lp:ubuntu/oneiric-security/eglibc

Created by Ubuntu Package Importer on 2013-08-28 and last modified on 2013-08-28
Get this branch:
bzr branch lp:ubuntu/oneiric-security/eglibc
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Abandoned

Recent revisions

241. By Steve Beattie on 2012-09-18

* SECURITY UPDATE: buffer overflow in vfprintf handling
  - debian/patches/any/CVE-2012-3404.patch: Fix allocation when
    handling positional parameters in printf.
  - CVE-2012-3404
* SECURITY UPDATE: buffer overflow in vfprintf handling
  - debian/patches/any/CVE-2012-3405.patch: fix extension of array
  - CVE-2012-3405
* SECURITY UPDATE: stack buffer overflow in vfprintf handling
  (LP: #1031301)
  - debian/patches/any/CVE-2012-3406.patch: switch to malloc when
    array grows too large to handle via alloca extension
  - CVE-2012-3406
* SECURITY UPDATE: stdlib strtod integer/buffer overflows
  - debian/patches/any/CVE-2012-3480.patch: rearrange calculations
    and modify types to void integer overflows
  - CVE-2012-3480

240. By Steve Beattie on 2012-03-06

* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
  - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
    TZ file header
  - CVE-2009-5029
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
  RPATHs with $ORIGIN
  - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
    RPATH and ORIGIN
  - CVE-2011-1658
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
  - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
    many open fds is detected
  - CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
  check bypass
  - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
    overflow
  - CVE-2012-0864

239. By Matthias Klose on 2011-10-04

libc6-dev: Don't break the current {gnat,gcj}-4.4-base versons. LP: #853688.

238. By Michael Vogt on 2011-09-30

* debian/control:
  - help the apt resolver with the gcc-4.4 upgrade by providing
    explicit breaks against {gnat,gcc,gcj}-{4.4,4.5}-base (LP: #853688)

237. By Matthias Klose on 2011-09-26

* Fix pthread/fork race/deadlock. LP: #838975.
  - Avoid race between {,__de}allocate_stack and __reclaim_stacks during fork.

* Merge from Debian:

[ Aurelien Jarno ]
* Add debian/patches/cvs-dl_close-scope-handling.diff from upstream to
  fix issues with dl_close() when resolving locally-defined symbols.
  Closes: #625250.
* patches/i386/local-cpuid-level2.diff: fix a typo. Closes: #609389.

236. By Colin Watson on 2011-09-13

Back out Debian r4943 ("Don't include ISO14651 collation rules in
C.UTF-8 locale") for now; this breaks regcomp on character ranges, which
exposed a bug in apt, and seems likely to cause other problems, so is
too risky a change for this point in our release cycle (LP: #848907).

235. By Matthias Klose on 2011-09-09

[ Colin Watson ]
* Revert change from 2.13-17ubuntu2 now that data.tar.xz support is
  deployed in Launchpad. Add Pre-Depends: dpkg (>= 1.15.6) to affected
  packages.

[ Dr. David Alan Gilbert ]
* ARM strchr: mask r1 to char (LP: #842258)

[ Matthias Klose ]
* Merge with Debian (r4955).

234. By Matthias Klose on 2011-08-23

Compress all binary packages using standard compression, to
work around #832354.

233. By Matthias Klose on 2011-08-23

Merge with Debian (r4918).

232. By Matthias Klose on 2011-08-15

* Mark ARM __clone as .cantunwind (taken from the trunk).
* Re-enable running the testsuite.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/saucy/eglibc
This branch contains Public information 
Everyone can see this information.

Subscribers