ubuntu/+source/glibc:debian/jessie

Last commit made on 2017-07-22
Get this branch:
git clone -b debian/jessie https://git.launchpad.net/ubuntu/+source/glibc
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/jessie
Repository:
lp:ubuntu/+source/glibc

Recent commits

893c285... by Aurelien Jarno on 2017-06-16

Import patches-unapplied version 2.19-18+deb8u10 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 5a620e8a83abade571cd4785c581b9c259ee645a

New changelog entries:
  * debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff,
    debian/patches/any/local-CVE-2017-1000366-rtld-LD_LIBRARY_PATH.diff,
    debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff: add
    patches to protect the dynamic linker against stack clashes
    (CVE-2017-1000366).
  * debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from
    upstream to disable HWCAP for AT_SECURE programs.

5a620e8... by Aurelien Jarno on 2017-04-27

Import patches-unapplied version 2.19-18+deb8u9 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 3d038196932f5d8848ae8f7a69758b2390a38b29

New changelog entries:
  * Remove patches/any/cvs-resolv-internal-qtype.diff, it breaks the
    libnss/libnss-dns ABI. Reopens: #796106.
  [ Aurelien Jarno ]
  * Update from upstream stable branch:
    - Fix PowerPC sqrt inaccuracy. Closes: #855606.
  * patches/any/cvs-resolv-internal-qtype.diff: patch from upstream to fix a
    NULL pointer dereference in libresolv when receiving a T_UNSPEC internal
    QTYPE (CVE-2015-5180). Closes: #796106.

3d03819... by Aurelien Jarno on 2016-11-24

Import patches-unapplied version 2.19-18+deb8u7 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: b7286c0cc0f480d3020b8c53c5491d408a4be6fb

New changelog entries:
  [ Aurelien Jarno ]
  * Update from upstream stable branch:
    - Do not unconditionally use the fsqrt instruction on 64-bit PowerPC
      CPUs. Closes: #843904.
  * debian/patches/any/cvs-hesiod-resolver.diff: patch from upstream to
    fix a regression introduced by cvs-resolv-ipv6-nameservers.diff in
    hesiod. Closes: #821358.
  * debian/sysdeps/{amd64,i386,x32}.mk: disable lock elision (aka Intel TSX)
    on x86 architectures. This causes programs (wrongly) unlocking an already
    unlocked mutex to abort. More importantly most of the other distributions
    decided to disable it, so we don't want to be the only distribution left
    testing this code path.

b7286c0... by Aurelien Jarno on 2016-09-03

Import patches-unapplied version 2.19-18+deb8u6 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 7827b9763f1a762ffa178f4392971b8980b49736

New changelog entries:
  * Update from upstream stable branch:
    - Fix backtrace hang on armel/armhf, possibly causing a minor
      denial-of-service vulnerability (CVE-2016-6323). Closes: #834752.
    - Fix open and openat functions with O_TMPFILE. Closes: #832521.
    - Drop debian/patches/any/cvs-ld_pointer_guard.diff (merged upstream).
    - Drop debian/patches/any/cvs-mangle-tls_dtor_list.diff (merged upstream).
    - Drop debian/patches/any/cvs-strxfrm-buffer-overflows.diff (merged
      upstream).
  * debian/patches/any/submitted-resolv-ipv6-nameservers.diff: replace by
    patch cvs-resolv-ipv6-nameservers.diff taken from upstream. This fixes
    mtr on systems using only IPv6 nameservers. Closes: #818281.
  [ Aurelien Jarno ]
  * Update from upstream stable branch:
    - Drop debian/patches/any/local-CVE-2015-7547.diff.
    - Refresh debian/patches/any/cvs-resolv-first-query-failure.diff.
    - Fix assertion failure with unconnectable name server addresses.
      (regression introduced by CVE-2015-7547). Closes: #816669.
    - Fix *context functions on s390x.
    - Fix a buffer overflow in the glob function (CVE-2016-1234).
    - Fix a stack overflow in nss_dns_getnetbyname_r (CVE-2016-3075).
    - Fix a stack overflow in getaddrinfo function (CVE-2016-3706).
    - Fix a stack overflow in Sun RPC clntudp_call() (CVE-2016-4429).

