lp:ubuntu/maverick-updates/eglibc
- Get this branch:
- bzr branch lp:ubuntu/maverick-updates/eglibc
Branch merges
Branch information
Recent revisions
- 58. By Steve Beattie
-
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
- debian/patches/ any/glibc- CVE-2009- 5029.patch: Check values from
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: memory consumption denial of service in fnmatch
- debian/patches/ any/glibc- CVE-2011- 1071.patch: avoid too much
stack use in fnmatch.
- CVE-2011-1071
* SECURITY UPDATE: /etc/mtab corruption denial of service
- debian/patches/ any/glibc- CVE-2011- 1089.patch: Report write
error in addmnt even for cached streams
- CVE-2011-1089
* SECURITY UPDATE: insufficient locale environment sanitization
- debian/patches/ any/glibc- CVE-2011- 1095.patch: escape contents of
LANG environment variable.
- CVE-2011-1095
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/patches/ any/glibc- CVE-2011- 1658.patch: improve handling of
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
- debian/patches/ any/glibc- CVE-2011- 1659.patch: check size of
pattern in wide character representation
- CVE-2011-1659
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/patches/ any/glibc- CVE-2011- 4609.patch: nanosleep when too
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/patches/ any/glibc- CVE-2012- 0864.patch: check for integer
overflow
- CVE-2012-0864 - 57. By Kees Cook
-
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/ any/dst- expansion- fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid- on-audit. diff: upstream fix for CVE-2010-3856,
which was already had a work-around in 2.12.1-0ubuntu8. - 56. By Kees Cook
-
* SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
- debian/patches/ any/dst- expansion- fix.diff: upstream fixes.
- CVE-2010-3847
- debian/patches/ any/disable- ld_audit. diff: turn off LD_AUDIT
for setuid binaries. - 54. By Matthias Klose
-
[ Steve Langasek ]
* debian/patches/ arm/local- syscall- mcount. diff: unset CALL_MCOUNT for
__libc_do_syscall. Thanks to Peter Pearse
<email address hidden>. Closes LP: #605030.[ Matthias Klose ]
* Fix _FORITY_SOURCE version of longjmp for Linux/x86-64 (Chung-Lin Tang)
LP: #601030. - 53. By Matthias Klose
-
Again, revert the upstream change from the last upload to
enable running java on the babbage boards. - 52. By Matthias Klose
-
* Reapply the upstream change (tested by Yao Qi). LP: #605042.
2010-06-02 Kirill A. Shutemov <email address hidden>
* elf/dl-reloc.c: Flush cache after solving TEXTRELs if arch
requires it. - 51. By Matthias Klose
-
[ Marcin Juszkiewicz ]
Add build support to only build single stages. LP: #603498. - 50. By Matthias Klose
-
* Build eglibc_
2.12.1. orig.tar. gz, based on 2.12 branch (r11211).
* Provide packaging rules in eglibc-source binary packag. LP: #609162.
* Don't patch the sources when PATCHED_SOURCES is set to `yes'.
LP: #612631. - 49. By Matthias Klose
-
* Revert upstream change:
2010-06-02 Kirill A. Shutemov <email address hidden>
* elf/dl-reloc.c: Flush cache after solving TEXTRELs if arch
requires it.
Breaks the OpenJDK ARM assembler interpreter. LP: #605042.
* expected-results- arm-linux- gnueabi- libc: Remove scanf15, scanf17
and tst-eintr1, passing the tests on the buildds.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/eglibc