-
glibc (2.38-1ubuntu6.2) mantic-security; urgency=medium
* SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
- debian/patches/CVE-2024-2961.patch: fix out-of-bound writes when
writing escape sequence in iconvdata/Makefile,
iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
- CVE-2024-2961
-- Marc Deslauriers <email address hidden> Tue, 16 Apr 2024 09:38:28 -0400
-
glibc (2.38-1ubuntu6.1) mantic-security; urgency=medium
* SECURITY UPDATE: multiple syslog() security issues
- debian/patches/CVE-2023-6246.patch: Fix heap buffer overflow in
misc/Makefile, misc/syslog.c, misc/tst-syslog-long-progname.c.
- debian/patches/CVE-2023-6779.patch: Fix heap buffer overflow in
misc/syslog.c.
- debian/patches/CVE-2023-6780.patch: Fix integer overflow in
misc/syslog.c.
- CVE-2023-6246
- CVE-2023-6779
- CVE-2023-6780
-- Marc Deslauriers <email address hidden> Wed, 31 Jan 2024 08:04:28 -0500
-
glibc (2.38-1ubuntu6) mantic; urgency=medium
* SECURITY UPDATE: privilege escalation in ld.so
- debian/patches/CVE-2023-4911.patch: terminate immediately if end of
input is reached in elf/dl-tunables.c.
- CVE-2023-4911
-- Marc Deslauriers <email address hidden> Mon, 02 Oct 2023 13:30:48 -0400
-
glibc (2.38-1ubuntu5) mantic; urgency=medium
* Update from upstream release branche:
- CVE-2023-4527: Stack read overflow with large TCP responses in
no-aaaa mode
- CVE-2023-4806: use after free in getcanonname
- LP: #2031909: Fix oversized __io_vtables
* d/p/u/0001-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV:
Cherry-picked to fix a regression in one of the previous CVE fixes
(LP: #2037516, CVE-2023-5156)
* d/p/lp2032624.patch: add an escape hatch in arm64 math-vector.h.
This should help fixing multiple FTBFS (LP: #2032624)
-- Simon Chopin <email address hidden> Wed, 27 Sep 2023 16:38:18 +0200
-
glibc (2.38-1ubuntu4) mantic; urgency=medium
* Import the upstream maintenance branch
* d/p/lp2031912.patch: Fix regression in sem_open that breaks OpenMPI
(LP: #2031912)
-- Simon Chopin <email address hidden> Mon, 28 Aug 2023 17:23:19 +0200
-
glibc (2.38-1ubuntu3) mantic; urgency=medium
* Adjust libc6-dev Breaks to account for binNMU vs no-change uploads
-- Simon Chopin <email address hidden> Fri, 11 Aug 2023 17:05:47 +0200
-
glibc (2.38-1ubuntu2) mantic; urgency=medium
[ Samuel Thibault ]
* debian/patches/hurd-i386/git-powerpc-longjmp.diff: Fix build after chk
hidden builtin fix.
-- Simon Chopin <email address hidden> Wed, 09 Aug 2023 12:49:38 +0200
-
glibc (2.38-1ubuntu1) mantic; urgency=medium
* Merge 2.38-1 from Debian experimental
Dropped changes (either merged or otherwise implemented in Debian):
- d/p/any/local-ldso-disable-hwcap: fix compilation error
- d/sysdeps/arm64.mk: enable Memory Tagging Extension (MTE) checking on arm64
- d/control: Fix missing version bumps that could cause issues on upgrades
- d/libc6.symbols.common: include libc_malloc_debug.so.0 introduced in 2.34
- d/libc6.symbols.common: remove libSegFault.so dropped in 2.35
- d/symbols.wildcard: add GLIBC_ABI_DT_RELR symbol introduced back in 2.36
- Enable building for the 'arc' architecture.
- Add patch to restore DT_HASH tag/SHT_HASH section (see
https://sourceware.org/bugzilla/show_bug.cgi?id=29456):
- d/patches/restore-libc-DT_HASH.patch
- Adapt to upstream changes to install the dynamic linker in its ABI
location directly by installing it under its SONAME, but still in the
multiarch directory.
