.diff
      (LP: #1674532)

1a71d7a... by Steve Beattie on 2017-03-07

Import patches-unapplied version 2.23-0ubuntu6 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 6952a6bce06863ba887b3d158b44f0645d9c0946

New changelog entries:
  * SECURITY UPDATE: DNS resolver NULL pointer dereference with
    crafted record type
    - patches/any/CVE-2015-5180.diff: use out of band signaling for
      internal queries
    - CVE-2015-5180
  * Rebuild to get the following fixes into the xenial-security pocket:
    - SECURITY UPDATE: stack-based buffer overflow in the glob
      implementation
      + patches/git-updates.diff: Simplify the interface for the
        GLOB_ALTDIRFUNC callback gl_readdir
      + CVE-2016-1234
    - SECURITY UPDATE: getaddrinfo: stack overflow in hostent
      conversion
      + patches/git-updates.diff: Use a heap allocation instead
      + CVE-2016-3706:
    - SECURITY UPDATE: stack exhaustion in clntudp_call
      + patches/git-updates.diff: Use malloc/free for the error
        payload.
      + CVE-2016-4429
    - SECURITY UPDATE: memory exhaustion DoS in libresolv
      + patches/git-updates.diff: Simplify handling of nameserver
        configuration in resolver
      + CVE-2016-5417
    - SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
      + patches/git-updates.diff: mark __startcontext as .cantunwind
      + CVE-2016-6323

6952a6b... by Adam Conrad on 2016-11-16

Import patches-unapplied version 2.23-0ubuntu5 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 653af6348f487c9e2ef23f377a2f742babc05d23

New changelog entries:
  * Disable lock-elision on all targets to avoid regressions (LP: #1642390)

653af63... by Adam Conrad on 2016-10-14

Import patches-unapplied version 2.23-0ubuntu4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: ff38964b4308fabc3d160ccaa265c63c7765e666

New changelog entries:
  * debian/rules.d/tarball.mk: Apply --no-renames to make the diff readable.
  * debian/patches/git-updates.diff: Update from release/2.23/master branch:
    - Include fix for potential makecontext() hang on ARMv7 (CVE-2016-6323)
    - Include fix for SEGV in sock_eq with nss_hesiod module (LP: #1571456)
    - Include malloc fixes, addressing multithread deadlocks (LP: #1630302)
    - debian/patches/hurd-i386/cvs-libpthread.so.diff: Dropped, upstreamed.
    - debian/patches/any/submitted-argp-attribute.diff: Dropped, upstreamed.
    - debian/patches/hurd-i386/tg-hurdsig-fixes-2.diff: Rebased to upstream.
  * debian/patches/ubuntu/local-altlocaledir.diff: Updated to latest version
    from Martin that limits scope to LC_MESSAGES, fixing segv (LP: #1577460)
  * debian/patches/any/cvs-cos-precision.diff: Fix cos() bugs (LP: #1614966)
  * debian/testsuite-xfail-debian.mk: Allow nptl/tst-signal6 to fail on ARM.

ff38964... by Adam Conrad on 2016-04-14

Import patches-unapplied version 2.23-0ubuntu3 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 1649eb0632f8e0da8cf11c7392b2ebc2b819becb

New changelog entries:
  * Merge with 2.23 from experimental, bringing in upstream updates:
    - Save/restore fprs/vrs while resolving symbols (LP: #1564918)
    - Fix _nss_dns_getnetbyname_r() stack overflow (CVE-2016-3075)
    - Merge libnss-dns-udeb and libnss-files-udeb into libc6-udeb.
  * Tidy up locale-gen, thanks to Gunnar Hjalmarsson (LP: #1560577):
    - Fix thinko that broke handling of multiple locale arguments.
    - Recognize UTF-8 locales without charset suffix in SUPPORTED.
    - Fix bug that led to the unsupported message not being shown.
  * Show reboot-required notification for all updates (LP: #1546457)

1649eb0... by Aurelien Jarno on 2016-04-14

Import patches-unapplied version 2.23-0experimental2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 11618116edeb6f48b5ec42f2d97dfe997e7b4751

New changelog entries:
  [ Aurelien Jarno ]
  * debian/patches/git-updates.diff: update from upstream stable branch.
  * patches/kfreebsd/local-fbtl.diff: update to revision 5973 (from
    glibc-bsd).
  * debian/rules, debian/rules.d/build.mk: rename localedir into complocaledir
    following upstream change.
  * debian/patches/local-allocalim-header.diff: drop, obsolete.
  * debian/patches/any/local-no-pagesize.diff: drop, obsolete.
  [ Adam Conrad ]
  * debian/testsuite-xfail-debian.mk: Also allow tst-malloc-thread-fail to
    fail where we've already done so for test-xfail-tst-malloc-thread-exit.