Change log for glibc package in Ubuntu

175 of 313 results
Published in oracular-proposed
glibc (2.39-3.1ubuntu3) oracular; urgency=medium

  * debian/patches/git-updates.diff: update from upstream stable branch.
    (LP: #2072649)
  * Adjust libc6-dev Breaks to account for binNMU vs no-change uploads
    (LP: #2072657)
  * Revert "Fall back to calling nanosleep syscall
    when __clock_nanosleep returns EINVAL" (LP: #2072766)

 -- Simon Chopin <email address hidden>  Thu, 11 Jul 2024 14:56:23 +0200
Superseded in oracular-proposed
glibc (2.39-3.1ubuntu2) oracular; urgency=medium

  * No-change re-upload

Available diffs

Deleted in oracular-proposed (Reason: Causes issues without the relevant base-files upload, whi...)
glibc (2.39-3.1ubuntu1) oracular; urgency=medium

  * Merge from Debian experimental.
    Dropped changes, no longer needed after Noble:
    - libc6-dev: bump the Replace libc6 version to 2.37-0ubuntu2
    - Adjust libc6-dev Breaks to account for binNMU vs no-change uploads
    - Fix Replaces version for libsotruss.so file move (LP #2042665)
    - d/control.in/i386: fix math-vector-fortran.h file move (LP #2039234)
    - d/control: declare a Breaks on older cyrus-imapd (LP #2011326)
    - Add Breaks on scipy (LP #2052659)
    Dropped changes, obsolete:
    - d/patches/arm/local-vfp-sysdeps.diff: Restore, and add another EABI
      attribute to hopefully avoid upsetting current binutils.
      -> The fixed binutils has been present in the archive since Lunar
    - d/patches/ubuntu/sdt-headers.patch: borrow patch from fedora to fix
      build failure on s390x.
      -> Presumably fixed in systemtap for a while now
    - Ubuntu-specific changelog
      -> We didn't ship it anywhere!
    Dropped, supersed in Debian:
    - Drop patch any/git-c-utf-8-language.diff
    - DEP17: Move files to /usr. (Closes: #1061248)
      -> See below
    - Drop transitional dependency from libc6-dev to libnsl-dev;
      required for bootstrapping libnsl against libtirpc3t64
  * Re-enable frame-pointer optimization on ppc64el (LP: #2064539)
  * Replace frame pointers by -mbackchain on s390x (LP: #2064538)
  * s390x: drop the 32-bit multi-arch variant (LP: #2067350)
  * ppc64el: raise the baseline to match the rest of the distro (LP: #2069040)
  * Remove previous DEP17 diversions in preinst (LP: #2070061)
  * Define _DISTRO_EVADE_TIME_BITS for the build, not setting _TIME_BITS
    and _FILE_OFFSET_BITS in the compiler by default.
  * debian/patches/git-updates.diff: update from upstream stable branch
    (LP: #2062228)

 -- Simon Chopin <email address hidden>  Wed, 12 Jun 2024 18:53:39 +0200

Available diffs

Published in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular)
glibc (2.39-0ubuntu9) oracular; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/any/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-
      based buffer overflow in netgroup cache.
    - CVE-2024-33599
  * SECURITY UPDATE: Null pointer
    - debian/patches/any/CVE-2024-33600_1.patch: CVE-2024-33600: nscd:
      Avoid null pointer crashes after notfound response.
    - debian/patches/any/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do
      not send missing not-found response in addgetnetgrentX.
    - CVE-2024-33600
  * SECURITY UPDATE: Memory corruption
    - debian/patches/any/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-
      2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.
    - CVE-2024-33601
    - CVE-2024-33602

 -- Paulo Flabiano Smorigo <email address hidden>  Mon, 10 Jun 2024 09:37:39 -0300
Published in jammy-updates
Published in jammy-security
glibc (2.35-0ubuntu3.8) jammy-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-
      based buffer overflow in netgroup cache.
    - CVE-2024-33599
  * SECURITY UPDATE: Null pointer
    - debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid
      null pointer crashes after notfound response.
    - debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do
      not send missing not-found response in addgetnetgrentX.
    - CVE-2024-33600
  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-
      2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.
    - CVE-2024-33601
    - CVE-2024-33602

 -- Paulo Flabiano Smorigo <email address hidden>  Mon, 06 May 2024 17:34:28 -0300
Published in noble-updates
Published in noble-security
glibc (2.39-0ubuntu8.2) noble-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-
      based buffer overflow in netgroup cache.
    - CVE-2024-33599
  * SECURITY UPDATE: Null pointer
    - debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid
      null pointer crashes after notfound response.
    - debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do
      not send missing not-found response in addgetnetgrentX.
    - CVE-2024-33600
  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-
      2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.
    - CVE-2024-33601
    - CVE-2024-33602

 -- Paulo Flabiano Smorigo <email address hidden>  Tue, 30 Apr 2024 15:02:13 -0300
Published in mantic-updates
Published in mantic-security
glibc (2.38-1ubuntu6.3) mantic-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-
      based buffer overflow in netgroup cache.
    - CVE-2024-33599
  * SECURITY UPDATE: Null pointer
    - debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid
      null pointer crashes after notfound response.
    - debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do
      not send missing not-found response in addgetnetgrentX.
    - CVE-2024-33600
  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-
      2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.
    - CVE-2024-33601
    - CVE-2024-33602

 -- Paulo Flabiano Smorigo <email address hidden>  Tue, 30 Apr 2024 15:11:13 -0300
Published in focal-updates
Published in focal-security
glibc (2.31-0ubuntu9.16) focal-security; urgency=medium

  * SECURITY UPDATE: Stack-based buffer overflow
    - debian/patches/CVE-2024-33599.patch: CVE-2024-33599: nscd: Stack-
      based buffer overflow in netgroup cache.
    - CVE-2024-33599
  * SECURITY UPDATE: Null pointer
    - debian/patches/CVE-2024-33600_1.patch: CVE-2024-33600: nscd: Avoid
      null pointer crashes after notfound response.
    - debian/patches/CVE-2024-33600_2.patch: CVE-2024-33600: nscd: Do
      not send missing not-found response in addgetnetgrentX.
    - CVE-2024-33600
  * SECURITY UPDATE: Memory corruption
    - debian/patches/CVE-2024-33601_33602.patch: CVE-2024-33601, CVE-
      2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX.
    - CVE-2024-33601
    - CVE-2024-33602

 -- Paulo Flabiano Smorigo <email address hidden>  Tue, 30 Apr 2024 15:20:18 -0300
Superseded in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular)
Superseded in oracular-proposed
Superseded in noble-updates
Superseded in noble-security
glibc (2.39-0ubuntu8.1) noble-security; urgency=medium

  * SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
    - debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes when
      writing escape sequence in iconvdata/Makefile,
      iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
    - CVE-2024-2961

 -- Marc Deslauriers <email address hidden>  Thu, 18 Apr 2024 09:52:32 -0400
Superseded in focal-updates
Superseded in focal-security
glibc (2.31-0ubuntu9.15) focal-security; urgency=medium

  * SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
    - debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes when
      writing escape sequence in iconvdata/Makefile,
      iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
    - CVE-2024-2961

 -- Marc Deslauriers <email address hidden>  Tue, 16 Apr 2024 09:43:50 -0400
Superseded in mantic-updates
Superseded in mantic-security
glibc (2.38-1ubuntu6.2) mantic-security; urgency=medium

  * SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
    - debian/patches/CVE-2024-2961.patch: fix out-of-bound writes when
      writing escape sequence in iconvdata/Makefile,
      iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
    - CVE-2024-2961

 -- Marc Deslauriers <email address hidden>  Tue, 16 Apr 2024 09:38:28 -0400
Superseded in jammy-updates
Superseded in jammy-security
glibc (2.35-0ubuntu3.7) jammy-security; urgency=medium

  * SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
    - debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes when
      writing escape sequence in iconvdata/Makefile,
      iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
    - CVE-2024-2961

 -- Marc Deslauriers <email address hidden>  Tue, 16 Apr 2024 09:40:36 -0400
Superseded in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
glibc (2.39-0ubuntu8) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sat, 30 Mar 2024 07:42:05 +0000
Superseded in noble-proposed
glibc (2.39-0ubuntu7) noble; urgency=medium

  * d/p/ubuntu/apparmor: tests: gracefully handle AppArmor userns mitigation
  * d/tests: disable apparmor userns restrictions (LP: #2059278)
  * Disable CET on the i386 variant on the x32 arch (for c-t-b-p)
  * Add a bug reference to the block of conformance test xfails
  * xfail elf/tst-decorate-maps on ppc64el, failing due to page size (LP: #2058466)
  * debian/patches/git-updates.diff: update from upstream stable branch:
    - LoongArch: Correct {__ieee754, _}_scalb -> {__ieee754, _}_scalbf
    - powerpc: Placeholder and infrastructure/build support to add Power11 related changes.
    - powerpc: Add HWCAP3/HWCAP4 data to TCB for Power Architecture.
    - linux: Use rseq area unconditionally in sched_getcpu (bug 31479)
    - Use gcc __builtin_stdc_* builtins in stdbit.h if possible
    - S390: Do not clobber r7 in clone [BZ #31402] (LP: #2055175)
    - math: Update mips64 ulps
    - mips: FIx clone3 implementation (BZ 31325)
    - arm: Remove wrong ldr from _dl_start_user (BZ 31339)
  * d/p/fix-fortify-source.patch: Fix FTBFS on Noble
  * XFAIL elf/tst-shstk-legacy-1g (tracked in LP 2059603)

 -- Simon Chopin <email address hidden>  Thu, 28 Mar 2024 15:16:51 +0100

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
glibc (2.39-0ubuntu6) noble; urgency=medium

  * Renable CET on x32 from i386 again as it may not work but disabling breaks
    the build.

