Fix performance regression with mixed AVX/SSE code
* debian/patches/ubuntu/xsave-part1.diff and
debian/patches/ubuntu/xsave-part2.diff: Fix a serious performance
regression when mixing SSE and AVX code on certain processors.
The patches are from the upstream 2.23 stable branch. (LP: #1663280)
Signed-off-by: Daniel Axtens <email address hidden>
New changelog entries:
* SECURITY UPDATE: DNS resolver NULL pointer dereference with
crafted record type
- patches/any/CVE-2015-5180.diff: use out of band signaling for
internal queries
- CVE-2015-5180
* Rebuild to get the following fixes into the xenial-security pocket:
- SECURITY UPDATE: stack-based buffer overflow in the glob
implementation
+ patches/git-updates.diff: Simplify the interface for the GLOB_ALTDIRFUNC callback gl_readdir
+ CVE-2016-1234
- SECURITY UPDATE: getaddrinfo: stack overflow in hostent
conversion
+ patches/git-updates.diff: Use a heap allocation instead
+ CVE-2016-3706:
- SECURITY UPDATE: stack exhaustion in clntudp_call
+ patches/git-updates.diff: Use malloc/free for the error
payload.
+ CVE-2016-4429
- SECURITY UPDATE: memory exhaustion DoS in libresolv
+ patches/git-updates.diff: Simplify handling of nameserver configuration in resolver
+ CVE-2016-5417
- SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
+ patches/git-updates.diff: mark __startcontext as .cantunwind
+ CVE-2016-6323
New changelog entries:
* debian/rules.d/tarball.mk: Apply --no-renames to make the diff readable.
* debian/patches/git-updates.diff: Update from release/2.23/master branch:
- Include fix for potential makecontext() hang on ARMv7 (CVE-2016-6323)
- Include fix for SEGV in sock_eq with nss_hesiod module (LP: #1571456)
- Include malloc fixes, addressing multithread deadlocks (LP: #1630302)
- debian/patches/hurd-i386/cvs-libpthread.so.diff: Dropped, upstreamed.
- debian/patches/any/submitted-argp-attribute.diff: Dropped, upstreamed.
- debian/patches/hurd-i386/tg-hurdsig-fixes-2.diff: Rebased to upstream.
* debian/patches/ubuntu/local-altlocaledir.diff: Updated to latest version
from Martin that limits scope to LC_MESSAGES, fixing segv (LP: #1577460)
* debian/patches/any/cvs-cos-precision.diff: Fix cos() bugs (LP: #1614966)
* debian/testsuite-xfail-debian.mk: Allow nptl/tst-signal6 to fail on ARM.
New changelog entries:
* Merge with 2.23 from experimental, bringing in upstream updates:
- Save/restore fprs/vrs while resolving symbols (LP: #1564918)
- Fix _nss_dns_getnetbyname_r() stack overflow (CVE-2016-3075)
- Merge libnss-dns-udeb and libnss-files-udeb into libc6-udeb.
* Tidy up locale-gen, thanks to Gunnar Hjalmarsson (LP: #1560577):
- Fix thinko that broke handling of multiple locale arguments.
- Recognize UTF-8 locales without charset suffix in SUPPORTED.
- Fix bug that led to the unsupported message not being shown.
* Show reboot-required notification for all updates (LP: #1546457)