ubuntu/+source/eglibc:applied/ubuntu/natty-security

Last commit made on 2012-10-02
Get this branch:
git clone -b applied/ubuntu/natty-security https://git.launchpad.net/ubuntu/+source/eglibc
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/natty-security
Repository:
lp:ubuntu/+source/eglibc

Recent commits

d66402d... by Steve Beattie on 2012-09-20

Import patches-applied version 2.13-0ubuntu13.2 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: ed9b4ca24b01db10639374742513adb13073236c
Unapplied parent: 694c94aa67d9eb8bb1142ce716a59de5aaafd2cc

New changelog entries:
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3404.patch: Fix allocation when
      handling positional parameters in printf.
    - CVE-2012-3404
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3405.patch: fix extension of array
    - CVE-2012-3405
  * SECURITY UPDATE: stack buffer overflow in vfprintf handling
    (LP: #1031301)
    - debian/patches/any/CVE-2012-3406.patch: switch to malloc when
      array grows too large to handle via alloca extension
    - CVE-2012-3406
  * SECURITY UPDATE: stdlib strtod integer/buffer overflows
    - debian/patches/any/CVE-2012-3480.patch: rearrange calculations
      and modify types to void integer overflows
    - CVE-2012-3480

694c94a... by Steve Beattie on 2012-09-20

Import patches-unapplied version 2.13-0ubuntu13.2 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: ca88281ee23956f11fe145a76ee812b397b8bf50

New changelog entries:
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3404.patch: Fix allocation when
      handling positional parameters in printf.
    - CVE-2012-3404
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3405.patch: fix extension of array
    - CVE-2012-3405
  * SECURITY UPDATE: stack buffer overflow in vfprintf handling
    (LP: #1031301)
    - debian/patches/any/CVE-2012-3406.patch: switch to malloc when
      array grows too large to handle via alloca extension
    - CVE-2012-3406
  * SECURITY UPDATE: stdlib strtod integer/buffer overflows
    - debian/patches/any/CVE-2012-3480.patch: rearrange calculations
      and modify types to void integer overflows
    - CVE-2012-3480

ed9b4ca... by Steve Beattie on 2012-03-06

Import patches-applied version 2.13-0ubuntu13.1 to applied/ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 150b63550add24afb8e89111368e51035976b836
Unapplied parent: ca88281ee23956f11fe145a76ee812b397b8bf50

New changelog entries:
  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE: /etc/mtab corruption denial of service
    - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
      error in addmnt even for cached streams
    - CVE-2011-1089
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: fnmatch integer overflow
    - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
      pattern in wide character representation
    - CVE-2011-1659
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864

ca88281... by Steve Beattie on 2012-03-06

Import patches-unapplied version 2.13-0ubuntu13.1 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: 09bae5f468d325c4edcd6e2ae6fcb996d310db57

New changelog entries:
  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE: /etc/mtab corruption denial of service
    - debian/patches/any/glibc-CVE-2011-1089.patch: Report write
      error in addmnt even for cached streams
    - CVE-2011-1089
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: fnmatch integer overflow
    - debian/patches/any/glibc-CVE-2011-1659.patch: check size of
      pattern in wide character representation
    - CVE-2011-1659
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864

150b635... by Steve Langasek on 2011-04-11

Import patches-applied version 2.13-0ubuntu13 to applied/ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 6ff08c73a826a9105041102d5a972453b57dcf78
Unapplied parent: 09bae5f468d325c4edcd6e2ae6fcb996d310db57

New changelog entries:
  * debian/sysdeps/linux.mk: detect when linux-libc-dev has moved its
    headers to the multiarch dir, and create the symlink to the right place
    so we can find those headers for building. LP: #750585.

09bae5f... by Steve Langasek on 2011-04-11

Import patches-unapplied version 2.13-0ubuntu13 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 1dbad3a3d726b0f8f480b762433396ef31f94c8e

New changelog entries:
  * debian/sysdeps/linux.mk: detect when linux-libc-dev has moved its
    headers to the multiarch dir, and create the symlink to the right place
    so we can find those headers for building. LP: #750585.

