-
bd1b9d4...
by
Steve Beattie
on 2012-03-06
-
Import patches-applied version 2.12.1-0ubuntu10.4 to applied/ubuntu/maverick-security
Imported using git-ubuntu import.
Changelog parent: a1b25a2838cd22e64ec8f1f9fbf3e83a260186df
Unapplied parent: 3c712cbc63db8404f4673668e93ba8664d943426
New changelog entries:
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
- debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: memory consumption denial of service in fnmatch
- debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
stack use in fnmatch.
- CVE-2011-1071
* SECURITY UPDATE: /etc/mtab corruption denial of service
- debian/patches/any/glibc-CVE-2011-1089.patch: Report write
error in addmnt even for cached streams
- CVE-2011-1089
* SECURITY UPDATE: insufficient locale environment sanitization
- debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
LANG environment variable.
- CVE-2011-1095
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
- debian/patches/any/glibc-CVE-2011-1659.patch: check size of
pattern in wide character representation
- CVE-2011-1659
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
overflow
- CVE-2012-0864
-
3c712cb...
by
Steve Beattie
on 2012-03-06
-
Import patches-unapplied version 2.12.1-0ubuntu10.4 to ubuntu/maverick-security
Imported using git-ubuntu import.
Changelog parent: 48eae73aff4c6645e09c8a21058e47357a802af0
New changelog entries:
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
- debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: memory consumption denial of service in fnmatch
- debian/patches/any/glibc-CVE-2011-1071.patch: avoid too much
stack use in fnmatch.
- CVE-2011-1071
* SECURITY UPDATE: /etc/mtab corruption denial of service
- debian/patches/any/glibc-CVE-2011-1089.patch: Report write
error in addmnt even for cached streams
- CVE-2011-1089
* SECURITY UPDATE: insufficient locale environment sanitization
- debian/patches/any/glibc-CVE-2011-1095.patch: escape contents of
LANG environment variable.
- CVE-2011-1095
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
- debian/patches/any/glibc-CVE-2011-1659.patch: check size of
pattern in wide character representation
- CVE-2011-1659
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
overflow
- CVE-2012-0864
-
a1b25a2...
by
Matthias Klose
on 2011-01-19
-
Import patches-applied version 2.12.1-0ubuntu10.2 to applied/ubuntu/maverick-proposed
Imported using git-ubuntu import.
Changelog parent: eb6f3542f8cb889f1afbe64a9c875bcf8f39109f
Unapplied parent: 48eae73aff4c6645e09c8a21058e47357a802af0
New changelog entries:
[ Clint Byrum ]
* do not run 'telinit u' on upgrade, as this will break upstart.
touch /var/run/init.upgraded instead, which will force a re-exec just
before remounting root read-only. LP: #672177, LP: #694772.
[ Matthias Klose ]
* Call locale-gen --purge when updating from eglibc-2.11.x. LP: #504198.
-
48eae73...
by
Matthias Klose
on 2011-01-19
-
Import patches-unapplied version 2.12.1-0ubuntu10.2 to ubuntu/maverick-proposed
Imported using git-ubuntu import.
Changelog parent: 432b3bae72d93d08c273ac5f44ad2a851450aca6
New changelog entries:
[ Clint Byrum ]
* do not run 'telinit u' on upgrade, as this will break upstart.
touch /var/run/init.upgraded instead, which will force a re-exec just
before remounting root read-only. LP: #672177, LP: #694772.
[ Matthias Klose ]
* Call locale-gen --purge when updating from eglibc-2.11.x. LP: #504198.
-
eb6f354...
by
Kees Cook
on 2011-01-11
-
Import patches-applied version 2.12.1-0ubuntu10.1 to applied/ubuntu/maverick-security
Imported using git-ubuntu import.
Changelog parent: 55ab10b890027da86c064bc14c5905ed242c227b
Unapplied parent: 432b3bae72d93d08c273ac5f44ad2a851450aca6
New changelog entries:
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/any/dst-expansion-fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
which was already had a work-around in 2.12.1-0ubuntu8.
-
432b3ba...
by
Kees Cook
on 2011-01-11
-
Import patches-unapplied version 2.12.1-0ubuntu10.1 to ubuntu/maverick-security
Imported using git-ubuntu import.
Changelog parent: 49603f76d279010f623fed5cd4b4dcd9d5834524
New changelog entries:
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/any/dst-expansion-fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid-on-audit.diff: upstream fix for CVE-2010-3856,
which was already had a work-around in 2.12.1-0ubuntu8.
-
55ab10b...
by
Matthias Klose
on 2010-11-14
-
Import patches-applied version 2.12.1-0ubuntu10 to applied/ubuntu/maverick-proposed
Imported using git-ubuntu import.
Changelog parent: f2a9f7ce2680f16cecab28d299218cd5daa6c96f
Unapplied parent: 49603f76d279010f623fed5cd4b4dcd9d5834524
New changelog entries:
* any/cvs-at-pagesize.diff: Don't assume AT_PAGESIZE is always available.
LP: #672352.
* Fix issue #12159, x86-64 strchr propagation of search byte into all bytes
of SSE register.
* Fix issue12113, alignment of AVX safe area on x86_64. LP: #662511.
* Fix ifunc thunk for strspn on x86 in static libc. LP: #615953.
-
49603f7...
by
Matthias Klose
on 2010-11-14
-
Import patches-unapplied version 2.12.1-0ubuntu10 to ubuntu/maverick-proposed
Imported using git-ubuntu import.
Changelog parent: dfe7564fdbd4c5b92cd2558245c0c117d89fa883
New changelog entries:
* any/cvs-at-pagesize.diff: Don't assume AT_PAGESIZE is always available.
LP: #672352.
* Fix issue #12159, x86-64 strchr propagation of search byte into all bytes
of SSE register.
* Fix issue12113, alignment of AVX safe area on x86_64. LP: #662511.
* Fix ifunc thunk for strspn on x86 in static libc. LP: #615953.
-
f2a9f7c...
by
Anders Kaseorg
on 2010-11-01
-
Import patches-applied version 2.12.1-0ubuntu9 to applied/ubuntu/maverick-proposed
Imported using git-ubuntu import.
Changelog parent: 11a0e910299b865e3c8767ab466cfe37f2437ba2
Unapplied parent: dfe7564fdbd4c5b92cd2558245c0c117d89fa883
New changelog entries:
* debian/patches/any/cvs-getlogin_r-error-handling-1.patch,
debian/patches/any/cvs-getlogin_r-error-handling-2.patch,
debian/patches/any/cvs-getlogin_r-error-handling-3.patch:
Take upstream commits c8727fa6, 5305f9b0, d48b7607 from
release/2.12/master to fix a crash in getlogin(). (LP: #658907)
-
dfe7564...
by
Anders Kaseorg
on 2010-11-01
-
Import patches-unapplied version 2.12.1-0ubuntu9 to ubuntu/maverick-proposed
Imported using git-ubuntu import.
Changelog parent: eacdd627ecd5a242daaa42ff59be468ce0ae6e48
New changelog entries:
* debian/patches/any/cvs-getlogin_r-error-handling-1.patch,
debian/patches/any/cvs-getlogin_r-error-handling-2.patch,
debian/patches/any/cvs-getlogin_r-error-handling-3.patch:
Take upstream commits c8727fa6, 5305f9b0, d48b7607 from
release/2.12/master to fix a crash in getlogin(). (LP: #658907)
