ubuntu/+source/eglibc:applied/ubuntu/lucid-proposed

Last commit made on 2012-11-15
Get this branch:
git clone -b applied/ubuntu/lucid-proposed https://git.launchpad.net/ubuntu/+source/eglibc
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/lucid-proposed
Repository:
lp:ubuntu/+source/eglibc

Recent commits

568ab6f... by Adam Conrad on 2012-11-14

Import patches-applied version 2.11.1-0ubuntu7.12 to applied/ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: b5ff6e877c0c0ccc4c7d5cd9c3140dff461b5036
Unapplied parent: eceb5354ea0e0d03d24f5e044f00857ea2a0a4e2

New changelog entries:
  * Pull three interdependent patches from Debian to fix AVX detection
    problems on kernels or CPUs that lack support for it (LP: #979003):
    - amd64/cvs-avx-detection.diff: Improved detection on old kernels.
    - amd64/cvs-dl_trampoline-cfi.diff: fix CFI in dl_trampoline code.
    - amd64/cvs-avx-osxsave.diff: Disable AVX without OSXAVE support.
  * Also backport amd64/submitted-tst-audit6-avx.diff from oneiric to
    skip tests if AVX extensions are not available on the build host.
  * Use non-deprecated --reject-format=unified QUILT_PATCH_OPTS option.

eceb535... by Adam Conrad on 2012-11-14

Import patches-unapplied version 2.11.1-0ubuntu7.12 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: 53fb72b405af09fc3da9fa219014f9662c6c4c8f

New changelog entries:
  * Pull three interdependent patches from Debian to fix AVX detection
    problems on kernels or CPUs that lack support for it (LP: #979003):
    - amd64/cvs-avx-detection.diff: Improved detection on old kernels.
    - amd64/cvs-dl_trampoline-cfi.diff: fix CFI in dl_trampoline code.
    - amd64/cvs-avx-osxsave.diff: Disable AVX without OSXAVE support.
  * Also backport amd64/submitted-tst-audit6-avx.diff from oneiric to
    skip tests if AVX extensions are not available on the build host.
  * Use non-deprecated --reject-format=unified QUILT_PATCH_OPTS option.

b5ff6e8... by Steve Beattie on 2012-09-29

Import patches-applied version 2.11.1-0ubuntu7.11 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 33f2e8a0e4ef0f10a2ab009f8d14bfd86ab4e36a
Unapplied parent: 53fb72b405af09fc3da9fa219014f9662c6c4c8f

New changelog entries:
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3404.patch: Fix allocation when
      handling positional parameters in printf.
    - CVE-2012-3404
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3405.patch: fix extension of array
    - CVE-2012-3405
  * SECURITY UPDATE: stack buffer overflow in vfprintf handling
    (LP: #1031301)
    - debian/patches/any/CVE-2012-3406.patch: switch to malloc when
      array grows too large to handle via alloca extension
    - CVE-2012-3406
  * SECURITY UPDATE: stdlib strtod integer/buffer overflows
    - debian/patches/any/CVE-2012-3480.patch: rearrange calculations
      and modify types to void integer overflows
    - CVE-2012-3480
  * debian/patches/any/strtod_overflow_bug7066.patch: Fix array
    overflow in floating point parser triggered by applying patch for
    CVE-2012-3480
  * debian/testsuite-checking/expected-results-x86_64-linux-gnu-libc,
    debian/testsuite-checking/expected-results-i486-linux-gnu-libc,
    debian/testsuite-checking/expected-results-i686-linux-gnu-i386,
    debian/testsuite-checking/expected-results-i686-linux-gnu-i686,
    debian/testsuite-checking/expected-results-i686-linux-gnu-xen,
    debian/testsuite-checking/expected-results-sparc64-linux-gnu-sparc64:
    update for pre-existing testsuite failures that prevents FTBFS
    when the testsuite is enabled.

53fb72b... by Steve Beattie on 2012-09-29

Import patches-unapplied version 2.11.1-0ubuntu7.11 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 13a14210bc18c98b3cd8c49d7e1e5367464123bd

New changelog entries:
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3404.patch: Fix allocation when
      handling positional parameters in printf.
    - CVE-2012-3404
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3405.patch: fix extension of array
    - CVE-2012-3405
  * SECURITY UPDATE: stack buffer overflow in vfprintf handling
    (LP: #1031301)
    - debian/patches/any/CVE-2012-3406.patch: switch to malloc when
      array grows too large to handle via alloca extension
    - CVE-2012-3406
  * SECURITY UPDATE: stdlib strtod integer/buffer overflows
    - debian/patches/any/CVE-2012-3480.patch: rearrange calculations
      and modify types to void integer overflows
    - CVE-2012-3480
  * debian/patches/any/strtod_overflow_bug7066.patch: Fix array
    overflow in floating point parser triggered by applying patch for
    CVE-2012-3480
  * debian/testsuite-checking/expected-results-x86_64-linux-gnu-libc,
    debian/testsuite-checking/expected-results-i486-linux-gnu-libc,
    debian/testsuite-checking/expected-results-i686-linux-gnu-i386,
    debian/testsuite-checking/expected-results-i686-linux-gnu-i686,
    debian/testsuite-checking/expected-results-i686-linux-gnu-xen,
    debian/testsuite-checking/expected-results-sparc64-linux-gnu-sparc64:
    update for pre-existing testsuite failures that prevents FTBFS
    when the testsuite is enabled.