 -- Michael Hudson-Doyle <email address hidden>  Thu, 14 Mar 2024 10:39:45 +1300
Superseded in noble-proposed
glibc (2.39-0ubuntu5) noble; urgency=medium

  * debian/testsuite-xfail-debian.mk: XFAIL a bunch of the conformance tests
    on armhf presumably caused by the compiler now defaulting to 64-bit time_t
    and off_t. We should understand the issue but to make progress we'll
    ignore them for now.

 -- Michael Hudson-Doyle <email address hidden>  Fri, 01 Mar 2024 18:02:21 +1300

Available diffs

Superseded in noble-proposed
glibc (2.39-0ubuntu4) noble; urgency=medium

  * debian/sysdeps/linux.mk: undefine _TIME_BITS, glibc build breaks if
    this is set.

  [ Simon Chopin ]
  * Add Breaks on scipy (LP: #2052659)
  * Disable CET on x32 from i386 as it doesn't work in that configuration

 -- Steve Langasek <email address hidden>  Thu, 29 Feb 2024 18:44:11 +0000

Available diffs

Superseded in noble-proposed
glibc (2.39-0ubuntu3) noble; urgency=medium

  * Drop transitional dependency from libc6-dev to libnsl-dev; required
    for bootstrapping libnsl against libtirpc3t64.

 -- Steve Langasek <email address hidden>  Thu, 29 Feb 2024 17:52:56 +0000

Available diffs

Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
glibc (2.39-0ubuntu2) noble; urgency=medium

  [ Helmut Grohne ]
  * DEP17: Move files to /usr. (Closes: #1061248)

  [ Julian Andres Klode ]
  * Further adjustments for Ubuntu's ldconfig.real

 -- Julian Andres Klode <email address hidden>  Thu, 22 Feb 2024 12:44:06 +0100

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
glibc (2.39-0ubuntu1) noble; urgency=medium

  * New upstream release
    Contains fixes for the following CVEs:
    - CVE-2023-6246: Heap buffer overflow in __vsyslog_internal()
    - CVE-2023-6779: Heap buffer overflow in __vsyslog_internal()
    - CVE-2023-6780: Integer overflow in __vsyslog_internal()
    Patches:
    - Several patches refreshed
    - d/p/localedata/lv_LV-current.patch: dropped, applied upstream
    - d/p/lp{2031495,2032624}: dropped, applied upstream
    - d/p/any/git-c-utf-8-language.diff: dropped, applied upstream
  * d/p/ubuntu/submitted-tests-gracefully-handle-AppArmor-userns-containment.patch:
    Fix the tests in recent apparmor environments (LP: #2048375)
  * Drop libnss-nis and libnss-nisplus to Suggests (LP: #2045241)
  * Fix Replaces version for libsotruss.so file move (LP: #2042665)
  * Remove libc6-dev dependency on libtirpc-dev (LP: #2045763)
  * Dropped a lot of Ubuntu-specific xfails that are now passing.
  * Drop the -prof variant to instead use frame pointers on all 64-bit
    architectures by default to match the rest of the distro (LP: #2042790)

 -- Simon Chopin <email address hidden>  Thu, 01 Feb 2024 09:44:24 +0100

Available diffs

Superseded in mantic-updates
Superseded in mantic-security
glibc (2.38-1ubuntu6.1) mantic-security; urgency=medium

  * SECURITY UPDATE: multiple syslog() security issues
    - debian/patches/CVE-2023-6246.patch: Fix heap buffer overflow in
      misc/Makefile, misc/syslog.c, misc/tst-syslog-long-progname.c.
    - debian/patches/CVE-2023-6779.patch: Fix heap buffer overflow in
      misc/syslog.c.
    - debian/patches/CVE-2023-6780.patch: Fix integer overflow in
      misc/syslog.c.
    - CVE-2023-6246
    - CVE-2023-6779
    - CVE-2023-6780

 -- Marc Deslauriers <email address hidden>  Wed, 31 Jan 2024 08:04:28 -0500
Superseded in jammy-updates
Superseded in jammy-security
glibc (2.35-0ubuntu3.6) jammy-security; urgency=medium

  * SECURITY REGRESSION: incorrect processing of address family with nscd
    (LP: #2047155)
    - debian/patches/lp2047155/lp2047155-refactor-bits-for-readability.patch:
      split out line processing for 'label', 'precedence' and 'scopev4' into
      separate functions (gaiconf_inet).
    - debian/patches/lp2047155/lp2047155-avoid-if-to-else-jump.patch: clean up
      another antipattern where code flows from an if condition to its else
      counterpart with a goto (gai_init).
    - debian/patches/lp2047155/lp2047155-refactor-code-for-readability.patch:
      refactor the code and make it easier to follow by removing the confusing
      close_retry goto jump (getaddrinfo).
    - debian/patches/lp2047155/
      lp2047155-get-nscd-addresses-fix-subscript-typos.patch: fix the
      subscript on air->family, which was accidentally set to 'count' when it
      should have remained as 'i' (get_nscd_addresses).
    - CVE-2023-4806

 -- Camila Camargo de Matos <email address hidden>  Tue, 02 Jan 2024 10:22:42 -0300
Superseded in focal-updates
Superseded in focal-security
glibc (2.31-0ubuntu9.14) focal-security; urgency=medium

  * SECURITY UPDATE: use-after-free through getcanonname_r plugin call
    - debian/patches/any/CVE-2023-4806.patch: copy h_name over and free it at
      the end (getaddrinfo).
    - CVE-2023-4806
  * SECURITY UPDATE: use-after-free in gaih_inet function
    - debian/patches/any/CVE-2023-4813.patch: simplify allocations and fix
      merge and continue actions.
    - CVE-2023-4813
  * debian/testsuite-xfail-debian.mk: add tst-nss-gai-actions and
    tst-nss-gai-hv2-canonname to xfails (container tests).

 -- Camila Camargo de Matos <email address hidden>  Wed, 22 Nov 2023 10:32:50 -0300
Superseded in jammy-updates
Superseded in jammy-security
glibc (2.35-0ubuntu3.5) jammy-security; urgency=medium

  * SECURITY UPDATE: use-after-free through getcanonname_r plugin call
    - debian/patches/any/CVE-2023-4806-pre1.patch: sort tests and
      tests-container and put one test per line (nss).
    - debian/patches/any/CVE-2023-4806-pre2.patch: simplify canon name
      resolution (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre3.patch: fix leak with AI_ALL
      (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre4.patch: simplify service resolution
      (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre5.patch: make numeric lookup a
      separate routine (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre6.patch: split simple gethostbyname
      into its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre7.patch: split nscd lookup code into
      its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre8.patch: separate nss lookup loop
      into its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre9.patch: make gethosts into a
      function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre10.patch: split loopback lookup into
      its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre11.patch: split result generation
      into its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre12.patch: return EAI_MEMORY on
      allocation failure (gethosts).
    - debian/patches/any/CVE-2023-4806.patch: copy h_name over and free it at
      the end (getaddrinfo).
    - CVE-2023-4806
  * SECURITY UPDATE: use-after-free in gaih_inet function
    - debian/patches/any/CVE-2023-4813.patch: simplify allocations and fix
      merge and continue actions.
    - CVE-2023-4813
  * SECURITY UPDATE: memory leak in getaddrinfo
    - debian/patches/any/CVE-2023-5156.patch: fix leak in getaddrinfo
      introduced by the fix for CVE-2023-4806.
    - CVE-2023-5156

 -- Camila Camargo de Matos <email address hidden>  Wed, 22 Nov 2023 10:18:45 -0300
Published in lunar-updates
Published in lunar-security
glibc (2.37-0ubuntu2.2) lunar-security; urgency=medium

  * SECURITY UPDATE: use-after-free through getcanonname_r plugin call
    - debian/patches/any/CVE-2023-4806.patch: copy h_name over and free it at
      the end (getaddrinfo).
    - CVE-2023-4806
  * SECURITY UPDATE: memory leak in getaddrinfo
    - debian/patches/any/CVE-2023-5156.patch: fix leak in getaddrinfo
      introduced by the fix for CVE-2023-4806.
    - CVE-2023-5156

 -- Camila Camargo de Matos <email address hidden>  Wed, 22 Nov 2023 10:31:12 -0300
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
glibc (2.38-3ubuntu1) noble; urgency=medium

