ubuntu/+source/eglibc:ubuntu/oneiric-security

Last commit made on 2012-10-02
Get this branch:
git clone -b ubuntu/oneiric-security https://git.launchpad.net/ubuntu/+source/eglibc
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/oneiric-security
Repository:
lp:ubuntu/+source/eglibc

Recent commits

cfe3329... by Steve Beattie on 2012-09-19

Import patches-unapplied version 2.13-20ubuntu5.2 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 4ba754b32f71ed5f4ee4c580003ea33e1003f8cc

New changelog entries:
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3404.patch: Fix allocation when
      handling positional parameters in printf.
    - CVE-2012-3404
  * SECURITY UPDATE: buffer overflow in vfprintf handling
    - debian/patches/any/CVE-2012-3405.patch: fix extension of array
    - CVE-2012-3405
  * SECURITY UPDATE: stack buffer overflow in vfprintf handling
    (LP: #1031301)
    - debian/patches/any/CVE-2012-3406.patch: switch to malloc when
      array grows too large to handle via alloca extension
    - CVE-2012-3406
  * SECURITY UPDATE: stdlib strtod integer/buffer overflows
    - debian/patches/any/CVE-2012-3480.patch: rearrange calculations
      and modify types to void integer overflows
    - CVE-2012-3480

4ba754b... by Steve Beattie on 2012-03-06

Import patches-unapplied version 2.13-20ubuntu5.1 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 6a226e9f0e40b3760382b276e2d148ad0be8398c

New changelog entries:
  * SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
    - debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
      TZ file header
    - CVE-2009-5029
  * SECURITY UPDATE: ld.so insecure handling of privileged programs'
    RPATHs with $ORIGIN
    - debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
      RPATH and ORIGIN
    - CVE-2011-1658
  * SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
    - debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
      many open fds is detected
    - CVE-2011-4609
  * SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
    check bypass
    - debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
      overflow
    - CVE-2012-0864

6a226e9... by Matthias Klose on 2011-10-04

Import patches-unapplied version 2.13-20ubuntu5 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 47d2cb5c0dddaf1bc3a90215c8052d1d88823a36

New changelog entries:
  * libc6-dev: Don't break the current {gnat,gcj}-4.4-base versons. LP: #853688.

47d2cb5... by Michael Vogt on 2011-09-30

Import patches-unapplied version 2.13-20ubuntu4 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 5315c5a92e8d3066af61a11851286b83e5575ff4

New changelog entries:
  * debian/control:
    - help the apt resolver with the gcc-4.4 upgrade by providing
      explicit breaks against {gnat,gcc,gcj}-{4.4,4.5}-base (LP: #853688)

5315c5a... by Matthias Klose on 2011-09-26

Import patches-unapplied version 2.13-20ubuntu3 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 7e64af9d88413bc5fecce06871d4096bf9cffcec

New changelog entries:
  * Fix pthread/fork race/deadlock. LP: #838975.
    - Avoid race between {,__de}allocate_stack and __reclaim_stacks during fork.
  * Merge from Debian:
  [ Aurelien Jarno ]
  * Add debian/patches/cvs-dl_close-scope-handling.diff from upstream to
    fix issues with dl_close() when resolving locally-defined symbols.
    Closes: #625250.
  * patches/i386/local-cpuid-level2.diff: fix a typo. Closes: #609389.

7e64af9... by Colin Watson on 2011-09-13

Import patches-unapplied version 2.13-20ubuntu2 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 526f5f66279155810f7b54b015c8111e9192dedd

New changelog entries:
  * Back out Debian r4943 ("Don't include ISO14651 collation rules in
    C.UTF-8 locale") for now; this breaks regcomp on character ranges, which
    exposed a bug in apt, and seems likely to cause other problems, so is
    too risky a change for this point in our release cycle (LP: #848907).

526f5f6... by Matthias Klose on 2011-09-09

Import patches-unapplied version 2.13-20ubuntu1 to ubuntu/oneiric

Imported using git-ubuntu import.

Changelog parent: 564276adf213866b093daab682354c9003a8694e

New changelog entries:
  [ Colin Watson ]
  * Revert change from 2.13-17ubuntu2 now that data.tar.xz support is
    deployed in Launchpad. Add Pre-Depends: dpkg (>= 1.15.6) to affected
    packages.
  [ Dr. David Alan Gilbert ]
  * ARM strchr: mask r1 to char (LP: #842258)
  [ Matthias Klose ]
  * Merge with Debian (r4955).

564276a... by Aurelien Jarno on 2011-09-08

Import patches-unapplied version 2.13-20 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0f3a3c4e7d36ff37b4a6a1cbd68a114bffce5e0e

New changelog entries:
  * debian/debhelper.in/libc.preinst: call /bin/mv with --version so
    that it doesn't return an error. Closes: #640872.

0f3a3c4... by Aurelien Jarno on 2011-09-07

Import patches-unapplied version 2.13-19 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 482d2d6dca53d0d51bbd54b38d39bd9953c01b21

New changelog entries:
  [ Aurelien Jarno ]
  * Change libc_rtlddir to /lib on s390x.
  * Add debian/patches/submitted-glob_h-ifdef.diff to fix an undefined
    preprocessor symbol in some rare conditions. Closes: #639213.
  * debian/sysdeps/sparc64.mk: re-enable multiarch similarly to what
    has been done on sparc.
  * debian/control.in/libc: remove Breaks: on perl. Closes: #640300.
  * debian/patches/localedata/locale-C.diff: Don't include ISO14651
    collation rules in C.UTF-8 locale.
  * Update debian/patches/svn-updates to revision 15228:
    - Drop debian/patches/any/cvs-dl-deps.diff (merged upstream).
    - Drop debian/patches/arm/cvs-align-constant-pool.diff (merged upstream).
  * debian/debhelper.in/libc.preinst: get the dynamic linker from /bin/mv
    instead of /bin/true. Closes: #640753.
  [ Jeremie Koenig ]
  * New patches to improve the signal code on Hurd:
    patches/hurd-i386/submitted-hurdsig-fixes.diff,
    patches/hurd-i386/submitted-hurdsig-global-dispositions.diff,
    patches/hurd-i386/submitted-hurdsig-SA_SIGINFO.diff,
    patches/hurd-i386/submitted-hurdsig-fixes-2.diff.
  * Update testsuite accordingly.
  * Remove patches/hurd-i386/submitted-PTRACE_CONTINUE.diff, now covered by
    submitted-hurdsig-fixes.diff.
  * libc0.3.symbols.hurd-i386: Add version for global-disposition functions.
  [ Samuel Thibault ]
  * Add patches/hurd-i386/submitted-libc_stack_end.diff to fix ruby1.9.1 stack
    detection.
  * Add patches/hurd-i386/submitted-ttyname_ERANGE.diff to fix ttyname error
    value.
  * Add patches/hurd-i386/submitted-DEV_BSIZE.diff to add DEV_BSIZE.
  [ Petr Salinger ]
  * kfreebsd/local-sysdeps.diff: update to revision 3697 (from glibc-bsd).
    - fixes ld.so location used inside ldd on kfreebsd-amd64. Closes: #640156.
    - wrap faccessat() X_OK testing for superuser. Closes: #640325.

482d2d6... by Aurelien Jarno on 2011-08-24

Import patches-unapplied version 2.13-18 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 146d5c151e2c7b6c0bf149de536796cdf543f6a6

New changelog entries:
  * On s390x the PI is /lib/ld64.so.1, so we don't need to move
    ld64.so.1 from /lib to /lib64.