ubuntu/+source/eglibc:ubuntu/precise-devel

Last commit made on 2017-03-24
Get this branch:
git clone -b ubuntu/precise-devel https://git.launchpad.net/ubuntu/+source/eglibc
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/precise-devel
Repository:
lp:ubuntu/+source/eglibc

Recent commits

1478213... by Steve Beattie on 2017-03-23

Import patches-unapplied version 2.15-0ubuntu10.18 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 2c8379e5d1da783171ad805f5e60401ac8896a58

New changelog entries:
  * REGRESSION UPDATE: IPv6 addresses not being returned from a
    dual-stack ipv4-ipv6 host query.
    - Revert patches/any/CVE-2016-3706.diff (LP: #1674776)

2c8379e... by Steve Beattie on 2017-03-21

Import patches-unapplied version 2.15-0ubuntu10.17 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 8c006e4c8e6ea4da3a640963d697cf9aaa84bd33

New changelog entries:
  * REGRESSION UPDATE: Previous update introduce ABI breakage in
    internal glibc query ABI
    - Back out patches/any/CVE-2015-5180-regression.diff
      (LP: #1674532)

8c006e4... by Steve Beattie on 2017-03-06

Import patches-unapplied version 2.15-0ubuntu10.16 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: deca66614212ff3460a3588b7d3e7d5f8864a25d

New changelog entries:
  * SECURITY UPDATE: multiple overflows in strxfrm()
    - patches/any/CVE-2015-8982.diff: Fix memory handling in strxfrm_l
    - CVE-2015-8982
  * SECURITY UPDATE: _IO_wstr_overflow integer overflow
    - patches/any/CVE-2015-8983.diff: Add checks for integer overflow
    - CVE-2015-8983
  * SECURITY UPDATE: buffer overflow (read past end of buffer) in
    internal_fnmatch
    - patches/any/CVE-2015-8984.diff: Remove extra increment when
      skipping over collating symbol inside a bracket expression.
    - CVE-2015-8984
  * SECURITY UPDATE: DNS resolver NULL pointer dereference with
    crafted record type
    - patches/any/CVE-2015-5180.diff: Use out of band signaling for
      internal queries
    - CVE-2015-5180
  * SECURITY UPDATE: stack-based buffer overflow in the glob
    implementation
    - patches/any/CVE-2016-1234.diff: Simplify the interface for the
      GLOB_ALTDIRFUNC callback gl_readdir
    - CVE-2016-1234
  * SECURITY UPDATE: getaddrinfo: stack overflow in hostent conversion
    - patches/any/CVE-2016-3706.diff: Use a heap allocation instead
    - CVE-2016-3706:
  * SECURITY UPDATE: stack exhaustion in clntudp_call
    - patches/any/CVE-2016-4429.diff: Use malloc/free for the error
      payload.
    - CVE-2016-4429
  * SECURITY UPDATE: ARM32 backtrace infinite loop (DoS)
    - patches/any/CVE-2016-6323.diff: mark __startcontext as
      .cantunwind
    - CVE-2016-6323

deca666... by Steve Beattie on 2016-05-26

Import patches-unapplied version 2.15-0ubuntu10.15 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: f7b3665e2bbdea3add1c3be88bd2ddec65dabc92

New changelog entries:
  * REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
    dependency from libm to libc (LP: #1585614)
    - debian/patches/any/CVE-2014-9761-2.diff: keep exporting
      __strto*_nan symbols added to libc.

f7b3665... by Steve Beattie on 2016-04-09

Import patches-unapplied version 2.15-0ubuntu10.14 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 3f7a6a3f0398b8de3788bd14d294daa4a1564a49

New changelog entries:
  * SECURITY UPDATE: buffer overflow in gethostbyname_r and related
    functions
    - debian/patches/any/CVE-2015-1781.diff: take alignment padding
      into account when computing if buffer is too small.
    - CVE-2015-1781
  * SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
    - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
      database during iteration.
    - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
      between getXXent and getXXbyYY NSS calls.
    - CVE-2014-8121
  * SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
    conversion
    - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
      of NaN payloads.
    - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions
      handling of payload strings
    - CVE-2014-9761
  * SECURITY UPDATE: out of range data to strftime() causes segfault
    (denial of service)
    - debian/patches/any/CVE-2015-8776.diff: add range checks to
      strftime() processing
    - CVE-2015-8776
  * SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
    AT_SECURE programs (e.g. setuid), allowing disabling of pointer
    mangling
    - debian/patches/any/CVE-2015-8777.diff: Always enable pointer
      guard
    - CVE-2015-8777
  * SECURITY UPDATE: integer overflow in hcreate and hcreate_r
    - debian/patches/any/CVE-2015-8778.diff: check for large inputs
    - CVE-2015-8778
  * SECURITY UPDATE: unbounded stack allocation in catopen()
    - debian/patches/any/CVE-2015-8779.diff: stop using unbounded
      alloca()
    - CVE-2015-8779
  * SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
    - debian/patches/any/CVE-2016-3075.diff: do not make unneeded
      memory copy on the stack.
    - CVE-2016-3075
  * SECURITY UPDATE: pt_chown privilege escalation
    - debian/patches/any/CVE-2016-2856-pre.diff: add option to
      enable/disable pt_chown.
    - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
      about pty group and permission mode
    - debian/debhelper.in/libc-bin.install: drop installation of
      pt_chown
    - CVE-2016-2856, CVE-2013-2207
  * debian/debhelper.in/libc.postinst: add reboot notifications for
    security updates (LP: #1546457)