  * debian/patches/git-updates.diff: update from upstream stable branch
    Dropped changes, superseded by the upstream git updates:
    - debian/patches/CVE-2023-4911.patch: terminate immediately if end of
      input is reached in elf/dl-tunables.c.
    - d/p/u/0001-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV:
      Cherry-picked to fix a regression in one of the previous CVE fixes
  * Merge 2.38-3 from Debian experimental
    Dropped changes, included in Debian:
    - debian/patches/hurd-i386/git-powerpc-longjmp.diff: Fix build after chk
      hidden builtin fix.
  * Drop d/p/lp2032624.patch as advised by upstream.
    Downstream users will have to actually implement those types or stop
    pretending they're GCC. (LP: #2032624)
  * d/p/lp2031495.patch: fix test suite on armhf for -prof variant
    (LP: #2031495)
  * d/control.in/i386: fix math-vector-fortran.h file move (LP: #2039234)

 -- Simon Chopin <email address hidden>  Mon, 23 Oct 2023 18:54:07 +0200

Available diffs

Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
glibc (2.38-1ubuntu6) mantic; urgency=medium

  * SECURITY UPDATE: privilege escalation in ld.so
    - debian/patches/CVE-2023-4911.patch: terminate immediately if end of
      input is reached in elf/dl-tunables.c.
    - CVE-2023-4911

 -- Marc Deslauriers <email address hidden>  Mon, 02 Oct 2023 13:30:48 -0400

Available diffs

Superseded in jammy-updates
Superseded in jammy-security
glibc (2.35-0ubuntu3.4) jammy-security; urgency=medium

  * SECURITY UPDATE: privilege escalation in ld.so
    - debian/patches/any/CVE-2023-4911.patch: terminate immediately if end
      of input is reached in elf/dl-tunables.c.
    - CVE-2023-4911

 -- Marc Deslauriers <email address hidden>  Mon, 25 Sep 2023 10:45:50 -0400
Superseded in lunar-updates
Superseded in lunar-security
glibc (2.37-0ubuntu2.1) lunar-security; urgency=medium

  * SECURITY UPDATE: DoS and info disclosure via no-aaaa
    - debian/patches/any/CVE-2023-4527.patch: pass alt_dns_packet_buffer in
      resolv/nss_dns/dns-host.c, add test to resolv/Makefile,
      resolv/tst-resolv-noaaaa-vc.c.
    - CVE-2023-4527
  * SECURITY UPDATE: privilege escalation in ld.so
    - debian/patches/any/CVE-2023-4911.patch: terminate immediately if end
      of input is reached in elf/dl-tunables.c.
    - CVE-2023-4911

 -- Marc Deslauriers <email address hidden>  Mon, 25 Sep 2023 08:20:52 -0400
Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
glibc (2.38-1ubuntu5) mantic; urgency=medium

  * Update from upstream release branche:
    - CVE-2023-4527: Stack read overflow with large TCP responses in
      no-aaaa mode
    - CVE-2023-4806: use after free in getcanonname
    - LP: #2031909: Fix oversized __io_vtables
  * d/p/u/0001-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV:
    Cherry-picked to fix a regression in one of the previous CVE fixes
    (LP: #2037516, CVE-2023-5156)
  * d/p/lp2032624.patch: add an escape hatch in arm64 math-vector.h.
    This should help fixing multiple FTBFS (LP: #2032624)

 -- Simon Chopin <email address hidden>  Wed, 27 Sep 2023 16:38:18 +0200

Available diffs

Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
glibc (2.38-1ubuntu4) mantic; urgency=medium

  * Import the upstream maintenance branch
  * d/p/lp2031912.patch: Fix regression in sem_open that breaks OpenMPI
    (LP: #2031912)

 -- Simon Chopin <email address hidden>  Mon, 28 Aug 2023 17:23:19 +0200

Available diffs

Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic)
glibc (2.38-1ubuntu3) mantic; urgency=medium

  * Adjust libc6-dev Breaks to account for binNMU vs no-change uploads

 -- Simon Chopin <email address hidden>  Fri, 11 Aug 2023 17:05:47 +0200
Superseded in mantic-proposed
glibc (2.38-1ubuntu2) mantic; urgency=medium

  [ Samuel Thibault ]
  * debian/patches/hurd-i386/git-powerpc-longjmp.diff: Fix build after chk
    hidden builtin fix.

 -- Simon Chopin <email address hidden>  Wed, 09 Aug 2023 12:49:38 +0200

Available diffs

Superseded in mantic-proposed
glibc (2.38-1ubuntu1) mantic; urgency=medium

  * Merge 2.38-1 from Debian experimental
    Dropped changes (either merged or otherwise implemented in Debian):
    - d/p/any/local-ldso-disable-hwcap: fix compilation error
    - d/sysdeps/arm64.mk: enable Memory Tagging Extension (MTE) checking on arm64
    - d/control: Fix missing version bumps that could cause issues on upgrades
    - d/libc6.symbols.common: include libc_malloc_debug.so.0 introduced in 2.34
    - d/libc6.symbols.common: remove libSegFault.so dropped in 2.35
    - d/symbols.wildcard: add GLIBC_ABI_DT_RELR symbol introduced back in 2.36
    - Enable building for the 'arc' architecture.
    - Add patch to restore DT_HASH tag/SHT_HASH section (see
      https://sourceware.org/bugzilla/show_bug.cgi?id=29456):
      - d/patches/restore-libc-DT_HASH.patch
    - Adapt to upstream changes to install the dynamic linker in its ABI
      location directly by installing it under its SONAME, but still in the
      multiarch directory.
    - Don't use DH_COMPAT=8 for stripping udeb packages either
    - Run checks for every pass before failing the build.
    - debian/patches/all/local-ldd.diff: Adjust extra safety check
      for changed ld-linux.so return value
    - debian/debhelper.in/libc-bin.install: Keep installing zdump
      adjust .install to upstream's changes
    - Make libc-dev depend on rpcsvc-proto
    - Add Breaks: against fakeroot (<< 1.25.3-1.1ubuntu2~)
      [ Can be safely dropped as not available in Jammy ]
    - Adjust the version number for the openssh-server break.
      [ that version was published before Focal ]
  * Fix the dh_strip exclusion for ld.so on armhf that broke back in impish
  * libc6-dev: bump the Replace libc6 version to 2.37-0ubuntu2
  * Cherry-pick patches from upstream maintenance branch:
    - 0001-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch (LP: #2016252)

Available diffs

Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates)
glibc (2.31-0ubuntu9.12) focal; urgency=medium

  * Drop SVE memcpy implementation due to kernel-related performance
    regression

Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates)
glibc (2.35-0ubuntu3.3) jammy; urgency=medium

  * Drop SVE patches due to kernal-related performance regression
  * Fix the armhf stripping exception for ld.so (LP: #1927192)

Superseded in focal-proposed
glibc (2.31-0ubuntu9.11) focal; urgency=medium

  * Drop memcmp arm64 SIMD optimization patch due to performance regression
    on Raspberry Pi 3+ and 4

Superseded in focal-proposed
glibc (2.31-0ubuntu9.10) focal; urgency=medium

  [ Andrei Gherzan ]
  * d/p/lp1910312: Backport upstream fix for SEM_STAT_ANY (LP: #1910312)

  [ Simon Chopin ]
  * d/p/lp1999551/*: backport mem{cmp,cpy} optimizations for arm64 (LP: #1999551)
  * d/p/lp2001932/*: fix segfault in AVX2 strncmp (LP: #2001932)
  * d/p/lp2001975/*: fix overflow in AVX2 wcsncmp (LP: #2001975)

 -- Simon Chopin <email address hidden>  Wed, 31 May 2023 17:57:25 +0200
Superseded in jammy-proposed
glibc (2.35-0ubuntu3.2) jammy; urgency=medium

  * d/rules.d/debhelper.mk: fix permissions of libc.so (LP: #1989082)
  * Cherry-picks from upstream:
    - d/p/lp1999551/*: arm64 memcpy optimization (LP: #1999551)
    - d/p/lp1995362*.patch: Fix ldd segfault with missing libs (LP: #1995362)
    - d/p/lp2007796*: Fix missing cancellation point in pthread (LP: #2007796)
    - d/p/lp2007599*: add new tunables for s390x (LP: #2007599)
    - d/p/lp2011421/*: Fix crash on TDX-enabled platforms (LP: #2011421)
    - d/p/lp1992159*: Fix socket.h headers for non-GNU compilers (LP: #1992159)

 -- Simon Chopin <email address hidden>  Wed, 31 May 2023 17:17:00 +0200
Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar)
glibc (2.37-0ubuntu2) lunar; urgency=medium

  * d/p/u/lp2007599*.patch: add tunables for s390x (LP: #2007599)
  * d/p/any/local-ldso-disable-hwcap: fix compilation error (LP: #2006485)
  * d/sysdeps/arm64.mk: enable Memory Tagging Extension (MTE) checking on arm64
    (LP: #2006739)
  * d/control: declare a Breaks on older cyrus-imapd (LP: #2011326)
  * d/control: Fix missing version bumps that could cause issues on upgrades
  * Cherry-pick patches from upstream maintenance branch:
    - 0001-cdefs-Limit-definition-of-fortification-macros.patch
    - 0002-LoongArch-Add-new-relocation-types.patch
    - 0003-Use-64-bit-time_t-interfaces-in-strftime-and-strptim.patch
    - 0004-Account-for-grouping-in-printf-width-bug-30068.patch
    - 0005-NEWS-Document-CVE-2023-25139.patch
    - 0006-elf-Smoke-test-ldconfig-p-against-system-etc-ld.so.c.patch
    - 0007-stdlib-Undo-post-review-change-to-16adc58e73f3-BZ-27.patch
    - 0008-elf-Restore-ldconfig-libc6-implicit-soname-logic-BZ-.patch