7827b97... by Aurelien Jarno on 2016-02-27

Import patches-unapplied version 2.19-18+deb8u4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: baa063fe858dc6056133733402b2c8404e56164f

New changelog entries:
  [ Aurelien Jarno ]
  * Update from upstream stable branch:
      - Fixes bug18240 failing with a timeout on machines with a lot of swap.
  * patches/any/cvs-grantpt-pty-owner.diff: new patch from upstream to
    improve granpt when /dev/pts is not mounted with the correct options.
  * rules.d/debhelper.mk: only install pt_chown when built.
  * sysdeps/linux.mk: don't build pt_chown (CVE-2013-2207). Closes: #717544.
  [ Aurelien Jarno ]
  * Update from upstream stable branch:
    - Fix segmentation fault caused by passing out-of-range data to strftime()
      (CVE-2015-8776). Closes: #812445.
    - Fix an integer overflow in hcreate() and hcreate_r() (CVE-2015-8778).
      Closes: #812441.
    - Fix multiple unbounded stack allocations in catopen() (CVE-2015-8779).
      Closes: #812455.
  * patches/any/local-CVE-2015-7547.diff: new patch to fix glibc getaddrinfo
    stack-based buffer overflow (CVE-2015-7547).

baa063f... by Aurelien Jarno on 2015-12-28

Import patches-unapplied version 2.19-18+deb8u2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c5c3bde82f4682a81d2d74cf137793a920de9190

New changelog entries:
  [ Aurelien Jarno ]
  * Update from upstream stable branch:
    - Fix getaddrinfo sometimes returning uninitialized data with nscd.
      Closes: #798515.
    - Fix data corruption while reading the NSS files database
      (CVE-2015-5277). Closes: #799966.
    - Fix buffer overflow (read past end of buffer) in internal_fnmatch.
    - Fix _IO_wstr_overflow integer overflow.
    - Fix unexpected closing of nss_files databases after lookups,
      causing denial of service (CVE-2014-8121). Closes: #779587.
    - Fix NSCD netgroup cache. Closes: #800523.
  * patches/any/cvs-ld_pointer_guard.diff: new patch from upstream to
    unconditionally disable LD_POINTER_GUARD. Closes: #798316, #801691.
  * patches/any/cvs-mangle-tls_dtor_list.diff: new patch from upstream to
    mangle function pointers in tls_dtor_list. Closes: #802256.
  * patches/any/cvs-strxfrm-buffer-overflows.diff: new patch from upstream
    to fix memory allocations issues that can lead to buffer overflows on
    the stack. Closes: #803927.
  [ Henrique de Moraes Holschuh ]
  * Replace patches/amd64/local-blacklist-on-TSX-Haswell.diff by
    local-blacklist-for-Intel-TSX.diff also blacklisting some Broadwell
    models. Closes: #800574.

c5c3bde... by Aurelien Jarno on 2015-08-29

Import patches-unapplied version 2.19-18+deb8u1 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: f7bb07c6b4dc1d41375ceb80a97bca9b15df5803

New changelog entries:
  [ Aurelien Jarno ]
  * Update from upstream stable branch:
    - Fix pthread_mutex_trylock with lock elision. Closes: #759197,
      #788999.
    - Fix gprof entry point on ppc64el. Closes: #794222.
    - Fix a buffer overflow in getanswer_r (CVE-2015-1781).
      Closes: #796105.

f7bb07c... by Aurelien Jarno on 2015-04-14

Import patches-unapplied version 2.19-18 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c308309d4454f12fe8f60a0e518df296634d0f60

New changelog entries:
  [ Aurelien Jarno ]
  * debhelper.in/locales.templates: allow the C.UTF-8 locale to be
    selected as the default locale. Closes: #782241.

c308309... by Aurelien Jarno on 2015-03-14

Import patches-unapplied version 2.19-17 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 48c05a21c9ecc426b8fab784fa72e9e4b735dce5

New changelog entries:
  [ Adam Conrad ]
  * debian/rules.d/debhelper.mk: Unconditionally create tmp.substvars.
    Closes: #780431.

48c05a2... by Aurelien Jarno on 2015-03-12

Import patches-unapplied version 2.19-16 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a88028422e55d7f877876fe2f0e1996d53d46f73

New changelog entries:
  [ Samuel Thibault ]
  * patches/hurd-i386/cvs-libpthread-dlopen.diff: New patch to allow
    libpthread.so to be dynamically loaded from a dlopened library.
  * patches/hurd-i386/cvs-libpthread-libc-lockP{,2}.diff: New patch to
    dynamically call pthread functions from libc.
  [ Aurelien Jarno ]
  * We have a transition mechanism for the locales, as the Debian archive
    used to expose arch:all packages on all architectures even when the
    corresponding arch:any package is not available yet. This has been
    fixed long time ago, the transition mechanism has not been used
    correctly for a lot of time and has been broken by the split out of
    libc-bin. The breakage has been partially fixed by the "Breaks: locales
    (<< 2.19)" added to libc6. It's now time to add the missing "Depends:
    libc-bin (>> 2.19)" to locales and remove the transition mechanism.
    Closes: #583088, #779442
  * patches/any/cvs-ldconfig-aux-cache.diff: new patch from upstream to
    ignore corrupted aux-cache instead of segfaulting. Closes: #759530.