lp:ubuntu/natty-security/eglibc

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/natty-security/eglibc
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Status:
Development

Recent revisions

142. By Steve Beattie

* SECURITY UPDATE: buffer overflow in vfprintf handling
  - debian/patches/any/CVE-2012-3404.patch: Fix allocation when
    handling positional parameters in printf.
  - CVE-2012-3404
* SECURITY UPDATE: buffer overflow in vfprintf handling
  - debian/patches/any/CVE-2012-3405.patch: fix extension of array
  - CVE-2012-3405
* SECURITY UPDATE: stack buffer overflow in vfprintf handling
  (LP: #1031301)
  - debian/patches/any/CVE-2012-3406.patch: switch to malloc when
    array grows too large to handle via alloca extension
  - CVE-2012-3406
* SECURITY UPDATE: stdlib strtod integer/buffer overflows
  - debian/patches/any/CVE-2012-3480.patch: rearrange calculations
    and modify types to void integer overflows
  - CVE-2012-3480

141. By Steve Beattie

* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
  - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
    TZ file header
  - CVE-2009-5029
* SECURITY UPDATE: /etc/mtab corruption denial of service
  - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
    error in addmnt even for cached streams
  - CVE-2011-1089
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
  RPATHs with $ORIGIN
  - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
    RPATH and ORIGIN
  - CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
  - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
    pattern in wide character representation
  - CVE-2011-1659
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
  - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
    many open fds is detected
  - CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
  check bypass
  - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
    overflow
  - CVE-2012-0864

140. By Steve Langasek

debian/sysdeps/linux.mk: detect when linux-libc-dev has moved its
headers to the multiarch dir, and create the symlink to the right place
so we can find those headers for building. LP: #750585.

139. By Matthias Klose

* For memcpy-ssse3, enable chk symbols in static builds. LP: #726802.
* Disable the memcpy multiarch implementaiton on x86_64. LP: #727064.
* Merge from Debian:
  - Add patches/i386/cvs-cacheinfo.diff to fix empty LEVEL*CACHE* getconf()
    entries for some CPU. Closes: #609389.

138. By Steve Langasek

* debian/rules.d/build.mk: when building 32-bit biarch libraries for
  64-bit archs, ship an /etc/ld.so.conf/biarch.conf config snippet adding
  /lib32,/usr/lib32 to the path; these are already included in the path
  for the biarch build itself, but the biarch ld.so may be Replaced: by
  the multiarch libc which does not have built-in support for these
  non-standard paths.
* debian/rules.d/debhelper.mk: the ld.so.conf snippet isn't included in
  all of the alternate libc builds, only in libc6-i386 and libc6-powerpc;
  so we add this by hand to the dh_install invocation for these packages.
  LP: #741949.
* debian/debhelper.in/libc.preinst: don't restart kdm on upgrade. It may
  no longer be required, and in any case the restart will break running
  sessions so we want to avoid this for beta1. LP: #744944.

137. By Matthias Klose

* Update to r13241 from the eglibc-2.13 branch.
* Create ARM unwind records for system call stubs (Ulrich Weigand).
  LP: #684218.

136. By Steve Langasek

releasing version 2.13-0ubuntu8

135. By Steve Langasek

fix up multiarch-support to get the right dep on hurd-i386 and kfreebsd-i386,
even though we don't build these for Ubuntu

134. By Steve Langasek

Merge the multiarch-support package

133. By Steve Langasek

debian/sysdeps/armhf.mk: use /lib/$(DEB_HOST_MULTIARCH) for rtlddir, so
that we avoid a file conflict with the armel libc and armel+armhf can
be multiarch-coinstallable.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/saucy/eglibc
This branch contains Public information 
Everyone can see this information.

Subscribers