 -- Simon Chopin <email address hidden>  Thu, 16 Mar 2023 09:44:01 +0100

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar)
glibc (2.37-0ubuntu1) lunar; urgency=medium

  * New upstream release
    + d/symbols.wildcard: add GLIBC_2.37 symbol
    + d/libc6.symbols.common: drop libcrypt.so.1, removed upstream
    + d/patches:
      - Dropped all upstream patches from stable branch
      - localedata/locales-fr.diff refreshed
      - riscv64/local-asin-acos-raise-invalid.diff dropped since
        it has been implemented upstream
      - any/local-ldso-disable-hwcap.diff rebased
        => Do we still need this?
      - ubuntu/local-fallback-to-monotonic.diff rebased
      - 0001-Ensure-calculations-happen-with-desired-rounding-mod.patch
        Dropped, merged upstream
      - 0001-Avoid-undefined-behaviour-in-ibm128-implementation-o.patch
        Dropped, merged upstream
      - 0001-Fix-BZ-29463-in-the-ibm128-implementation-of-y1l-too.patch
        Dropped, merged upstream
      - u/submitted-no-sprintf-pre-truncate.diff: dropped as
        -D_FORTIFY_SOURCE=2 has now been the default in Debian for >7 years
        without this patch.
  * Add io/tst-statx to armhf xfails as it's failing on check-prof
  * d/symbols.wildcard: add GLIBC_ABI_DT_RELR symbol introduced back in 2.36
  * d/libc6.symbols.common: include libc_malloc_debug.so.0 introduced in 2.34
  * d/libc6.symbols.common: remove libSegFault.so dropped in 2.35

 -- Simon Chopin <email address hidden>  Thu, 02 Feb 2023 10:07:58 +0100

Available diffs

Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic)
glibc (2.36-0ubuntu4) kinetic; urgency=medium

  [ Michael Hudson-Doyle ]
  * Enable building for the 'arc' architecture. (LP: #1991652)
  * Cherry-pick patches from upstream maintenance branch (LP: #1991898):
    - 0020-01-scripts-dso-ordering-test.py-Generate-program-run-ti.patch
    - 0020-02-elf-Rename-_dl_sort_maps-parameter-from-skip-to-forc.patch
    - 0021-elf-Implement-force_first-handling-in-_dl_sort_maps_.patch
    - 0022-gconv-Use-64-bit-interfaces-in-gconv_parseconfdir-bu.patch
    - 0023-01-x86-include-BMI1-and-BMI2-in-x86-64-v3-level.patch
    - 0023-02-x86-64-Require-BMI2-for-AVX2-str-n-casecmp-implement.patch
    - 0023-03-x86-64-Require-BMI2-for-AVX2-strcmp-implementation.patch
    - 0023-04-x86-64-Require-BMI2-for-AVX2-strncmp-implementation.patch
    - 0023-05-x86-64-Require-BMI2-for-AVX2-wcs-n-cmp-implementatio.patch
    - 0023-06-x86-64-Require-BMI2-for-AVX2-raw-w-memchr-implementa.patch
    - 0023-07-x86-64-Require-BMI2-and-LZCNT-for-AVX2-memrchr-imple.patch
    - 0023-08-x86-64-Require-BMI1-BMI2-for-AVX2-strrchr-and-wcsrch.patch
    - 0024-nscd-Drop-local-address-tuple-variable-BZ-29607.patch
    - 0025-get_nscd_addresses-Fix-subscript-typos-BZ-29605.patch
    - 0026-stdlib-Fix-__getrandom_nocancel-type-and-arc4random-.patch

 -- Simon Chopin <email address hidden>  Fri, 07 Oct 2022 10:13:35 +0200

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic)
glibc (2.36-0ubuntu3) kinetic; urgency=medium

  * Remove patches that are now in upstream release branch:
    - d/patches/0001-glibcextract.py-Add-compile_c_snippet.patch
    - d/patches/0003-linux-Mimic-kernel-defition-for-BLOCK_SIZE.patch
    - d/patches/0004-linux-Use-compile_c_snippet-to-check-linux-mount.h-a.patch
    - d/patches/0005-linux-Fix-sys-mount.h-usage-with-kernel-headers.patch
    - d/patches/0006-Linux-Fix-enum-fsconfig_command-detection-in-sys-mou.patch
  * Cherry-pick patches from upstream maintenance branch:
    - 0004-Linux-Terminate-subprocess-on-late-failure-in-tst-pi.patch
    - 0005-alpha-Fix-generic-brk-system-call-emulation-in-__brk.patch
    - 0006-socket-Check-lengths-before-advancing-pointer-in-CMS.patch
    - 0007-NEWS-Add-entry-for-bug-28846.patch
    - 0008-01-glibcextract.py-Add-compile_c_snippet.patch
    - 0008-02-linux-Use-compile_c_snippet-to-check-linux-pidfd.h-a.patch
    - 0008-03-linux-Mimic-kernel-defition-for-BLOCK_SIZE.patch
    - 0008-04-linux-Use-compile_c_snippet-to-check-linux-mount.h-a.patch
    - 0008-05-linux-Fix-sys-mount.h-usage-with-kernel-headers.patch
    - 0008-06-Linux-Fix-enum-fsconfig_command-detection-in-sys-mou.patch
    - 0009-syslog-Fix-large-messages-BZ-29536.patch
    - 0010-elf-Call-__libc_early_init-for-reused-namespaces-bug.patch
    - 0011-Apply-asm-redirections-in-wchar.h-before-first-use.patch
    - 0012-elf-Restore-how-vDSO-dependency-is-printed-with-LD_T.patch
    - 0013-syslog-Remove-extra-whitespace-between-timestamp-and.patch
    - 0014-Add-NEWS-entry-for-CVE-2022-39046.patch
    - 0015-nscd-Fix-netlink-cache-invalidation-if-epoll-is-used.patch
    - 0016-01-resolv-Add-tst-resolv-byaddr-for-testing-reverse-loo.patch
    - 0016-02-resolv-Add-tst-resolv-aliases.patch
    - 0016-03-resolv-Add-internal-__res_binary_hnok-function.patch
    - 0016-04-resolv-Add-the-__ns_samebinaryname-function.patch
    - 0016-05-resolv-Add-internal-__ns_name_length_uncompressed-fu.patch
    - 0016-06-resolv-Add-DNS-packet-parsing-helpers-geared-towards.patch
    - 0016-07-nss_dns-Split-getanswer_ptr-from-getanswer_r.patch
    - 0016-08-nss_dns-Rewrite-_nss_dns_gethostbyaddr2_r-and-getans.patch
    - 0016-09-nss_dns-Remove-remnants-of-IPv6-address-mapping.patch
    - 0016-10-nss_dns-Rewrite-getanswer_r-to-match-getanswer_ptr-b.patch
    - 0016-11-nss_dns-In-gaih_getanswer_slice-skip-strange-aliases.patch
    - 0016-12-resolv-Add-new-tst-resolv-invalid-cname.patch
    - 0016-13-nss_dns-Rewrite-_nss_dns_gethostbyname4_r-using-curr.patch
    - 0016-14-resolv-Fix-building-tst-resolv-invalid-cname-for-ear.patch
    - 0017-NEWS-Note-bug-12154-and-bug-29305-as-fixed.patch
    - 0018-elf-Run-tst-audit-tlsdesc-tst-audit-tlsdesc-dlopen-e.patch
    - 0019-elf-Fix-hwcaps-string-size-overestimation.patch

 -- Michael Hudson-Doyle <email address hidden>  Tue, 20 Sep 2022 11:53:55 +1200

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic)
glibc (2.36-0ubuntu2) kinetic; urgency=medium

  * Add patches to fix build with GCC 12:
    - d/patches/0001-Avoid-undefined-behaviour-in-ibm128-implementation-o.patch
    - d/patches/0001-Ensure-calculations-happen-with-desired-rounding-mod.patch
    - d/patches/0001-Fix-BZ-29463-in-the-ibm128-implementation-of-y1l-too.patch
  * Switch back to building with the default GCC (i.e. 12)
  * Add patches to fix incompatibility between kernel and glibc mount.h
    headers (LP: #1985956):
    - d/patches/0001-glibcextract.py-Add-compile_c_snippet.patch
    - d/patches/0003-linux-Mimic-kernel-defition-for-BLOCK_SIZE.patch
    - d/patches/0004-linux-Use-compile_c_snippet-to-check-linux-mount.h-a.patch
    - d/patches/0005-linux-Fix-sys-mount.h-usage-with-kernel-headers.patch
    - d/patches/0006-Linux-Fix-enum-fsconfig_command-detection-in-sys-mou.patch
  * Add patch to restore DT_HASH tag/SHT_HASH section (see
    https://sourceware.org/bugzilla/show_bug.cgi?id=29456):
    - d/patches/restore-libc-DT_HASH.patch
  * Add nss/tst-reload2 to xfails as it fails in autopkgtests in check_prof
    run.

