lp:~tj/ubuntu/lucid/eglibc/lp1352504
- Get this branch:
- bzr branch lp:~tj/ubuntu/lucid/eglibc/lp1352504
Branch merges
Related source package recipes
Related bugs
| Bug #1352504: Regression in 2.11.1-0ubuntu7.14; segfault in getservbyname | Critical | Fix Released |
|
Related blueprints
Branch information
- Owner:
- TJ
- Status:
- Development
Recent revisions
- 49. By TJ
-
* SECURITY UPDATE: fix memory free SIGSEGV regression introduced by
CVE-2013-4357.diff
- debian/patches/ any/fix_ memory_ free_regression _introduced_ by_CVE- 2013-4357. diff:
fix incorrect free() of non-malloc-ed memory (LP: #1352504) - 48. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via buffer overflow in getaddrinfo
- debian/patches/ CVE-2013- 4357.patch: fix overflow in include/alloca.h,
nis/nss_nis/ nis-alias. c, nscd/nscd_ getserv_ r.c, posix/glob.c,
sysdeps/posix/getaddrin fo.c.
- CVE-2013-4357
* SECURITY UPDATE: denial of service via buffer overflow in getaddrinfo
- debian/patches/ any/CVE- 2013-4458. patch: fix overflow in
sysdeps/posix/getaddrin fo.c.
- CVE-2013-4458
* SECURITY UPDATE: Directory traversal in locale environment handling
- debian/patches/ any/CVE- 2014-0475. diff: validate locale names in
locale/findlocale. c, locale/setlocale.c, added test to
localedata/tst-setlocale3. c, localedata/ Makefile.
- CVE-2014-0475
* SECURITY UPDATE: use-after-free via posix_spawn_file_actions_ addopen
failing to copy the path argument
- debian/patches/ any/CVE- 2014-4043. diff: properly copy path in
posix/spawn_faction_ addopen. c, posix/spawn_ faction_ destroy. c,
posix/spawn_int. h, added test to posix/tst-spawn.c.
- CVE-2014-4043
* debian/patches/ any/CVE- 2013-4237- part2.diff: fix alignment issue
causing a readdir regression on sparc.
* debian/patches/ any/CVE- 2013-4332- part2.diff: added a couple of extra
commits to fix another overflow and an infinite loop. - 47. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service and possible code execution via
strcoll overflows
- debian/patches/ any/CVE- 2012-44xx. diff: fix overflows in
string/strcoll_ l.c, add test to string/ tst-strcoll- overflow. c,
string/Makefile.
- CVE-2012-4412
- CVE-2012-4424
* SECURITY UPDATE: denial of service in regular expression matcher
- debian/patches/ any/CVE- 2013-0242. diff: fix buffer overrun in
posix/regexec. c, add test to posix/bug- regex34. c, posix/Makefile.
- CVE-2013-0242
* SECURITY UPDATE: denial of service in getaddrinfo
- debian/patches/ any/CVE- 2013-1914. diff: fix overflow in
sysdeps/posix/getaddrin fo.c, add libc_hidden_proto for
__libc_alloca_ cutoff in include/alloca.h, nptl/Versions,
nptl/alloca_ cutoff. c.
- CVE-2013-1914
* SECURITY UPDATE: denial of service and possible code execution via
readdir_r
- debian/patches/ any/CVE- 2013-4237. diff: enforce NAME_MAX limit in
sysdeps/unix/readdir_ r.c, add errcode to sysdeps/ unix/dirstream. h,
sysdeps/unix/opendir. c, sysdeps/ unix/rewinddir. c, remove
GETDENTS_64BIT_ALIGNED from
sysdeps/unix/sysv/ linux/i386/ readdir64_ r.c,
sysdeps/unix/sysv/ linux/wordsize- 64/readdir_ r.c.
- CVE-2013-4237
* SECURITY UPDATE: denial of service and possible code execution via
overflows in memory allocator
- debian/patches/ any/CVE- 2013-4332. diff: check for overflows in
malloc/malloc. c.
- CVE-2013-4332 - 46. By Steve Beattie
-
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/ any/CVE- 2012-3404. patch: Fix allocation when
handling positional parameters in printf.