6ff08c7... by Matthias Klose on 2011-04-05

Import patches-applied version 2.13-0ubuntu12 to applied/ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 9cf2741c721bc3f20f5a04c4a6906ac026e2967c
Unapplied parent: 1dbad3a3d726b0f8f480b762433396ef31f94c8e

New changelog entries:
  * For memcpy-ssse3, enable chk symbols in static builds. LP: #726802.
  * Disable the memcpy multiarch implementaiton on x86_64. LP: #727064.
  * Merge from Debian:
    - Add patches/i386/cvs-cacheinfo.diff to fix empty LEVEL*CACHE* getconf()
      entries for some CPU. Closes: #609389.

1dbad3a... by Matthias Klose on 2011-04-05

Import patches-unapplied version 2.13-0ubuntu12 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: 9489d5e971f73f289b4aa60b57d965c03f50abb3

New changelog entries:
  * For memcpy-ssse3, enable chk symbols in static builds. LP: #726802.
  * Disable the memcpy multiarch implementaiton on x86_64. LP: #727064.
  * Merge from Debian:
    - Add patches/i386/cvs-cacheinfo.diff to fix empty LEVEL*CACHE* getconf()
      entries for some CPU. Closes: #609389.

9cf2741... by Steve Langasek on 2011-03-30

Import patches-applied version 2.13-0ubuntu11 to applied/ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: a6fac6f7e97978e7ad9f14e9759173f3e7e7cf67
Unapplied parent: 9489d5e971f73f289b4aa60b57d965c03f50abb3

New changelog entries:
  * debian/rules.d/build.mk: when building 32-bit biarch libraries for
    64-bit archs, ship an /etc/ld.so.conf/biarch.conf config snippet adding
    /lib32,/usr/lib32 to the path; these are already included in the path
    for the biarch build itself, but the biarch ld.so may be Replaced: by
    the multiarch libc which does not have built-in support for these
    non-standard paths.
  * debian/rules.d/debhelper.mk: the ld.so.conf snippet isn't included in
    all of the alternate libc builds, only in libc6-i386 and libc6-powerpc;
    so we add this by hand to the dh_install invocation for these packages.
    LP: #741949.
  * debian/debhelper.in/libc.preinst: don't restart kdm on upgrade. It may
    no longer be required, and in any case the restart will break running
    sessions so we want to avoid this for beta1. LP: #744944.
  * Provide compatibility symlinks for .o files in /usr/lib. LP: #744908.
  * debian/control.in/libc: Remove the Multi-Arch: same attribute.

9489d5e... by Steve Langasek on 2011-03-30

Import patches-unapplied version 2.13-0ubuntu11 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: e4428c99e57c453c6094be1e2c4472722d140a3f

New changelog entries:
  * debian/rules.d/build.mk: when building 32-bit biarch libraries for
    64-bit archs, ship an /etc/ld.so.conf/biarch.conf config snippet adding
    /lib32,/usr/lib32 to the path; these are already included in the path
    for the biarch build itself, but the biarch ld.so may be Replaced: by
    the multiarch libc which does not have built-in support for these
    non-standard paths.
  * debian/rules.d/debhelper.mk: the ld.so.conf snippet isn't included in
    all of the alternate libc builds, only in libc6-i386 and libc6-powerpc;
    so we add this by hand to the dh_install invocation for these packages.
    LP: #741949.
  * debian/debhelper.in/libc.preinst: don't restart kdm on upgrade. It may
    no longer be required, and in any case the restart will break running
    sessions so we want to avoid this for beta1. LP: #744944.
  * Provide compatibility symlinks for .o files in /usr/lib. LP: #744908.
  * debian/control.in/libc: Remove the Multi-Arch: same attribute.