-
glibc (2.30-0ubuntu2.2) eoan-security; urgency=medium
* SECURITY UPDATE: ASLR bypass
- debian/patches/any/CVE-2019-19126.patch: check __libc_enable_secure
before honoring LD_PREFER_MAP_32BIT_EXEC in
sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h.
- CVE-2019-19126
* SECURITY UPDATE: out-of-bounds write on PowerPC
- debian/patches/any/CVE-2020-1751.patch: fix array overflow in
backtrace on PowerPC in debug/tst-backtrace5.c,
sysdeps/powerpc/powerpc32/backtrace.c,
sysdeps/powerpc/powerpc64/backtrace.c.
- CVE-2020-1751
* SECURITY UPDATE: use-after-free via tilde expansion
- debian/patches/any/CVE-2020-1752.patch: fix use-after-free in glob
when expanding ~user in posix/glob.c.
- CVE-2020-1752
* SECURITY UPDATE: stack overflow via 80-bit long double function
- debian/patches/any/CVE-2020-10029-1.patch: avoid ldbl-96 stack
corruption from range reduction of pseudo-zero in
sysdeps/ieee754/ldbl-96/Makefile,
sysdeps/ieee754/ldbl-96/e_rem_pio2l.c,
sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c.
- debian/patches/any/CVE-2020-10029-2.patch: use stack protector only
if available in sysdeps/ieee754/ldbl-96/Makefile.
- CVE-2020-10029
-- Marc Deslauriers <email address hidden> Thu, 04 Jun 2020 13:19:08 -0400
-
glibc (2.30-0ubuntu2.1) eoan; urgency=medium
* Cherrypick upstream fix for strstr on s390x z15. LP: #1854326
-- Dimitri John Ledkov <email address hidden> Fri, 29 Nov 2019 14:19:57 +0000
-
glibc (2.30-0ubuntu2) eoan; urgency=medium
* Merge with current Debian git, bringing in container-based testsuite fix:
- debian/patches/any/local-test-install.diff: Use install_root rather than
DESTDIR when installing container root, since we override install_root.
* debian/patches/ubuntu/local-pldd-root.diff: Run tst-pldd as root to get us
CAP_SYS_PTRACE, which is disabled by default in Ubuntu for non-root users.
-- Adam Conrad <email address hidden> Mon, 16 Sep 2019 08:56:30 -0600
-
glibc (2.30-0ubuntu1) eoan; urgency=medium
* Merge with current 2.30 in Debian git (LP: #1842024), remaining changes:
- Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel.
- Heavily mangle the way we do service restarting on major upgrades.
- Build i386 variants as -march=i686, build amd64 with -O3, and build
ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize.
- Build generic i386 flavour with -mno-tls-direct-seg-refs for Xen.
- Drop the libc6-xen flavour, as the above change covers Xen's needs.
- Enable systemtap support, which is currently disabled in Debian.
- Don't build libc-l10n, its contents get stripped for language-packs.
- Drop libc-bin manpages Recommends to Suggests to keep it in standard.
- Revert dropping the ldconfig wrapper, as we still have a lot of
packages that don't ship a trigger but instead call in postinst.
- Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
- Mangle locales package to support Ubuntu language packs seamlessly.
- Relax some expected test failures for our infrastructure's quirks.
* Let nptl/tst-stack4 fail, as it's been racing on several architectures.
glibc (2.30-0experimental0) UNRELEASED; urgency=medium
[ Adam Conrad ]
* New upstream release 2.30, with git updates up to 2019-08-28:
- debian/symbols.wildcard: Add 2.30, and debian/control: Regenerate.
- debian/patches/any/git-libio-stdout-putc.diff: Upstreamed.
- debian/patches/any/git-pexpect-pretty-printers.diff: Upstreamed.
- debian/patches/any/git-socket-constants.diff: Upstreamed.
- debian/patches/any/local-tst-eintr1-eagain.diff: Obsolete.
- debian/patches/hurd-i386/git-renameat2.diff: Upstreamed.
- debian/patches/any/submitted-resolv-unaligned.diff: Rebased.
- debian/patches/hurd-i386/tg-hurdsig-SA_SIGINFO.diff: Rebased.
- debian/patches/hurd-i386/tg-hurdsig-fixes-2.diff: Rebased.
- debian/patches/hurd-i386/tg-hurdsig-fixes.diff: Rebased.
- debian/patches/hurd-i386/tg-hurdsig-global-dispositions.diff: Rebased.
- debian/patches/hurd-i386/tg-io_select_timeout.diff: Rebased.
- debian/patches/hurd-i386/tg-thread-cancel.diff: Rebased.
- debian/patches/kfreebsd/submitted-auxv.diff: Rebased.
- debian/patches/locale/locale-print-LANGUAGE.diff: Update for new test.
[ Samuel Thibault ]
* debian/patches/hurd-i386/local-fix-nss.diff: Rebased.
* debian/patches/hurd-i386/{tg-single-select-timeout.diff,tg-setitimer.diff,
tg-remap_getcwd.diff,tg-io_select_timeout.diff,tg-poll_errors_fixes.diff,
submitted-anon-mmap-shared.diff,tg-ONSTACK.diff}: Rename to git-foo,
commited upstream for 2.31.
glibc (2.29-0experimental1) experimental; urgency=medium
[ Aurelien Jarno ]
* debian/patches/hurd-i386/submitted-net.diff: rebase.
* debian/patches/hurd-i386/local-fix-nss.diff: rebase.
* debian/patches/git-updates.diff: update from upstream stable branch:
- Fix math tests on hppa.
* debian/testsuite-xfail-debian.mk: XFAIL two new tests on HPPA that are
due to a bug in the testsuite, reported upstream.
* debian/sysdeps/sparc64.mk: disable PIE on sparc64 as it produces broken
binaries, causing issues in the testsuite.
* debian/sysdeps/alpha.mk, debian/control.in/main: build with gcc-8 on alpha
as gcc-9 introduces math errors in the testsuite.
-- Adam Conrad <email address hidden> Thu, 29 Aug 2019 04:14:59 -0600
-
glibc (2.29-0ubuntu3) eoan; urgency=medium
* debian/sysdeps/{amd64/i386/x32}.mk: Enable Intel Control Flow
Integrity to fix FTFBS since this is now default in gcc. LP: #1833067.
-- Alex Murray <email address hidden> Mon, 03 Jun 2019 21:55:06 +0930
-
glibc (2.29-0ubuntu2) disco; urgency=medium
* debian/patches/git-updates.diff: Update from upstream stable branch,
including "S390: Mark vx and vxe as important hwcap" (LP: #1821200)
* debian/testsuite-xfail-debian.mk: XFAIL new tst-nss-test3 for disco.
* debian/debhelper.in/libc.postinst: Only restart services once each.
* debian/patches/arm/unsubmitted-ldso-abi-check.diff: Fix rtld segv in
dl_open() introduced via merge with upstream at 2.28 (LP: #1821677)
* debian/testsuite-xfail-debian.mk: XFAIL new tst-support_descriptors.
-- Adam Conrad <email address hidden> Sun, 07 Apr 2019 14:12:24 -0600