- CVE-2012-3404
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/ any/CVE- 2012-3405. patch: fix extension of array
- CVE-2012-3405
* SECURITY UPDATE: stack buffer overflow in vfprintf handling
(LP: #1031301)
- debian/patches/ any/CVE- 2012-3406. patch: switch to malloc when
array grows too large to handle via alloca extension
- CVE-2012-3406
* SECURITY UPDATE: stdlib strtod integer/buffer overflows
- debian/patches/ any/CVE- 2012-3480. patch: rearrange calculations
and modify types to void integer overflows
- CVE-2012-3480
* debian/patches/ any/strtod_ overflow_ bug7066. patch: Fix array
overflow in floating point parser triggered by applying patch for
CVE-2012-3480
* debian/testsuite- checking/ expected- results- x86_64- linux-gnu- libc,
debian/testsuite- checking/ expected- results- i486-linux- gnu-libc,
debian/testsuite- checking/ expected- results- i686-linux- gnu-i386,
debian/testsuite- checking/ expected- results- i686-linux- gnu-i686,
debian/testsuite- checking/ expected- results- i686-linux- gnu-xen,
debian/testsuite- checking/ expected- results- sparc64- linux-gnu- sparc64:
update for pre-existing testsuite failures that prevents FTBFS
when the testsuite is enabled. - 45. By Steve Beattie
-
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
- debian/patches/ any/glibc- CVE-2009- 5029.patch: Check values from
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: memory consumption denial of service in fnmatch
- debian/patches/ any/glibc- CVE-2011- 1071.patch: avoid too much
stack use in fnmatch.
- CVE-2011-1071
* SECURITY UPDATE: /etc/mtab corruption denial of service
- debian/patches/ any/glibc- CVE-2011- 1089.patch: Report write
error in addmnt even for cached streams
- CVE-2011-1089
* SECURITY UPDATE: insufficient locale environment sanitization
- debian/patches/ any/glibc- CVE-2011- 1095.patch: escape contents of
LANG environment variable.
- CVE-2011-1095
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/patches/ any/glibc- CVE-2011- 1658.patch: improve handling of
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
- debian/patches/ any/glibc- CVE-2011- 1659.patch: check size of
pattern in wide character representation
- CVE-2011-1659
* SECURITY UPDATE: signedness bug in memcpy_ssse3
- debian/patches/ any/glibc- CVE-2011- 2702.patch: use unsigned
comparison instructions
- CVE-2011-2702
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/patches/ any/glibc- CVE-2011- 4609.patch: nanosleep when too
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/patches/ any/glibc- CVE-2012- 0864.patch: check for integer
overflow
- CVE-2012-0864
* debian/testsuite- checking/ expected- results- x86_64- linux-gnu- libc,
debian/testsuite- checking/ expected- results- i686-linux- gnu-i386,
debian/testsuite- checking/ expected- results- arm-linux- gnueabi- libc:
update for pre-existing testsuite failures that prevents FTBFS
when the testsuite is enabled. - 44. By Kees Cook
-
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/ any/dst- expansion- fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid- on-audit. diff: upstream fix for CVE-2010-3856,
which was already had a work-around in 2.11.1-0ubuntu7.5. - 43. By Kees Cook
-
* SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
- debian/patches/ any/dst- expansion- fix.diff: upstream fixes.
- CVE-2010-3847
- debian/patches/ any/disable- ld_audit. diff: turn off LD_AUDIT
for setuid binaries. - 42. By Kees Cook
-
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
- debian/patches/ any/git- mntent- newline- escape. diff: upstream fixes.
- CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
- debian/patches/ any/git- fix-dtag- cast.diff: upstream fixes.
- CVE-2010-0830 - 41. By Michael Vogt
-
Fix logic that tests if gdm needs a restart or a reload
to handle both the initscript and upstart cases. This fixes
a gdm restart during a hardy to lucid upgrade (LP: #568292) - 40. By Matthias Klose
-
[ Kees Cook ]
* [BZ #11333], Handle unnecessary padding in getdents64. LP: #392501.[ Matthias Klose ]
* Apply from the 2.11-x86 branch:
- Fix bugs in strcmp-sse4.S and strcmp-ssse3.S (H.J. Lu). LP: #563291.
- Fix bugs in memcpy-ssse3. LP: #560135.
* Assign global scope to RFC 1918 addresses in getaddrinfo(). Thanks
Tore Anderson. LP: #555210.
* Re-enable the local-ipv6-lookup patch. Addresses #417757.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
