Format: 1.8
Date: Thu, 24 Feb 2022 14:42:40 -0500
Source: glibc
Binary: libc-bin libc-dev-bin libc6 libc6-dbg libc6-dev libc6-dev-s390 libc6-pic libc6-s390 libc6-udeb locales-all nscd
Architecture: s390x_translations s390x
Version: 2.31-0ubuntu9.7
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-004.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 libc-bin   - GNU C Library: Binaries
 libc-dev-bin - GNU C Library: Development binaries
 libc6      - GNU C Library: Shared libraries
 libc6-dbg  - GNU C Library: detached debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries
 libc6-pic  - GNU C Library: PIC archive library
 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries
 libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
 locales-all - GNU C Library: Precompiled locale data
 nscd       - GNU C Library: Name Service Cache Daemon
Changes:
 glibc (2.31-0ubuntu9.7) focal-security; urgency=medium
 .
   * SECURITY UPDATE: infinite loop in iconv
     - debian/patches/any/CVE-2016-10228-1.patch: rewrite iconv option
       parsing in iconv/Makefile, iconv/Versions, iconv/gconv_charset.c,
       iconv/gconv_charset.h, iconv/gconv_int.h, iconv/gconv_open.c,
       iconv/iconv_open.c, iconv/iconv_prog.c, iconv/tst-iconv-opt.c,
       iconv/tst-iconv_prog.sh, intl/dcigettext.c.
     - debian/patches/any/CVE-2016-10228-2.patch: handle translation output
       codesets with suffixes in iconv/Versions, iconv/gconv_charset.c,
       iconv/gconv_charset.h, iconv/gconv_int.h, iconv/iconv_open.c,
       iconv/iconv_prog.c, intl/dcigettext.c, intl/tst-codeset.c.
     - CVE-2016-10228
   * SECURITY UPDATE: buffer over-read in iconv
     - debian/patches/any/CVE-2019-25013.patch: fix buffer overrun in EUC-KR
       conversion module in iconvdata/bug-iconv13.c, iconvdata/euc-kr.c,
       iconvdata/ksc5601.h.
     - CVE-2019-25013
   * SECURITY UPDATE: another infinite loop in iconv
     - debian/patches/any/CVE-2020-27618.patch: fix issue in
       iconv/tst-iconv_prog.sh, iconvdata/ibm1364.c.
     - CVE-2020-27618
   * SECURITY UPDATE: DoS via assert in iconv
     - debian/patches/any/CVE-2020-29562.patch: fix incorrect UCS4 inner
       loop bounds in iconv/Makefile, iconv/gconv_simple.c,
       iconv/tst-iconv8.c.
     - CVE-2020-29562
   * SECURITY UPDATE: signed comparison issue in ARMv7 memcpy
     - debian/patches/any/CVE-2020-6096-pre1.patch: add
       support_blob_repeat_allocate_shared in support/blob_repeat.c,
       support/blob_repeat.h, support/tst-support_blob_repeat.c.
     - debian/patches/any/CVE-2020-6096-1.patch: add test case in
       string/Makefile, string/tst-memmove-overflow.c.
     - debian/patches/any/CVE-2020-6096-2.patch: mark test as as XFAIL in
       string/tst-memmove-overflow.c, sysdeps/arm/Makefile.
     - debian/patches/any/CVE-2020-6096-3.patch: fix memcpy and memmove for
       negative length  in sysdeps/arm/memcpy.S, sysdeps/arm/memmove.S.
     - debian/patches/any/CVE-2020-6096-4.patch: fix multiarch memcpy for
       negative length in sysdeps/arm/armv7/multiarch/memcpy_impl.S.
     - debian/patches/any/CVE-2020-6096-5.patch: remove
       string/tst-memmove-overflow XFAIL in sysdeps/arm/Makefile.
     - CVE-2020-6096
   * SECURITY UPDATE: double-free in nscd
     - debian/patches/any/CVE-2021-27645.patch: track live allocation better
       in nscd/netgroupcache.c.
     - CVE-2021-27645
   * SECURITY UPDATE: assertion fail in iconv
     - debian/patches/any/CVE-2021-3326.patch: fix assertion failure in
       ISO-2022-JP-3 module in iconvdata/Makefile, iconvdata/bug-iconv14.c,
       iconvdata/iso-2022-jp-3.c.
     - CVE-2021-3326
   * SECURITY UPDATE: overflow in wordexp via crafted pattern
     - debian/patches/any/CVE-2021-35942.patch: handle overflow in
       positional parameter number in posix/wordexp-test.c, posix/wordexp.c.