 -- Michael Hudson-Doyle <email address hidden>  Mon, 22 Aug 2022 13:24:16 +1200
Superseded in kinetic-proposed
glibc (2.36-0ubuntu1) kinetic; urgency=medium

  [ Simon Chopin ]
  * New upstream release.
  * d/p/kfreebsd/local-getaddrinfo-freebsd-kernel.diff: refreshed to take
    refactor into account
  * Cherry-pick patches from upstream maintenance branch:
    - 0001-stdlib-Suppress-gcc-diagnostic-that-char8_t-is-a-key.patch
    - 0002-dlfcn-Pass-caller-pointer-to-static-dlopen-implement.patch
    - 0003-Update-syscall-lists-for-Linux-5.19.patch

  [ Michael Hudson-Doyle ]
  * debian/rules.d/tarball.mk: Add "make-new-snapshot" target.
  * debian/maint: add a script to manage backports of patches from upstream
    maintenance branch.
  * Patches:
    - d/p/any/submittest-resolv-unaligned.diff: removed, applied upstream
    - d/p/powerpc/local-powerpc8xx.dcbz.diff: disabled, doesn't apply and
      irrelevant for Ubuntu
    - Other patches refreshed
    - d/p/git-updates.diff: removed, due to new upstream release
  * debian/testsuite-xfail-debian.mk: remove xfail on container tests, as the
    patch causing the failure was removed in 2.31-12
  * Build with GCC 11 due to failures in math tests on amd64 and ppc64el with
    GCC 12 (see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=106574).

 -- Michael Hudson-Doyle <email address hidden>  Fri, 12 Aug 2022 11:14:36 +1200

Available diffs

Superseded in jammy-updates
Deleted in jammy-proposed (Reason: moved to -updates)
glibc (2.35-0ubuntu3.1) jammy; urgency=medium

  * debian/maint: add a script to manage backports of patches from upstream
    maintenance branch.
  * Cherry-pick patches from upstream maintenance branch:
    - 0001-S390-Add-new-s390-platform-z16.patch (LP: #1971612)
    - 0002-powerpc-Fix-VSX-register-number-on-__strncpy_power9-.patch (LP: #1978130)

 -- Michael Hudson-Doyle <email address hidden>  Thu, 07 Jul 2022 11:23:23 +1200

Available diffs

Published in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates)
glibc (2.27-3ubuntu1.6) bionic; urgency=medium

  [ Gunnar Hjalmarsson ]
  * d/local/usr_sbin/update-locale: improve sanity checks. (LP: #1892825)

  [ Aurelien Jarno ]
  * debian/debhelper.in/libc.preinst: drop the check for kernel release
    > 255 now that glibc and preinstall script are fixed. (LP: #1962225)

 -- Michael Hudson-Doyle <email address hidden>  Tue, 03 May 2022 22:19:39 +1200
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates)
glibc (2.31-0ubuntu9.9) focal; urgency=medium

  * Disable testsuite on riscv64. It is failing maths tests intermittently in
    ways that cannot be a glibc regression and is disabled in later series
    anyway.

Superseded in focal-proposed
glibc (2.31-0ubuntu9.8) focal; urgency=medium

  * Update for 20.04. (LP: #1951033)

  [ Balint Reczey ]
  * Cherry-pick upstream patch to fix building with -moutline-atomics
  * Prevent rare deadlock in pthread_cond_signal (LP: #1899800)

  [ Matthias Klose ]
  * Revert: Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
    Enables debugging ld.so related issues. (LP: #1918035)
  * Don't strip ld.so on armhf. (LP: #1927192)

  [ Gunnar Hjalmarsson ]
  * d/local/usr_sbin/update-locale: improve sanity checks. (LP: #1892825)

  [ Heitor Alves de Siqueira ]
  * d/p/u/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch:
    - Fix memcpy() performance regression on x86 AMD systems (LP: #1928508)

  [ Aurelien Jarno ]
  * debian/debhelper.in/libc.preinst: drop the check for kernel release
    > 255 now that glibc and preinstall script are fixed. (LP: #1962225)

  [ Michael Hudson-Doyle ]
  * libc6 on arm64 is now built with -moutline-atomics so libc6-lse can now be
    an empty package that is safe to remove. (LP: #1912652)
  * d/patches/u/aarch64-memcpy-improvements.patch: Backport memcpy
    improvements. (LP: #1951032)
  * Add test-float64x-yn to xfails on riscv64.

 -- Michael Hudson-Doyle <email address hidden>  Thu, 10 Mar 2022 14:36:19 +1300
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
glibc (2.35-0ubuntu3) jammy; urgency=medium

  * debian/rules.d/build.mk: build with --with-default-link=no.

 -- Michael Hudson-Doyle <email address hidden>  Fri, 04 Mar 2022 15:54:17 +1300
Superseded in jammy-proposed
glibc (2.35-0ubuntu2) jammy; urgency=medium

  * d/patches/arm/local-vfp-sysdeps.diff: Restore, and add another EABI
    attribute to hopefully avoid upsetting current binutils.
  * debian/debhelper.in/libc.preinst: drop the check for kernel release
    > 255 now that glibc and preinstall script are fixed. (LP: #1962225)
  * Fix "./debian/rules update-from-upstream" to replace rather than append to
    git-updates.diff.
  * Update d/patches/git-updates.diff:
    - linux: fix accuracy of get_nprocs and get_nprocs_conf [BZ #28865]
    - linux: Use socket-constants-time64.h on tst-socket-timestamp-compat
    - string: Add a testcase for wcsncmp with SIZE_MAX [BZ #28755]
    - x86: Fallback {str|wcs}cmp RTM in the ncmp overflow case [BZ #28896]
    - x86: Test wcscmp RTM in the wcsncmp overflow case [BZ #28896]
    - x86: Fix TEST_NAME to make it a string in tst-strncmp-rtm.c
    - elf: Check invalid hole in PT_LOAD segments [BZ #28838]
    - elf: Replace tst-audit24bmod2.so with tst-audit24bmod2
    - resolv: Fix tst-resolv tests for 2.35 ABIs and later
    - localedef: Update LC_MONETARY handling (Bug 28845)
    - localedata: Do not generate output if warnings were present.
    - localedef: Handle symbolic links when generating locale-archive
    - nptl: Fix cleanups for stack grows up [BZ# 28899]
  * Remove tst-p_align3 from xfails.

 -- Michael Hudson-Doyle <email address hidden>  Fri, 04 Mar 2022 15:38:35 +1300

Available diffs

Obsolete in impish-updates
Obsolete in impish-security
glibc (2.34-0ubuntu3.2) impish-security; urgency=medium

  * SECURITY UPDATE: Unexpected return value from realpath()
    - debian/patches/any/CVE-2021-3998-pre1.patch: add helpers to create
      paths longer than PATH_MAX in support/temp_file.c,
      support/temp_file.h.
    - debian/patches/any/CVE-2021-3998-1.patch: set errno to ENAMETOOLONG
      for result larger than PATH_MAX in stdlib/Makefile,
      stdlib/canonicalize.c, stdlib/tst-realpath-toolong.c.
    - debian/patches/any/CVE-2021-3998-2.patch: avoid overwriting
      preexisting error in stdlib/canonicalize.c.
    - CVE-2021-3998
  * SECURITY UPDATE: Off-by-one buffer overflow/underflow in getcwd()
    - debian/patches/any/CVE-2021-3999-1.patch: set errno to ERANGE for
      size == 1 in sysdeps/posix/getcwd.c,
      sysdeps/unix/sysv/linux/Makefile,
      sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c.
    - debian/patches/any/CVE-2021-3999-2.patch: detect user namespace
      support in sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c.
    - CVE-2021-3999
  * SECURITY UPDATE: DoS via long svcunix_create path argument
    - debian/patches/any/CVE-2022-23218-pre1.patch: add the
      __sockaddr_un_set function in include/sys/un.h, socket/Makefile,
      socket/sockaddr_un_set.c, socket/tst-sockaddr_un_set.c.
    - debian/patches/any/CVE-2022-23218.patch: fix buffer overflow in
      sunrpc/Makefile, sunrpc/svc_unix.c, sunrpc/tst-bug28768.c.
    - CVE-2022-23218
  * SECURITY UPDATE: DoS via long clnt_create hostname argument
    - debian/patches/any/CVE-2022-23219.patch: fix buffer overflow in
      sunrpc/clnt_gen.c.
    - CVE-2022-23219
  * debian/rules.d/build.mk: build with --with-default-link=no.