33f2e8a... by Steve Beattie on 2012-03-07

Import patches-applied version 2.11.1-0ubuntu7.10 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 6592cf0f34378c4a763804b1bfaf871126dacdc1
Unapplied parent: 13a14210bc18c98b3cd8c49d7e1e5367464123bd

New changelog entries:
  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE: memory consumption denial of service in fnmatch
    - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
      stack use in fnmatch.
    - CVE-2011-1071
  * SECURITY UPDATE: /etc/mtab corruption denial of service
    - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
      error in addmnt even for cached streams
    - CVE-2011-1089
  * SECURITY UPDATE: insufficient locale environment sanitization
    - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
      LANG environment variable.
    - CVE-2011-1095
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: fnmatch integer overflow
    - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
      pattern in wide character representation
    - CVE-2011-1659
  * SECURITY UPDATE: signedness bug in memcpy_ssse3
    - debian/patches/any/glibc-CVE-2011-2702.patch: use unsigned
      comparison instructions
    - CVE-2011-2702
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864
  * debian/testsuite-checking/expected-results-x86_64-linux-gnu-libc,
    debian/testsuite-checking/expected-results-i686-linux-gnu-i386,
    debian/testsuite-checking/expected-results-arm-linux-gnueabi-libc:
    update for pre-existing testsuite failures that prevents FTBFS
    when the testsuite is enabled.

13a1421... by Steve Beattie on 2012-03-07

Import patches-unapplied version 2.11.1-0ubuntu7.10 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: bbf9dd14aecfe5cc9a17f7da1ceb88346973c9e0

New changelog entries:
  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE: memory consumption denial of service in fnmatch
    - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
      stack use in fnmatch.
    - CVE-2011-1071
  * SECURITY UPDATE: /etc/mtab corruption denial of service
    - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
      error in addmnt even for cached streams
    - CVE-2011-1089
  * SECURITY UPDATE: insufficient locale environment sanitization
    - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
      LANG environment variable.
    - CVE-2011-1095
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: fnmatch integer overflow
    - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
      pattern in wide character representation
    - CVE-2011-1659
  * SECURITY UPDATE: signedness bug in memcpy_ssse3
    - debian/patches/any/glibc-CVE-2011-2702.patch: use unsigned
      comparison instructions
    - CVE-2011-2702
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864
  * debian/testsuite-checking/expected-results-x86_64-linux-gnu-libc,
    debian/testsuite-checking/expected-results-i686-linux-gnu-i386,
    debian/testsuite-checking/expected-results-arm-linux-gnueabi-libc:
    update for pre-existing testsuite failures that prevents FTBFS
    when the testsuite is enabled.

6592cf0... by Matthias Klose on 2011-01-19

Import patches-applied version 2.11.1-0ubuntu7.8 to applied/ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: dc11197832849446d2012eb8f59f49d7d631d810
Unapplied parent: bbf9dd14aecfe5cc9a17f7da1ceb88346973c9e0

New changelog entries:
  [ Matthias Klose ]
  * Fix issue #12077, __strncmp_ssse3 can segfault when it over-reads
    its buffer. LP: #702190.
  [ Clint Byrum ]
  * do not run 'telinit u' on upgrade, as this will break upstart.
    touch /var/run/init.upgraded instead, which will force a re-exec just
    before remounting root read-only. LP: #672177, LP: #694772.

bbf9dd1... by Matthias Klose on 2011-01-19

Import patches-unapplied version 2.11.1-0ubuntu7.8 to ubuntu/lucid-proposed

Imported using git-ubuntu import.

Changelog parent: ff6cc87379dedcdad7e2e55934cb370a8adcb499

New changelog entries:
  [ Matthias Klose ]
  * Fix issue #12077, __strncmp_ssse3 can segfault when it over-reads
    its buffer. LP: #702190.
  [ Clint Byrum ]
  * do not run 'telinit u' on upgrade, as this will break upstart.
    touch /var/run/init.upgraded instead, which will force a re-exec just
    before remounting root read-only. LP: #672177, LP: #694772.

dc11197... by Kees Cook on 2011-01-11

Import patches-applied version 2.11.1-0ubuntu7.7 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 6ea916b745d604eb849fd275e71381d25378238f
Unapplied parent: ff6cc87379dedcdad7e2e55934cb370a8adcb499

New changelog entries:
  * SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
    - debian/patches/any/dst-expansion-fix.diff: refresh with new
      proposed solution, avoiding iconv issues.
    - any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
      which was already had a work-around in 2.11.1-0ubuntu7.5.

ff6cc87... by Kees Cook on 2011-01-11

Import patches-unapplied version 2.11.1-0ubuntu7.7 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: b9317b4751a0e6a6b191783ea531c301d383433f

New changelog entries:
  * SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
    - debian/patches/any/dst-expansion-fix.diff: refresh with new
      proposed solution, avoiding iconv issues.
    - any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
      which was already had a work-around in 2.11.1-0ubuntu7.5.