     - CVE-2021-35942
   * SECURITY UPDATE: Off-by-one buffer overflow/underflow in getcwd()
     - debian/patches/any/CVE-2021-3999.patch: set errno to ERANGE for
       size == 1 in sysdeps/posix/getcwd.c.
     - CVE-2021-3999
   * SECURITY UPDATE: DoS via long svcunix_create path argument
     - debian/patches/any/CVE-2022-23218-pre1.patch: add the
       __sockaddr_un_set function in include/sys/un.h, socket/Makefile,
       socket/sockaddr_un_set.c, socket/tst-sockaddr_un_set.c.
     - debian/patches/any/CVE-2022-23218.patch: fix buffer overflow in
       sunrpc/svc_unix.c.
     - CVE-2022-23218
   * SECURITY UPDATE: DoS via long clnt_create hostname argument
     - debian/patches/any/CVE-2022-23219.patch: fix buffer overflow in
       sunrpc/clnt_gen.c.
     - CVE-2022-23219
   * debian/rules.d/build.mk: build with --with-default-link=no.
   * This package does _NOT_ contain the changes from (2.31-0ubuntu9.5) in
     focal-proposed.
Checksums-Sha1:
 ea56d96c31dfe6c537f18aae955c307ff9f2a437 11661 glibc_2.31-0ubuntu9.7_s390x.buildinfo
 de412e12b5d3e3428fa0fd7db2c7a897c8102516 1815594 glibc_2.31-0ubuntu9.7_s390x_translations.tar.gz
 66c4feece1f1d72bccc1d336220021b94ab7a76a 2594732 libc-bin-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 e700812f1f3ef70251f346182188554f9089eb46 536788 libc-bin_2.31-0ubuntu9.7_s390x.deb
 712d3370c55ab33b0a7bbd58ccf5393af37675ff 150112 libc-dev-bin-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 182bbff4f6327cde0bcbd82238b92b4f6346a8ba 63180 libc-dev-bin_2.31-0ubuntu9.7_s390x.deb
 eada032cb92d655099c65199950ab5e61b32b194 4809212 libc6-dbg_2.31-0ubuntu9.7_s390x.deb
 814ab555146057f5a9b5e2bd12a877f7324a7848 1594832 libc6-dev-s390_2.31-0ubuntu9.7_s390x.deb
 ad28fe50f92b7f4d6d2667cd9b6bde2022118317 2022824 libc6-dev_2.31-0ubuntu9.7_s390x.deb
 c76bae4fda3ed7af7ef1d39bc8e58c49a6257760 1141328 libc6-pic_2.31-0ubuntu9.7_s390x.deb
 031a54b0c8a11389f0db99759cbc1ac616b86684 9946144 libc6-s390-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 68893763019523b6d27129d13e06e759f6be5c7f 2405960 libc6-s390_2.31-0ubuntu9.7_s390x.deb
 ea347e7fdf439d083c3dca72c6d25ad2bb927530 953224 libc6-udeb_2.31-0ubuntu9.7_s390x.udeb
 defd69cc045865fff5c97699f7ab5c3951242722 2261300 libc6_2.31-0ubuntu9.7_s390x.deb
 c85cf91d12633239f461cc567e559f4df0bb0a04 10867624 locales-all_2.31-0ubuntu9.7_s390x.deb
 8270960534c4dc20357fdb39570b9b4c8b741bdf 320316 nscd-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 616322365adc8388080f58657f18206a94be8d06 69760 nscd_2.31-0ubuntu9.7_s390x.deb
Checksums-Sha256:
 884e9ffb816f0e1ea197409beeb97ebaf3e517bbb869203f36b523dabbfc333b 11661 glibc_2.31-0ubuntu9.7_s390x.buildinfo
 b35769a1573bbf5c0ed2ee65b43ce41392950d4076c5931965b93829bb67fbab 1815594 glibc_2.31-0ubuntu9.7_s390x_translations.tar.gz
 9a1744759c1d875cb2b78da14f8f5b5411167d7d61d6bd29d25aa86a03803bf5 2594732 libc-bin-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 d9d88c1bf061b4ec356b6e79aab9cc5d1d7407100fd65e76b2a4cb3a5b8ac2fa 536788 libc-bin_2.31-0ubuntu9.7_s390x.deb
 6db1d1a003d36d7da970e5ebf276aa41e7e1ddd67fa831aef6d020fb4619c3a9 150112 libc-dev-bin-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 141d7f62c3fcf827a57f73229716d7632975024de1db889fb4d03986b3b97b69 63180 libc-dev-bin_2.31-0ubuntu9.7_s390x.deb