- Don't use DH_COMPAT=8 for stripping udeb packages either
- Run checks for every pass before failing the build.
- debian/patches/all/local-ldd.diff: Adjust extra safety check
for changed ld-linux.so return value
- debian/debhelper.in/libc-bin.install: Keep installing zdump
adjust .install to upstream's changes
- Make libc-dev depend on rpcsvc-proto
- Add Breaks: against fakeroot (<< 1.25.3-1.1ubuntu2~)
[ Can be safely dropped as not available in Jammy ]
- Adjust the version number for the openssh-server break.
[ that version was published before Focal ]
* Fix the dh_strip exclusion for ld.so on armhf that broke back in impish
* libc6-dev: bump the Replace libc6 version to 2.37-0ubuntu2
* Cherry-pick patches from upstream maintenance branch:
- 0001-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch (LP: #2016252)
glibc (2.38-1) experimental; urgency=medium
[ Aurelien Jarno ]
* New upstream release.
- debian/symbols.wildcard: add 2.38.
- debian/patches/hurd-i386/git-intr-msg-cfa.diff: upstreamed.
- debian/patches/hurd-i386/git-intr-msg-stack.diff: upstreamed.
- debian/patches/hurd-i386/git-exception-long.diff: upstreamed.
- debian/patches/hurd-i386/git-ctty.diff: upstreamed.
- debian/patches/hurd-i386/git-tst-system.diff: upstreamed.
- debian/patches/hurd-i386/git-task_info_count.diff: upstreamed.
- debian/patches/hurd-i386/local-enable-ldconfig.diff: dropped obsolete
part and rebased.
- debian/patches/hurd-i386/tg-hooks.diff: disabled.
- debian/patches/i386/unsubmitted-quiet-ldconfig.diff: rebased.
- debian/patches/any/local-ldconfig-multiarch.diff: rebased.
- debian/sysdeps/arm64.mk, debian/libc6.symbols.arm64: enable mathvec on
arm64.
* debian/rules.d/build.mk: pass --enable-fortify-source to configure.
* debian/testsuite-xfail-debian.mk: XFAIL tst-sprof-basic on mips* and
riscv64 as dl_profile is not supported on those architectures.
[ Samuel Thibault ]
* debian/patches/hurd-i386/submitted-net.diff: Refresh.
* debian/patches/hurd-i386/unsubmitted-prof-eintr.diff: Refresh.
* debian/testsuite-xfail-debian.mk: Update hurd xfails.
* debian/patches/hurd-i386/git-realpath_NULL.diff: Fix realpath(NULL, ...)
* debian/patches/hurd-i386/git-tst-realpath-toolong.diff: Fix
tst-realpath-toolong.
* debian/patches/hurd-i386/git-hidden_chk.diff: Fix spurious PLTs.
* debian/patches/hurd-i386/git-glob_dirent.diff: Fix strcpys in tests.
* debian/libc0.3.symbols.hurd-i386: Update symbols.
* Add hurd-amd64 support:
- debian/control.in/libc: Add hurd-amd64 cases.
- debian/debian/control.in/main: Add hurd-amd64 cases.
- debian/debhelper.in/libc-dev.install.hurd-amd64: Add.
- debian/debhelper.in/libc-udeb.install.hurd-amd64: Add.
- debian/glibc-source.filelist: Add hurd-amd64.
- debian/libc0.3.symbols.hurd-amd64: Add.
- debian/patches/series.hurd-amd64: Symlink to series.hurd-i386.
- debian/rules.d/control.mk: Add hurd-amd64 case.
- debian/sysdeps/hurd-amd64.mk: Add.
- debian/testsuite-xfail-debian.mk: Use hurd-i386 xfails for hurd-amd64 too.
glibc (2.37-7) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/testsuite-xfail-debian.mk: fix XFAIL for stdlib/isomac on sparc64.
* debian/patches/hurd-i386/unsubmitted-getaux_at_secure.diff: rebase.
[ Samuel Thibault ]
* debian/testsuite-xfail-debian.mk: Update for 2.38.
glibc (2.37-6) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch.
* debian/control.in/libc, debian/control.in/main: removed Breaks already
satisfied in oldstable (bullseye).
