ubuntu/+source/eglibc:applied/ubuntu/maverick-devel

Last commit made on 2012-03-09
Get this branch:
git clone -b applied/ubuntu/maverick-devel https://git.launchpad.net/ubuntu/+source/eglibc
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/maverick-devel
Repository:
lp:ubuntu/+source/eglibc

Recent commits

bd1b9d4... by Steve Beattie on 2012-03-06

Import patches-applied version 2.12.1-0ubuntu10.4 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: a1b25a2838cd22e64ec8f1f9fbf3e83a260186df
Unapplied parent: 3c712cbc63db8404f4673668e93ba8664d943426

New changelog entries:
  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE: memory consumption denial of service in fnmatch
    - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
      stack use in fnmatch.
    - CVE-2011-1071
  * SECURITY UPDATE: /etc/mtab corruption denial of service
    - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
      error in addmnt even for cached streams
    - CVE-2011-1089
  * SECURITY UPDATE: insufficient locale environment sanitization
    - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
      LANG environment variable.
    - CVE-2011-1095
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: fnmatch integer overflow
    - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
      pattern in wide character representation
    - CVE-2011-1659
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864

3c712cb... by Steve Beattie on 2012-03-06

Import patches-unapplied version 2.12.1-0ubuntu10.4 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 48eae73aff4c6645e09c8a21058e47357a802af0

New changelog entries:
  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE: memory consumption denial of service in fnmatch
    - debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
      stack use in fnmatch.
    - CVE-2011-1071
  * SECURITY UPDATE: /etc/mtab corruption denial of service
    - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
      error in addmnt even for cached streams
    - CVE-2011-1089
  * SECURITY UPDATE: insufficient locale environment sanitization
    - debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
      LANG environment variable.
    - CVE-2011-1095
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: fnmatch integer overflow
    - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
      pattern in wide character representation
    - CVE-2011-1659
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864

a1b25a2... by Matthias Klose on 2011-01-19

Import patches-applied version 2.12.1-0ubuntu10.2 to applied/ubuntu/maverick-proposed

Imported using git-ubuntu import.

Changelog parent: eb6f3542f8cb889f1afbe64a9c875bcf8f39109f
Unapplied parent: 48eae73aff4c6645e09c8a21058e47357a802af0

New changelog entries:
  [ Clint Byrum ]
  * do not run 'telinit u' on upgrade, as this will break upstart.
    touch /var/run/init.upgraded instead, which will force a re-exec just
    before remounting root read-only. LP: #672177, LP: #694772.
  [ Matthias Klose ]
  * Call locale-gen --purge when updating from eglibc-2.11.x. LP: #504198.

48eae73... by Matthias Klose on 2011-01-19

Import patches-unapplied version 2.12.1-0ubuntu10.2 to ubuntu/maverick-proposed

Imported using git-ubuntu import.

Changelog parent: 432b3bae72d93d08c273ac5f44ad2a851450aca6

New changelog entries:
  [ Clint Byrum ]
  * do not run 'telinit u' on upgrade, as this will break upstart.
    touch /var/run/init.upgraded instead, which will force a re-exec just
    before remounting root read-only. LP: #672177, LP: #694772.
  [ Matthias Klose ]
  * Call locale-gen --purge when updating from eglibc-2.11.x. LP: #504198.

eb6f354... by Kees Cook on 2011-01-11

Import patches-applied version 2.12.1-0ubuntu10.1 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 55ab10b890027da86c064bc14c5905ed242c227b
Unapplied parent: 432b3bae72d93d08c273ac5f44ad2a851450aca6

New changelog entries:
  * SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
    - debian/patches/any/dst-expansion-fix.diff: refresh with new
      proposed solution, avoiding iconv issues.
    - any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
      which was already had a work-around in 2.12.1-0ubuntu8.

432b3ba... by Kees Cook on 2011-01-11

Import patches-unapplied version 2.12.1-0ubuntu10.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 49603f76d279010f623fed5cd4b4dcd9d5834524

New changelog entries:
  * SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
    - debian/patches/any/dst-expansion-fix.diff: refresh with new
      proposed solution, avoiding iconv issues.
    - any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
      which was already had a work-around in 2.12.1-0ubuntu8.

55ab10b... by Matthias Klose on 2010-11-14

Import patches-applied version 2.12.1-0ubuntu10 to applied/ubuntu/maverick-proposed

Imported using git-ubuntu import.

Changelog parent: f2a9f7ce2680f16cecab28d299218cd5daa6c96f
Unapplied parent: 49603f76d279010f623fed5cd4b4dcd9d5834524

New changelog entries:
  * any/cvs-at-pagesize.diff: Don't assume AT_PAGESIZE is always available.
    LP: #672352.
  * Fix issue #12159, x86-64 strchr propagation of search byte into all bytes
    of SSE register.
  * Fix issue12113, alignment of AVX safe area on x86_64. LP: #662511.
  * Fix ifunc thunk for strspn on x86 in static libc. LP: #615953.

49603f7... by Matthias Klose on 2010-11-14

Import patches-unapplied version 2.12.1-0ubuntu10 to ubuntu/maverick-proposed

Imported using git-ubuntu import.

Changelog parent: dfe7564fdbd4c5b92cd2558245c0c117d89fa883

New changelog entries:
  * any/cvs-at-pagesize.diff: Don't assume AT_PAGESIZE is always available.
    LP: #672352.
  * Fix issue #12159, x86-64 strchr propagation of search byte into all bytes
    of SSE register.
  * Fix issue12113, alignment of AVX safe area on x86_64. LP: #662511.
  * Fix ifunc thunk for strspn on x86 in static libc. LP: #615953.

f2a9f7c... by Anders Kaseorg on 2010-11-01

Import patches-applied version 2.12.1-0ubuntu9 to applied/ubuntu/maverick-proposed

Imported using git-ubuntu import.

Changelog parent: 11a0e910299b865e3c8767ab466cfe37f2437ba2
Unapplied parent: dfe7564fdbd4c5b92cd2558245c0c117d89fa883

New changelog entries:
  * debian/patches/any/cvs-getlogin_r-error-handling-1.patch,
    debian/patches/any/cvs-getlogin_r-error-handling-2.patch,
    debian/patches/any/cvs-getlogin_r-error-handling-3.patch:
    Take upstream commits c8727fa6, 5305f9b0, d48b7607 from
    release/2.12/master to fix a crash in getlogin(). (LP: #658907)

dfe7564... by Anders Kaseorg on 2010-11-01

Import patches-unapplied version 2.12.1-0ubuntu9 to ubuntu/maverick-proposed

Imported using git-ubuntu import.

Changelog parent: eacdd627ecd5a242daaa42ff59be468ce0ae6e48

New changelog entries:
  * debian/patches/any/cvs-getlogin_r-error-handling-1.patch,
    debian/patches/any/cvs-getlogin_r-error-handling-2.patch,
    debian/patches/any/cvs-getlogin_r-error-handling-3.patch:
    Take upstream commits c8727fa6, 5305f9b0, d48b7607 from
    release/2.12/master to fix a crash in getlogin(). (LP: #658907)