 5ba23838196c8223aa6176839b1217037020cb592060c56def0175d4d8ff8ab8 4809212 libc6-dbg_2.31-0ubuntu9.7_s390x.deb
 b955469603c2475e4dbf93c92466f1769912dafff37fd7db6ecdbc9655877001 1594832 libc6-dev-s390_2.31-0ubuntu9.7_s390x.deb
 a28aa09e917e1c3f4e6c8a9916cd3283fcb8e3e8e4e1b57407c53a93e5dfd48a 2022824 libc6-dev_2.31-0ubuntu9.7_s390x.deb
 b79e1e99b3afafee7dc6d22fee8f1a55527c512744409cba78e7376a88835c73 1141328 libc6-pic_2.31-0ubuntu9.7_s390x.deb
 6d6cc9f885f9423c689ee5456a0b0564ded339ce085c8bdf8a0845cab2139538 9946144 libc6-s390-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 4fabfa024ec7d59dc710e1f186eaed5193a9a53f0623a3a668f2c6d223a9d661 2405960 libc6-s390_2.31-0ubuntu9.7_s390x.deb
 a077b2857683a111ae2df5e775d35ff5aae43dabc66e5e33138167ca4d1fccbf 953224 libc6-udeb_2.31-0ubuntu9.7_s390x.udeb
 3ec4afa7a559d600078d0091f5e67764bb0e5abb1939e3d69e2d9fae2eda2c1c 2261300 libc6_2.31-0ubuntu9.7_s390x.deb
 d806dc50ad0210045a98a1c2438286c8440c465ad2359565bca3a5e0c0e9d39b 10867624 locales-all_2.31-0ubuntu9.7_s390x.deb
 abfc2e21d2650b9f25ff620d33114dbdbd1a20946aca7e8e5d3ff4b850af39f5 320316 nscd-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 f97f9c58df0d661b2dee50bb42534f1b884fddac4fcc6007d98cef0cefd92d56 69760 nscd_2.31-0ubuntu9.7_s390x.deb
Files:
 302ece43b2a7c6665832382afaa729d1 11661 libs required glibc_2.31-0ubuntu9.7_s390x.buildinfo
 67fc18e7cf251883f0fd8baae9fafe6a 1815594 raw-translations - glibc_2.31-0ubuntu9.7_s390x_translations.tar.gz
 582f5bfee500ab42f8bd473e040806e4 2594732 debug optional libc-bin-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 0b02188fd98e5ce2f096bdd32f1f63ed 536788 libs required libc-bin_2.31-0ubuntu9.7_s390x.deb
 ef46fa310ee60c678f113d1a5d2a388d 150112 debug optional libc-dev-bin-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 b9266a0dcd646c5f78a4a76ec809e1c3 63180 libdevel optional libc-dev-bin_2.31-0ubuntu9.7_s390x.deb
 94c1b1c9277b0273b9ad57b88d9e6d5e 4809212 debug optional libc6-dbg_2.31-0ubuntu9.7_s390x.deb
 89cd66cf4cf1d5c10ace9a04aac0e3e7 1594832 libdevel optional libc6-dev-s390_2.31-0ubuntu9.7_s390x.deb
 8ddbcc15b88ab335bb623f43091e6d35 2022824 libdevel optional libc6-dev_2.31-0ubuntu9.7_s390x.deb
 142fafb0f2dd1b33faa3f8332cafe830 1141328 libdevel optional libc6-pic_2.31-0ubuntu9.7_s390x.deb
 da386aadb122675da8e3c4f2db95a73f 9946144 debug optional libc6-s390-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 89ec0bd6f325a203197b15093936ef0a 2405960 libs optional libc6-s390_2.31-0ubuntu9.7_s390x.deb
 eca003a49b5fad8487a0922130fbe39e 953224 debian-installer optional libc6-udeb_2.31-0ubuntu9.7_s390x.udeb
 a2eebc8a58ba706a5c1d480a7e589076 2261300 libs optional libc6_2.31-0ubuntu9.7_s390x.deb
 69bb771b8afcf83e7423e20b6742361a 10867624 localization optional locales-all_2.31-0ubuntu9.7_s390x.deb
 a7e9370411bf291ae606a9ecc1311001 320316 debug optional nscd-dbgsym_2.31-0ubuntu9.7_s390x.ddeb
 5345a698400834989747f760b94a51dc 69760 admin optional nscd_2.31-0ubuntu9.7_s390x.deb
Original-Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Original-Vcs-Browser: https://salsa.debian.org/glibc-team/glibc
Original-Vcs-Git: https://salsa.debian.org/glibc-team/glibc.git