* debian/debhelper.in/locales.config: stop reading /etc/environment, it has
been deprecated for 15+ years.
* debian/sysdeps/sparc64.mk: run the testsuite for 32-bit builds on sparc64
again.
* debian/testsuite-xfail-debian.mk: mark the following tests as XFAIL on
sparc64 (Closes: #1040817):
- elf/tst-rtld-run-static
- nptl/tst-cancel24-static
- socket/tst-socket-timestamp
- stdlib/isomac
* debian/testsuite-xfail-debian.mk: remove some tests from XFAIL on s390x.
* debian/testsuite-xfail-debian.mk: remove some tests from XFAIL on i386.
* debian/testsuite-xfail-debian.mk: remove some tests from XFAIL on riscv64.
* Remove kfreebsd-amd64 and kfreebsd-i386 leftovers. Closes: #979160.
[ Luca Boccassi ]
* Switch from /etc/default/locale to /etc/locale.conf. Closes: #1038798.
glibc (2.37-5) unstable; urgency=medium
* debian/local/usr_sbin/locale-gen: revert parallelisation code as running
multiple instance of localedef in parallel corrupts locale-archive.
Closes: #1040452.
glibc (2.37-4) unstable; urgency=medium
[ Aurelien Jarno ]
* debian/control.in/main: drop obsolete dependency on lsb-base (>= 3.0-6)
from nscd.
* debian/patches/git-updates.diff: update from upstream stable branch:
- Fix realloc causing high virtual memory usage. Closes: #1040140.
* debian/sysdeps/sparc64.mk: do not run testsuite for 32-bit builds on
sparc64. Closes: #1040462.
glibc (2.37-3) unstable; urgency=medium
[ Samuel Thibault ]
* debian/patches/hurd-i386/git-intr-msg-stack.diff: Fix potential crash when
signals or cancellation happens while pushing mach_msg args.
* debian/patches/hurd-i386/git-exception-long.diff: Fix hurd build against
newer gnumach.
* debian/patches/hurd-i386/git-ctty.diff: Fix background processes reading
input.
* debian/libc0.3.symbols.hurd-i386: Refresh against newer gnumach.
* debian/testsuite-xfail-debian.mk: Drop Hurd XPASS.
* debian/testsuite-xfail-debian.mk: Update hurd results.
glibc (2.37-2) experimental; urgency=medium
[ Samuel Thibault ]
* debian/patches/hurd-i386/git-task_info_count.diff: Fix passing size to
task_info.
[ Aurelien Jarno ]
* debian/patches/git-updates.diff: update from upstream stable branch:
- Fix FTBFS on hppa.
* debian/sysdeps/alpha.mk, debian/control.in/main: build-depends on g++-12
(>= 12.3.0-2) on alpha instead of forcing -mcpu=ev56.
[ Andrej Shadura ]
* debian/po/sk.po: Fix typos in the Slovak translation.
[ Helmut Grohne ]
* debian/rules.d/build.mk: disable -Werror when dpkg-builflags contains
-Wno-error.
[ наб ]
* debian/local/usr_sbin/locale-gen: parallelise locales generation if
possible. Closes: #1037198.
glibc (2.37-1) experimental; urgency=medium
[ Aurelien Jarno ]
* New upstream release:
- Fix GL(dl_phdr) and GL(dl_phnum) for static builds. Closes: #1028200.
- debian/symbols.wildcard: add 2.36 and GLIBC_ABI_DT_RELR.
- debian/patches/localedata/locales-fr.diff: rebased.
- debian/patches/alpha/local-string-functions.diff: rebased.
- debian/patches/arm/git-atomic-compiler-builtins.diff: upstreamed.
- debian/patches/hurd-i386/git-htl-pthread-self-early.diff: upstreamed.
- debian/patches/hurd-i386/git-static-pie.diff: upstreamed.
- debian/patches/hurd-i386/git-ipv6.diff: upstreamed.
- debian/patches/hurd-i386/git-ip_mreqn.diff: upstreamed.
- debian/patches/hurd-i386/git-bootstrap-enable_secure.diff: upstreamed.
- debian/patches/hurd-i386/git-cond-destroy.diff: upstreamed.