 -- Marc Deslauriers <email address hidden>  Thu, 24 Feb 2022 14:45:39 -0500

Available diffs

Superseded in focal-updates
Superseded in focal-security
glibc (2.31-0ubuntu9.7) focal-security; urgency=medium

  * SECURITY UPDATE: infinite loop in iconv
    - debian/patches/any/CVE-2016-10228-1.patch: rewrite iconv option
      parsing in iconv/Makefile, iconv/Versions, iconv/gconv_charset.c,
      iconv/gconv_charset.h, iconv/gconv_int.h, iconv/gconv_open.c,
      iconv/iconv_open.c, iconv/iconv_prog.c, iconv/tst-iconv-opt.c,
      iconv/tst-iconv_prog.sh, intl/dcigettext.c.
    - debian/patches/any/CVE-2016-10228-2.patch: handle translation output
      codesets with suffixes in iconv/Versions, iconv/gconv_charset.c,
      iconv/gconv_charset.h, iconv/gconv_int.h, iconv/iconv_open.c,
      iconv/iconv_prog.c, intl/dcigettext.c, intl/tst-codeset.c.
    - CVE-2016-10228
  * SECURITY UPDATE: buffer over-read in iconv
    - debian/patches/any/CVE-2019-25013.patch: fix buffer overrun in EUC-KR
      conversion module in iconvdata/bug-iconv13.c, iconvdata/euc-kr.c,
      iconvdata/ksc5601.h.
    - CVE-2019-25013
  * SECURITY UPDATE: another infinite loop in iconv
    - debian/patches/any/CVE-2020-27618.patch: fix issue in
      iconv/tst-iconv_prog.sh, iconvdata/ibm1364.c.
    - CVE-2020-27618
  * SECURITY UPDATE: DoS via assert in iconv
    - debian/patches/any/CVE-2020-29562.patch: fix incorrect UCS4 inner
      loop bounds in iconv/Makefile, iconv/gconv_simple.c,
      iconv/tst-iconv8.c.
    - CVE-2020-29562
  * SECURITY UPDATE: signed comparison issue in ARMv7 memcpy
    - debian/patches/any/CVE-2020-6096-pre1.patch: add
      support_blob_repeat_allocate_shared in support/blob_repeat.c,
      support/blob_repeat.h, support/tst-support_blob_repeat.c.
    - debian/patches/any/CVE-2020-6096-1.patch: add test case in
      string/Makefile, string/tst-memmove-overflow.c.
    - debian/patches/any/CVE-2020-6096-2.patch: mark test as as XFAIL in
      string/tst-memmove-overflow.c, sysdeps/arm/Makefile.
    - debian/patches/any/CVE-2020-6096-3.patch: fix memcpy and memmove for
      negative length  in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
    - debian/patches/any/CVE-2020-6096-4.patch: fix multiarch memcpy for
      negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
    - debian/patches/any/CVE-2020-6096-5.patch: remove
      string/tst-memmove-overflow XFAIL in sysdeps/arm/Makefile.
    - CVE-2020-6096
  * SECURITY UPDATE: double-free in nscd
    - debian/patches/any/CVE-2021-27645.patch: track live allocation better
      in nscd/netgroupcache.c.
    - CVE-2021-27645
  * SECURITY UPDATE: assertion fail in iconv
    - debian/patches/any/CVE-2021-3326.patch: fix assertion failure in
      ISO-2022-JP-3 module in iconvdata/Makefile, iconvdata/bug-iconv14.c,
      iconvdata/iso-2022-jp-3.c.
    - CVE-2021-3326
  * SECURITY UPDATE: overflow in wordexp via crafted pattern
    - debian/patches/any/CVE-2021-35942.patch: handle overflow in
      positional parameter number in posix/wordexp-test.c, posix/wordexp.c.
    - CVE-2021-35942
  * SECURITY UPDATE: Off-by-one buffer overflow/underflow in getcwd()
    - debian/patches/any/CVE-2021-3999.patch: set errno to ERANGE for
      size == 1 in sysdeps/posix/getcwd.c.
    - CVE-2021-3999
  * SECURITY UPDATE: DoS via long svcunix_create path argument
    - debian/patches/any/CVE-2022-23218-pre1.patch: add the
      __sockaddr_un_set function in include/sys/un.h, socket/Makefile,
      socket/sockaddr_un_set.c, socket/tst-sockaddr_un_set.c.
    - debian/patches/any/CVE-2022-23218.patch: fix buffer overflow in
      sunrpc/svc_unix.c.
    - CVE-2022-23218
  * SECURITY UPDATE: DoS via long clnt_create hostname argument
    - debian/patches/any/CVE-2022-23219.patch: fix buffer overflow in
      sunrpc/clnt_gen.c.
    - CVE-2022-23219
  * debian/rules.d/build.mk: build with --with-default-link=no.
  * This package does _NOT_ contain the changes from (2.31-0ubuntu9.5) in
    focal-proposed.

 -- Marc Deslauriers <email address hidden>  Thu, 24 Feb 2022 14:42:40 -0500
Deleted in focal-proposed (Reason: moved to -updates)
glibc (2.31-0ubuntu9.5) focal; urgency=medium

  * Remove d/patches/u/aarch64-memcpy-improvements.patch again until it can be
    verified that it does not regress performance on all microarchitectures.

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
glibc (2.35-0ubuntu1) jammy; urgency=medium

  * New upstream version.
  * Update control files for new version.
  * Remove d/patches/git-updates.diff and refresh other patches.
  * d/patches/localedata/locale-C.diff: Remove as upstream now ships a C
    locale.
  * d/patches/ubuntu/disable-clone3.patch: Remove, electron apps have had
    long enough to get updated now.
  * d/patches/arm/local-vfp-sysdeps.diff: Remove, incompatible with modern
    binutils.
  * d/patches/all/submitted-po-fr-fixes.diff: Remove, included upstream.
  * Stop building the C.UTF-8 locale files separately now that upstream
    includes it, but still include them in the libc-bin package.
  * d/patches/ubuntu/sdt-headers.patch: borrow patch from fedora to fix build
    failure on s390x.
  * Update xfails:
    - tst-cpu-features-cpuinfo{,-static} fail on some builders due to old
      kernels.
    - tst-p_align3: Fails depending on fine details of binutils behaviour.
  * Build with default gcc (i.e. 11).
  * Remove the 'catchsegv' binary from the libc-bin package, removed upstream.
  * Update "./debian/rules update-from-upstream" to work better with how I
    maintain my git tree.
  * Add d/patches/git-updates.diff with first few patches after release:
    - posix: Fix tst-spawn6 terminal handling (BZ #28853)
    - linux: __get_nprocs_sched: do not feed CPU_COUNT_S with garbage [BZ #28850]
    - linux: Fix missing __convert_scm_timestamps (BZ #28860)

 -- Michael Hudson-Doyle <email address hidden>  Fri, 04 Feb 2022 13:59:11 +1300

Available diffs

Superseded in bionic-updates
Published in bionic-security
glibc (2.27-3ubuntu1.5) bionic-security; urgency=medium

  * SECURITY UPDATE: infinite loop in iconv
    - debian/patches/any/CVE-2016-10228-pre1.patch: add xsetlocale function
      in support/Makefile, support/support.h, support/xsetlocale.c.
    - debian/patches/any/CVE-2016-10228-1.patch: rewrite iconv option
      parsing in iconv/Makefile, iconv/Versions, iconv/gconv_charset.c,
      iconv/gconv_charset.h, iconv/gconv_int.h, iconv/gconv_open.c,
      iconv/iconv_open.c, iconv/iconv_prog.c, iconv/tst-iconv-opt.c,
      iconv/tst-iconv_prog.sh, intl/dcigettext.c.
    - debian/patches/any/CVE-2016-10228-2.patch: handle translation output
      codesets with suffixes in iconv/Versions, iconv/gconv_charset.c,
      iconv/gconv_charset.h, iconv/gconv_int.h, iconv/iconv_open.c,
      iconv/iconv_prog.c, intl/dcigettext.c, intl/tst-codeset.c.
    - CVE-2016-10228
  * SECURITY UPDATE: buffer over-read in iconv
    - debian/patches/any/CVE-2019-25013.patch: fix buffer overrun in EUC-KR
      conversion module in iconvdata/bug-iconv13.c, iconvdata/euc-kr.c,
      iconvdata/ksc5601.h.
    - CVE-2019-25013
  * SECURITY UPDATE: another infinite loop in iconv
    - debian/patches/any/CVE-2020-27618.patch: fix issue in
      iconvdata/ibm1364.c.
    - CVE-2020-27618
  * SECURITY UPDATE: DoS via assert in iconv
    - debian/patches/any/CVE-2020-29562.patch: fix incorrect UCS4 inner
      loop bounds in iconv/Makefile, iconv/gconv_simple.c,
      iconv/tst-iconv8.c.
    - CVE-2020-29562
  * SECURITY UPDATE: signed comparison issue in ARMv7 memcpy
    - debian/patches/any/CVE-2020-6096-3.patch: fix memcpy and memmove for
      negative length  in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
    - debian/patches/any/CVE-2020-6096-4.patch: fix multiarch memcpy for
      negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
    - CVE-2020-6096
  * SECURITY UPDATE: assertion fail in iconv
    - debian/patches/any/CVE-2021-3326.patch: fix assertion failure in
      ISO-2022-JP-3 module in iconvdata/Makefile, iconvdata/bug-iconv14.c,
      iconvdata/iso-2022-jp-3.c.
    - CVE-2021-3326
  * SECURITY UPDATE: overflow in wordexp via crafted pattern
    - debian/patches/any/CVE-2021-35942.patch: handle overflow in
      positional parameter number in posix/wordexp-test.c, posix/wordexp.c.
    - CVE-2021-35942
  * SECURITY UPDATE: Off-by-one buffer overflow/underflow in getcwd()
    - debian/patches/any/CVE-2021-3999.patch: set errno to ERANGE for
      size == 1 in sysdeps/posix/getcwd.c.
    - CVE-2021-3999
  * SECURITY UPDATE: DoS via long svcunix_create path argument
    - debian/patches/any/CVE-2022-23218-pre1.patch: add the
      __sockaddr_un_set function in include/sys/un.h, socket/Makefile,
      socket/sockaddr_un_set.c, socket/tst-sockaddr_un_set.c.
    - debian/patches/any/CVE-2022-23218.patch: fix buffer overflow in
      sunrpc/svc_unix.c.
    - CVE-2022-23218
  * SECURITY UPDATE: DoS via long clnt_create hostname argument
    - debian/patches/any/CVE-2022-23219.patch: fix buffer overflow in
      sunrpc/clnt_gen.c.
    - CVE-2022-23219
  * debian/patches/any/fix_test-errno-linux.patch: Handle EINVAL from
    quotactl in newer kernels in
    sysdeps/unix/sysv/linux/test-errno-linux.c.