3f7a6a3... by Marc Deslauriers on 2016-02-16

Import patches-unapplied version 2.15-0ubuntu10.13 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 9b82e0c0561983ffa355cfe6901dc250c8619971

New changelog entries:
  * SECURITY UPDATE: glibc getaddrinfo stack-based buffer overflow
    - debian/patches/any/CVE-2015-7547-pre1.diff: fix memory leak in
      resolv/nss_dns/dns-host.c.
    - debian/patches/any/CVE-2015-7547-pre2.diff: fix memory leak in
      include/resolv.h, resolv/gethnamaddr.c, resolv/nss_dns/dns-canon.c,
      resolv/nss_dns/dns-host.c, resolv/nss_dns/dns-network.c,
      resolv/res_query.c, resolv/res_send.c.
    - debian/patches/any/CVE-2015-7547.diff: fix buffer handling in
      resolv/nss_dns/dns-host.c, resolv/res_query.c, resolv/res_send.c.
    - CVE-2015-7547

9b82e0c... by Adam Conrad on 2015-03-25

Import patches-unapplied version 2.15-0ubuntu10.12 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 2e2f0dac641cb622f531e2810339331998cacbdd

New changelog entries:
  * cvs-vfprintf-multibyte.diff: Fix "memory exhausted" bug in who, by no
    longer parsing %s format arguments as multibyte strings (LP: #1109327)
  * cvs-__SSE_MATH__-feraiseexcept.diff: Check for __SSE_MATH__ in x86_64
    feraiseexcept to fix backported -m32 builds of GCC 4.8 (LP: #1165387)
  * cvs-canonical-name.diff: Don't incorrectly do a PTR lookup when asked
    to do a canonical lookup for a host using AI_CANONNAME (LP: #1057526)
  * cvs-atomic-fastbins.diff: Fix race in free() of fastbin (LP: #1020210)

2e2f0da... by Marc Deslauriers on 2015-02-25

Import patches-unapplied version 2.15-0ubuntu10.11 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: ed12cd48dbaf6c835ad7ec17a14d998a15d93513

New changelog entries:
  * SECURITY UPDATE: getaddrinfo writes to random file descriptors under
    high load
    - debian/patches/any/cvs-resolv-reuse-fd.diff: reload file descriptor
      after calling reopen in resolv/res_send.c.
    - CVE-2013-7423
  * SECURITY UPDATE: denial of service via endless loop in getaddr_r
    - debian/patches/any/cvs-getnetbyname.diff: iterate over alias names in
      resolv/nss_dns/dns-network.c.
    - CVE-2014-9402
  * SECURITY UPDATE: buffer overflow in wscanf
    - debian/patches/any/cvs-wscanf.diff: calculate correct size in
      stdio-common/vfscanf.c, added test to stdio-common/tst-sscanf.c.
    - CVE-2015-1472
    - CVE-2015-1473

ed12cd4... by Steve Beattie on 2015-01-20

Import patches-unapplied version 2.15-0ubuntu10.10 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 2611c33197900430902567a4f7c4eb38ff7b21b6

New changelog entries:
  * SECURITY UPDATE: buffer overflow in __nss_hostname_digits_dots
    - debian/patches/any/CVE-2015-0235.diff: fix overflow in
      nss/digits_dots.c
    - CVE-2015-0235

2611c33... by Marc Deslauriers on 2014-12-02

Import patches-unapplied version 2.15-0ubuntu10.9 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: b40668aaf06b94803fd07cd043cc7a3c5b6d2007

New changelog entries:
  * SECURITY UPDATE: denial of service in IBM gconv modules
    - debian/patches/any/CVE-2012-6656.diff: fix check in
      iconvdata/ibm930.c.
    - debian/patches/any/cvs-CVE-2014-6040.diff: fix checks in
      iconvdata/ibm*.c.
    - CVE-2012-6656
    - CVE-2014-6040
  * SECURITY UPDATE: arbitrary command execution via wordexp (LP: #1396471)
    - debian/patches/any/CVE-2014-7817.diff: properly handle WRDE_NOCMD in
      posix/wordexp.c, added tests to posix/wordexp-test.c.
    - CVE-2014-7817