- debian/patches/hurd-i386/git-strerror_X.diff: upstreamed.
- debian/patches/hurd-i386/git-xpg_strerror.diff: upstreamed.
- debian/patches/hurd-i386/git-readlink-fifo.diff: upstreamed.
- debian/patches/hurd-i386/git-net-route.h.diff: upstreamed.
- debian/patches/hurd-i386/git-SOMAXCONN.diff: upstreamed.
- debian/patches/hurd-i386/git-sigtimedwait.diff: upstreamed.
- debian/patches/hurd-i386/git-getrandom-chroot.diff: upstreamed.
- debian/patches/hurd-i386/git-mach-headers-freestanding.diff: upstreamed.
- debian/patches/hurd-i386/git-sem_wait_race.diff: upstreamed.
- debian/patches/hurd-i386/local-enable-ldconfig.diff: rebased.
- debian/patches/any/local-ldso-disable-hwcap.diff: removed, obsolete.
- debian/patches/any/local-ldconfig-multiarch.diff: rebased.
- debian/patches/any/git-floatn-gcc-13-support.diff: upstreamed.
- debian/patches/hurd-i386/submitted-net.diff: rebased.
- debian/patches/hurd-i386/local-no-bootstrap-fs-access.diff: removed,
obsolete.
* Stop building libc6.1-alphaev67 package, as support for legacy hwcaps has
been removed upstream:
- debian/control.in/libc: add a conflicts against libc6.1-alphaev67 on
alpha.
- debian/control.in/opt: remove libc6.1-alphaev67 entry.
- debian/patches/alpha/local-string-functions.diff: remove, obsolete.
- debian/rules: drop DEBUG_libc6.1-alphaev67.
- debian/script.in/nohwcap.sh: drop code to support libc6.1-alphaev67.
debian/testsuite-xfail-debian.mk: simplify alpha condition.
* Drop support for optimized packages from the packaging (Closes: #806912):
- debian/control.in/opt: removed.
- debian/rules.d/control.mk: drop support for including control.in/opt.
- debian/script.in/nohwcap.sh: removed.
- debian/rules.d/debhelper.mk: dropped code to include nohwcap.sh.
- debian/debhelper.in/libc.postinst: removed call to nohwcap code.
- debian/debhelper.in/libc.preinst: remove code creating
/etc/ld.so.nohwcap.
- debian/debhelper.in/glibc-source.lintian-overrides: removed otherbuild
entries.
- debian/debhelper.in/libc-otherbuild.*: removed.
* debian/sysdeps/alpha.mk: temporarily build for EV56 until the baseline is
raised at the GCC level.
[ Samuel Thibault ]
* debian/patches/hurd-i386/git-tst-system.diff: Fix tst-system link.
-- Simon Chopin <email address hidden> Tue, 08 Aug 2023 10:12:04 +0200
-
glibc (2.37-0ubuntu2) lunar; urgency=medium
* d/p/u/lp2007599*.patch: add tunables for s390x (LP: #2007599)
* d/p/any/local-ldso-disable-hwcap: fix compilation error (LP: #2006485)
* d/sysdeps/arm64.mk: enable Memory Tagging Extension (MTE) checking on arm64
(LP: #2006739)
* d/control: declare a Breaks on older cyrus-imapd (LP: #2011326)
* d/control: Fix missing version bumps that could cause issues on upgrades
* Cherry-pick patches from upstream maintenance branch:
- 0001-cdefs-Limit-definition-of-fortification-macros.patch
- 0002-LoongArch-Add-new-relocation-types.patch
- 0003-Use-64-bit-time_t-interfaces-in-strftime-and-strptim.patch
- 0004-Account-for-grouping-in-printf-width-bug-30068.patch
- 0005-NEWS-Document-CVE-2023-25139.patch
- 0006-elf-Smoke-test-ldconfig-p-against-system-etc-ld.so.c.patch
- 0007-stdlib-Undo-post-review-change-to-16adc58e73f3-BZ-27.patch
- 0008-elf-Restore-ldconfig-libc6-implicit-soname-logic-BZ-.patch
-- Simon Chopin <email address hidden> Thu, 16 Mar 2023 09:44:01 +0100