 -- Marc Deslauriers <email address hidden>  Mon, 24 Jan 2022 07:53:44 -0500
Superseded in focal-proposed
glibc (2.31-0ubuntu9.4) focal; urgency=medium

  * Update for 20.04. (LP: #1951033)

  [ Balint Reczey ]
  * Revert backporting TLS surplus accounting changes including updating
    debian/patches/ubuntu/local-disable-ld_audit.diff
    (LP: #1926355, LP: #1926379)
  * Don't strip ld.so on armhf. (LP: #1927192)

  [ Matthias Klose ]
  * Revert: Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
    Enables debugging ld.so related issues. (LP: #1918035)

  [ Michael Hudson-Doyle ]
  * d/local/usr_sbin/update-locale: improve sanity checks. (LP: #1892825)
  * d/patches/u/aarch64-memcpy-improvements.patch: Backport memcpy
    improvements. (LP: #1951032)

  [ Heitor Alves de Siqueira ]
  * d/p/u/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch:
    - Fix memcpy() performance regression on x86 AMD systems (LP: #1928508)

 -- Michael Hudson-Doyle <email address hidden>  Fri, 03 Dec 2021 16:36:14 +1300
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish)
glibc (2.34-0ubuntu3) impish; urgency=medium

  * d/patches/git-updates.diff: Update from release/2.34/master branch.
    - d/patches/ubuntu/Fix-close_range-closefrom-tests.patch,
      d/patches/ubuntu/fix-iconvconfig-directory.diff: removed as now
      upstream.
  * d/patches/ubuntu/disable-clone3.patch: Disable use of clone3 syscall
    to give Electron apps more time to get rebuilt. (LP: #1944468)

 -- Michael Hudson-Doyle <email address hidden>  Tue, 28 Sep 2021 14:38:09 +1300

Available diffs

Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish)
glibc (2.34-0ubuntu2) impish; urgency=medium

  * d/patches/ubuntu/Fix-close_range-closefrom-tests.patch: Patch from
    upstream to fix test failures in autopkgtest environment (which has a
    pair of fds open that the test suite did not cope with).
  * d/debhelper.in/libc.postinst: go back to restarting systemd on libc6
    upgrade, but carefully. LP: #1942276

 -- Michael Hudson-Doyle <email address hidden>  Fri, 03 Sep 2021 09:26:51 +1200
Superseded in impish-proposed
glibc (2.34-0ubuntu1) impish; urgency=medium

  * New upstream version.
  * Update patches.
  * Adapt to upstream changes to install the dynamic linker in its ABI
    location directly by installing it under its SONAME, but still in the
    multiarch directory.
  * Update xfails.
  * d/patches/ubuntu/fix-iconvconfig-directory.diff: fix the directory path
    written to the gconv modules cache (BZ #28199).

 -- Michael Hudson-Doyle <email address hidden>  Thu, 12 Aug 2021 11:15:13 +1200

Available diffs

Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish)
glibc (2.33-0ubuntu9) impish; urgency=medium

  * debian/patches/git-updates.diff: update from upstream stable branch
    - CVE-2021-33574: The mq_notify function has a potential use-after-free
      issue when using a notification type of SIGEV_THREAD and a thread
      attribute with a non-default affinity mask.
    - [15271] dlfcn function failure after dlmopen terminates process.
    - [27646] gethostbyname and NSS crashes after dlmopen.
    - x86_64: Remove unneeded static PIE check for undefined weak diagnostic.

 -- Matthias Klose <email address hidden>  Tue, 13 Jul 2021 08:26:17 +0200
Superseded in impish-proposed
glibc (2.33-0ubuntu8) impish; urgency=medium

  [ Matthias Klose ]
  * Don't strip ld.so (LP: #1927192)

  [ Balint Reczey ]
  * Don't use DH_COMPAT=8 for stripping udeb packages either
  * Drop maintaner script delta cleaning up /var/lib/locales/supported.d/local
    Those handled upgrades from Ubuntu << 16.04.
  * debian/patches/hurd-i386/: Drop delta of Hurd patches, they are not applied anyway
  * Merge 2.31-12 changes from Debian unstable:
    - debian/po/de.po: fix encoding declaration.  Closes: #986450.
    - debian/patches/any/local-rtlddir-cross.diff: drop patch, letting upstream
      makefiles to install the dynamic linker symlink directly in the right
      location. This fixes the temporary installation done by upstream makefiles
      to run some tests in a container.  Closes: #973278, #985617.
    - debian/rules.d/build.mk: do not create the dynamic linker manually.
    - debian/sysdeps/*.mk: do not create the dynamic linker manually for
      bi/tri-arch packages.
    - debian/rules.d/build.mk: create the soname symlink for ld-2.xx.so, to
      avoid its creation later by ldconfig.
    - debian/debhelper.in/libc.install, debhelper.in/libc-alt.install,
      debhelper.in/libc-udeb.install, debhelper.in/libc-udeb.install.hurd-i386:
      adjust given that the dynamic linker symlink is now already at the correct
      location.
    - debian/patches/git-updates.diff: update from upstream stable branch:
      - Fix GLIBC_TUNABLES parsing for AT_SECURE binaries.
    - debian/rules.d/build.mk: escape EOL so that $configure_build is correctly
      passed to the configure script.
    - debian/debhelper.in/libc.preinst: handle the case where debconf
      configuration has never been done.  Closes: #986180.
    - debian/debhelper.in/libc.preinst: fallback to text mode in case 1) debconf
      is about to use the dialog frontend with whiptail or frontend and 2) the
      corresponding executable is unusable.  Closes: #984533.
    - debian/rules.d/debhelper.mk: correctly strip libpthread.so for bi/triarch
      builds.  Closes: #983457.
    - debian/patches/hurd-i386/git-tiocflush.diff: Cope with
      BSD 4.1-ish ioctl(..., TIOCFLUSH, NULL).
    - debian/debhelper.in/libc-udeb.install.hurd-i386: Add missing
      libmachuser/libhurduser.
    - debian/testsuite-xfail-debian.mk: Update tests.
  * debian/patches/git-updates.diff: update from upstream stable branch
    - [27892] powerpc: scv ABI error handling fails to check IS_ERR_VALUE
  * Keep only armhf ld.so unstripped (LP: #1927192)

 -- Balint Reczey <email address hidden>  Tue, 01 Jun 2021 18:41:50 +0200
Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish)
glibc (2.33-0ubuntu7) impish; urgency=medium

  * debian/patches/git-updates.diff: update from upstream stable branch
    - [27648] FAIL: misc/tst-select
    - [27651] Performance regression after updating to 2.33
    - [27706] select fails to update timeout on error
    - [27744] Support different libpthread/ld.so load orders for gdb -p
  * Ignore test failures for the profile build on amd64 for now.

 -- Matthias Klose <email address hidden>  Mon, 03 May 2021 19:45:58 +0200
Superseded in impish-proposed
glibc (2.33-0ubuntu6) impish; urgency=medium

  * Revert: Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
    Enables debugging of ld.so related issues.
  * Stop building sf/hf multilibs on armel/armhf.

