Created by James Westby on 2010-10-22 and last modified on 2013-06-25
Get this branch:
bzr branch lp:ubuntu/maverick-security/eglibc
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

58. By Steve Beattie on 2012-03-06

* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
  - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
    TZ file header
  - CVE-2009-5029
* SECURITY UPDATE: memory consumption denial of service in fnmatch
  - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
    stack use in fnmatch.
  - CVE-2011-1071
* SECURITY UPDATE: /etc/mtab corruption denial of service
  - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
    error in addmnt even for cached streams
  - CVE-2011-1089
* SECURITY UPDATE: insufficient locale environment sanitization
  - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
    LANG environment variable.
  - CVE-2011-1095
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
  - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
  - CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
  - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
    pattern in wide character representation
  - CVE-2011-1659
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
  - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
    many open fds is detected
  - CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
  check bypass
  - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
  - CVE-2012-0864

57. By Kees Cook on 2011-01-11

* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
  - debian/patches/any/dst-expansion-fix.diff: refresh with new
    proposed solution, avoiding iconv issues.
  - any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
    which was already had a work-around in 2.12.1-0ubuntu8.

56. By Kees Cook on 2010-10-21

* SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
  - debian/patches/any/dst-expansion-fix.diff: upstream fixes.
  - CVE-2010-3847
  - debian/patches/any/disable-ld_audit.diff: turn off LD_AUDIT
    for setuid binaries.

55. By Matthias Klose on 2010-09-10

Fix applying the local-syscall-mcount.diff.

54. By Matthias Klose on 2010-09-10

[ Steve Langasek ]
* debian/patches/arm/local-syscall-mcount.diff: unset CALL_MCOUNT for
  __libc_do_syscall. Thanks to Peter Pearse
  <email address hidden>. Closes LP: #605030.

[ Matthias Klose ]
* Fix _FORITY_SOURCE version of longjmp for Linux/x86-64 (Chung-Lin Tang)
  LP: #601030.

53. By Matthias Klose on 2010-09-08

Again, revert the upstream change from the last upload to
enable running java on the babbage boards.

52. By Matthias Klose on 2010-09-06

* Reapply the upstream change (tested by Yao Qi). LP: #605042.
  2010-06-02 Kirill A. Shutemov <email address hidden>
      * elf/dl-reloc.c: Flush cache after solving TEXTRELs if arch
      requires it.

51. By Matthias Klose on 2010-08-23

[ Marcin Juszkiewicz ]
Add build support to only build single stages. LP: #603498.

50. By Matthias Klose on 2010-08-16

* Build eglibc_2.12.1.orig.tar.gz, based on 2.12 branch (r11211).
* Provide packaging rules in eglibc-source binary packag. LP: #609162.
* Don't patch the sources when PATCHED_SOURCES is set to `yes'.
  LP: #612631.

49. By Matthias Klose on 2010-07-14

* Revert upstream change:
  2010-06-02 Kirill A. Shutemov <email address hidden>
      * elf/dl-reloc.c: Flush cache after solving TEXTRELs if arch
      requires it.
  Breaks the OpenJDK ARM assembler interpreter. LP: #605042.
* expected-results-arm-linux-gnueabi-libc: Remove scanf15, scanf17
  and tst-eintr1, passing the tests on the buildds.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.