Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/precise-proposed/eglibc
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

315. By Steve Beattie

* SECURITY UPDATE: buffer overflow in gethostbyname_r and related
  - debian/patches/any/CVE-2015-1781.diff: take alignment padding
    into account when computing if buffer is too small.
  - CVE-2015-1781
* SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
  - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
    database during iteration.
  - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
    between getXXent and getXXbyYY NSS calls.
  - CVE-2014-8121
* SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
  - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
    of NaN payloads.
  - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions
    handling of payload strings
  - CVE-2014-9761
* SECURITY UPDATE: out of range data to strftime() causes segfault
  (denial of service)
  - debian/patches/any/CVE-2015-8776.diff: add range checks to
    strftime() processing
  - CVE-2015-8776
* SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
  AT_SECURE programs (e.g. setuid), allowing disabling of pointer
  - debian/patches/any/CVE-2015-8777.diff: Always enable pointer
  - CVE-2015-8777
* SECURITY UPDATE: integer overflow in hcreate and hcreate_r
  - debian/patches/any/CVE-2015-8778.diff: check for large inputs
  - CVE-2015-8778
* SECURITY UPDATE: unbounded stack allocation in catopen()
  - debian/patches/any/CVE-2015-8779.diff: stop using unbounded
  - CVE-2015-8779
* SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
  - debian/patches/any/CVE-2016-3075.diff: do not make unneeded
    memory copy on the stack.
  - CVE-2016-3075
* SECURITY UPDATE: pt_chown privilege escalation
  - debian/patches/any/CVE-2016-2856-pre.diff: add option to
    enable/disable pt_chown.
  - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
    about pty group and permission mode
  - debian/debhelper.in/libc-bin.install: drop installation of
  - CVE-2016-2856, CVE-2013-2207
* debian/debhelper.in/libc.postinst: add reboot notifications for
  security updates (LP: #1546457)

314. By Adam Conrad

* cvs-vfprintf-multibyte.diff: Fix "memory exhausted" bug in who, by no
  longer parsing %s format arguments as multibyte strings (LP: #1109327)
* cvs-__SSE_MATH__-feraiseexcept.diff: Check for __SSE_MATH__ in x86_64
  feraiseexcept to fix backported -m32 builds of GCC 4.8 (LP: #1165387)
* cvs-canonical-name.diff: Don't incorrectly do a PTR lookup when asked
  to do a canonical lookup for a host using AI_CANONNAME (LP: #1057526)
* cvs-atomic-fastbins.diff: Fix race in free() of fastbin (LP: #1020210)

313. By Adam Conrad

* Add patch ubuntu/local-disable-nscd-netgroup-caching.diff to
  disable netgroup caching in the default config (LP: #1068889)
* Backport any/cvs-malloc-deadlock.diff from upstream to prevent
  glibc deadlocking in mallock arena retry paths (LP: #1081734)
* Fix futex issue (BZ #13844), backport from 2.16 (LP: #1091186)
* Drop patch any/local-disable-nscd-host-caching.diff, as this
  bug was apparently resolved upstream a while ago (LP: #613662)
* Add patch any/cvs-ld-self-load.diff to restore ld.so's ability
  to load itself, a behaviour accidentally removed (LP: #1088677)
* Drop dangling libnss_db.so symlink in libc6-dev (LP: #1088773)

312. By Adam Conrad

* Backport fixes for dbl-64 and ldbl-128 issues (LP: #1000498)
* Backport another FMA support patch from glibc master branch.

311. By Adam Conrad

* Backport fix from 2.16 to fix htons() conversion errors on non-x86
  architectures, by correctly casting to uint16_t (LP: #1016349)
* Restore missing AT_EMPTY_PATH definition in fnctl.h (LP: #1010069)
* Backport FMA4/AVX detection from glibc 2.16 (LP: #956051, #979003)
* Backport fixups to AVX-using code to match the detection backport.
* Backport fix from 2.16 for sscanf/realloc deadlock (LP: #1028038)
* Backport for bogus FPE on underflow for exp(double) (LP: #1007457)

310. By Steve Langasek

kdm is not meant to be restarted, only warned about; moving the restart
code to the preinst is causing kdm restarts that will break the desktop
in the middle of the upgrade. Zero out our list of services between the
two uses of the variable. LP: #985735.

309. By Adam Conrad

debian/debhelper.in/libc.preinst: Brown paper bag fix; when we
upgrade from older versions, we don't have our linker in place
before unpacking, however the preisnt wants one, so create a
temporary linker symlink in the new location for one-time use

308. By Adam Conrad

* debian/patches/arm/unsubmitted-armhf-linker.diff: Add the new armhf
  linker to the triplet/LDSO table in ports/sysdeps/arm/shlib-versions
* debian/sysdeps/arm{el,hf}.mk: Stop installing armhf linker to its
  multiarch path, the new standard path is /lib/ld-linux-armhf.so.3
* debian/sysdeps/arm{el,hf}.mk: Define configure targets for alt libs
* debian/sysdeps/arm{el,hf}.mk: Provide compat symlinks in armhf builds
  so that old binaries continue to work without needing rebuilding
* debian/rules.d/build.mk: Change ldd to use the new armhf linker path
* debian/libc6.symbols.armhf: ld-linux-armhf.so.3 depends on having a
  new enough version of libc6 installed to make the linker available
* debian/patches/arm/unsubmitted-soname-hack.diff: Apply unfortunate
  hack to elf/dl-load.c to allow our old binaries keep running with the
  new linker, by spoofing the SONAME of the new as if it were the old
* debian/debhelper.in/libc-udeb.install.armhf: No longer required
* debian/sysdeps/armhf.mk: Create symlink in the udeb for legacy linker
* debian/debhelper.in/libc{,-alt}.postrm: If we remove libc6:i386 before
  libc6-i386:amd64, maintain sanity of /lib/ld-linux.so.2 (LP: #852101)

307. By Adam Conrad

[ James Hunt ]
* debian/debhelper.in/libc.preinst: Moved logic from postinst to
  prompt user for services to restart. We ask here to allow the
  problematic cron to be stopped in the preinst, but defer the restart of
  remaining services until postinst time (LP: #508083).

[ Steve Langasek ]
* debian/debhelper.in/libc.{pre,post}inst: drop special casing of upstart
  jobs when restarting, since the check was completely wrong anyway,
  depending on the no-longer-existent /lib/init/readlink.
* Drop obsolete gdm upgrade handling code that only applies for upgrades
  from hardy to lucid.
* Remove the /etc/ld.so.conf.d/i486-linux-gnu.conf conffile on upgrade on
  i386, since it's no longer shipped and we should give consistent results
  on upgrade and install; and add a Breaks on the three library packages
  in lucid that used this path.

[ Adam Conrad ]
* debian/patches/any/local-nscd-NO_MAPPING.diff: Apply patch from Jeff Law
  to clean up thread handling in __nscd_get_nl_timestamp and resolve a few
  random crashing issues with chromium-browser and ktorrent (LP: #929219)
* debian/rules.d/debhelper.mk: Fix RTLD_SO replacement regex for sanity.

306. By Steve Beattie

* SECURITY UPDATE: denial of service in RPC implementation (LP: #901716)
  - debian/patches/any/local-CVE-2011-4609.patch: nanosleep when too
    many open fds are detected
  - CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
  check bypass (LP: #953171)
  - debian/patches/any/cvs-CVE-2012-0864.patch: check for integer
  - CVE-2012-0864

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.