 -- Matthias Klose <email address hidden>  Sun, 25 Apr 2021 12:42:49 +0200

Available diffs

Published in xenial-updates
Published in xenial-security
glibc (2.23-0ubuntu11.3) xenial-security; urgency=medium

  * SECURITY UPDATE: DoS via regular expression
    - debian/patches/CVE-2009-5155.patch: diagnose invalid back-reference
      in posix/regcomp.c, remove invalid test in posix/PCRE.tests.
    - CVE-2009-5155
  * SECURITY UPDATE: signed comparison vulnerability exists in ARM memcpy
    - debian/patches/CVE-2020-6096-1.patch: fix multiarch memcpy for
      negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
    - debian/patches/CVE-2020-6096-2.patch: fix memcpy and memmove for
      negative length in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
    - CVE-2020-6096

 -- Marc Deslauriers <email address hidden>  Tue, 20 Apr 2021 14:52:26 -0400
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute)
glibc (2.33-0ubuntu5) hirsute; urgency=medium

  * debian/tests/rebuild: Revert printing cpuinfo, this information is already
    present in the log.
  * debian/control: Libc6 should Conflict and Replace libc6-lse (LP: #1912652)
  * Don't support disabling hwcaps on amd64 and arm64.
    There is no need for it and it adds extra overhead.
  * debian/patches/git-updates.diff: update from upstream stable branch
    - [18435] pthread_once hangs when init routine throws an exception
    - [23462] Static binary with dynamic string tokens ($LIB, $PLATFORM, $ORIGIN)
              crashes
    - [27304] pthread_cond_destroy does not pass private flag to futex system calls
    - [27537] test-container: Always copy test-specific support files
    - [27577] elf/ld.so --help doesn't work
  * XFAIL io/tst-stat on s390

 -- Balint Reczey <email address hidden>  Wed, 31 Mar 2021 15:44:28 +0200

Available diffs

Obsolete in groovy-proposed
glibc (2.32-0ubuntu3.2) groovy; urgency=medium

  * Make libc6 provide libc6-lse on arm64.
    Libc6 is already compiled with -moutline-atomics thus the separate binary
    package is dropped. (LP: #1912652)
  * debian/control: Libc6 should Conflict and Replace libc6-lse

Deleted in focal-proposed (Reason: Causing crashes, saved in silo 4547, LP: #1926355)
Deleted in focal-updates (Reason: Update might be causing regressions in snaps and the core...)
Deleted in focal-proposed (Reason: moved to -updates)
glibc (2.31-0ubuntu9.3) focal; urgency=medium

  [ Aurelien Jarno ]
  * debian/patches/any/git-surplus-tls-accounting.diff: backport TLS surplus
    accounting from upstream. (Closes: #964141) (LP: #1914044)

  [ Balint Reczey ]
  * Update debian/patches/ubuntu/local-disable-ld_audit.diff
  * Prevent rare deadlock in pthread_cond_signal (LP: #1899800)
  * Cherry-pick upstream patch to fix building with -moutline-atomics
  * Make libc6 provide libc6-lse on arm64.
    Libc6 is now compiled with -moutline-atomics thus the separate binary
    package is dropped. (LP: #1912652)
  * debian/control: Libc6 should Conflict and Replace libc6-lse

 -- Balint Reczey <email address hidden>  Mon, 29 Mar 2021 22:11:32 +0200
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: Moved to hirsute)
glibc (2.33-0ubuntu4) hirsute; urgency=medium

  [ Matthias Klose ]
  * Run checks for every pass before failing the build.
  * Regenerate the control file.

  [ Balint Reczey ]
  * XFAIL new tests not setting up their container properly
  * Add Breaks: against fakeroot (<< 1.25.3-1.1ubuntu2~) (LP: #1915250)
  * debian/patches/git-updates.diff: update from upstream stable branch
    (LP: #1916541)
  * debian/tests/rebuild: Print cpuinfo to help triaging CPU-specific failures

 -- Balint Reczey <email address hidden>  Thu, 11 Mar 2021 17:29:21 +0100
Deleted in hirsute-proposed (Reason: remove unbuilt no-change upload)
glibc (2.33-0ubuntu3) hirsute; urgency=medium

  * No-change rebuild to drop the udeb package.

 -- Matthias Klose <email address hidden>  Mon, 22 Feb 2021 10:33:25 +0100

Available diffs

Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release)
glibc (2.33-0ubuntu2) hirsute; urgency=medium

  * debian/patches/all/local-ldd.diff: Adjust extra safety check
    for changed ld-linux.so return value. LP: #1914860.

 -- Matthias Klose <email address hidden>  Sat, 06 Feb 2021 13:32:05 +0100
Superseded in hirsute-proposed
glibc (2.33-0ubuntu1) hirsute; urgency=medium

  [ Balint Reczey ]
  * XFAIL tst-sigcontext-get_pc on ppc64el (LP: #1907298)
  * Merge 2.31-9 changes from Debian unstable:
    - Build memusage and memusagestat in the libc pass and ship them into
      libc-devtools. Move mtrace, sotruss and sprof into that package.
      Closes: #91815.
    - debian/sysdeps/arm64.mk: enable static PIE support on arm64.
      Closes: #973430.
    - debian/debhelper.in/*.lintian-overrides: update for recent lintian
      versions.
    - other changes less interesting for Ubuntu users
  * Support disabling hwcaps on amd64 and arm64, too
  * Optimize checking /etc/ld.so.nohwcap
  * New upstream release 2.33
    - security fixes:
      - CVE-2021-3326: An assertion failure during conversion from the
        ISO-20220-JP-3 character set using the iconv function has been fixed.
        This assertion was triggered by certain valid inputs in which the
        converted output contains a combined sequence of two wide characters
        crossing a buffer boundary.  Reported by Tavis Ormandy.
      - CVE-2020-29562: An assertion failure has been fixed in the iconv
        function when invoked with UCS4 input containing an invalid character.
      - CVE-2019-25013: A buffer overflow has been fixed in the iconv function
        when invoked with EUC-KR input containing invalid multibyte input
        sequences.
  * Refresh patches
  * debian/symbols.wildcards: Update for 2.33
  * Don't ship /etc/default/nss.
    It set only ADJUNCT_AS_SHADOW=TRUE to change NSS module behaviour to be
    more secure, but upstream disagrees that the default (FALSE) value poses
    a security problem since the data leaked by NSS is made available by
    other tools as well.
    See: https://sourceware.org/bugzilla/show_bug.cgi?id=11134
  * debian/debhelper.in/libc-bin.install: Keep installing zdump
    adjust .install to upstream's changes
  * XFAIL rounding test failures on armhf (and armel)
  * XFAIL elf/tst-cpu-features-cpuinfo on amd64 and i386
  * XFAIL nptl/tst-cancel28 on i386
  * debian/copyright: Add GFDL for the manual sources.
    Override the Lintian error about GFDL, Ubuntu ships the documentation
    in main already.

  [ Dimitri John Ledkov ]
  * Don't try restarting services if needrestart is installed

 -- Balint Reczey <email address hidden>  Thu, 04 Feb 2021 13:40:19 +0100

Available diffs

Superseded in groovy-proposed
glibc (2.32-0ubuntu3.1) groovy; urgency=medium

  * Drop check preventing using float128 which breaks new icc (LP: #1895358)
  * Detect debconf consistently in libc6.preinst and do not crash if it is not
    used (LP: #1902955)
  * Ship libc variant compiled for profiling in libc6-prof (LP: #1908307)
  * Don't build libc6-prof in stage1 and stage2
  * Ship libc6-prof on riscv64, too.
    This fixes FTBFS on riscv64 due to the the flavour being built but not
    shipped in a package.
  * elf: Add endianness markup to ld.so.cache (Closes: #731082) (LP: #1906250)
  * Fix shmctl, msgctl and semctl regressions in glibc 2.31 (LP: #1904419)
    - Also XFAIL tst-sysvshm-linux on i386 and x32
  * Prevent rare deadlock in pthread_cond_signal (LP: #1899800)

 -- Balint Reczey <email address hidden>  Wed, 16 Dec 2020 13:30:09 +0100

Available diffs

Superseded in focal-updates
Superseded in focal-updates
Deleted in focal-proposed (Reason: moved to -updates)
glibc (2.31-0ubuntu9.2) focal; urgency=medium

  * Drop check preventing using float128 which breaks new icc (LP: #1895358)
  * Detect debconf consistently in libc6.preinst and do not crash if it is
    not used (LP: #1902955)
  * Ship libc variant compiled for profiling in libc6-prof (LP: #1908307)
  * elf: Add endianness markup to ld.so.cache (Closes: #731082) (LP: #1906250)

 -- Balint Reczey <email address hidden>  Wed, 16 Dec 2020 12:04:55 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release)
glibc (2.32-0ubuntu6) hirsute; urgency=medium

  * Merge 2.31-5 changes from Debian unstable:
    - debian/patches/localedata/locale-C.diff: replace the LC_CTYPE definition
      by 'copy "i18n"'. Note that with this change the "blank", "cntrl",
      "space" classes do not conform to POSIX anymore, however this matches the
      Fedora behaviour.  Closes: #973647.
    - debian/debhelper.in/libc.NEWS: add an entry about libnss-nis and
      libnss-nisplus packages.
  * Drop substvars magic for libnss-nis* since they are just recommended now
  * debian/patches/git-updates.diff: update from upstream stable branch
    - Fix missing floating-point rounding and exception handling functions
      missing on SH4.  Closes: #975421.
    - Fix an infinite loop in iconv with input containing redundant shift
      sequences in the IBM1364, ++  IBM1371, IBM1388, IBM1390, or IBM1399
      character sets (CVE-2020-27618).  Closes: #973914.
  * elf: Add endianness markup to ld.so.cache (Closes: #731082)

 -- Balint Reczey <email address hidden>  Tue, 15 Dec 2020 22:39:07 +0100

Available diffs

175 of 313 results