-
eglibc (2.13-0ubuntu13.2) natty-security; urgency=low
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/any/CVE-2012-3404.patch: Fix allocation when
handling positional parameters in printf.
- CVE-2012-3404
* SECURITY UPDATE: buffer overflow in vfprintf handling
- debian/patches/any/CVE-2012-3405.patch: fix extension of array
- CVE-2012-3405
* SECURITY UPDATE: stack buffer overflow in vfprintf handling
(LP: #1031301)
- debian/patches/any/CVE-2012-3406.patch: switch to malloc when
array grows too large to handle via alloca extension
- CVE-2012-3406
* SECURITY UPDATE: stdlib strtod integer/buffer overflows
- debian/patches/any/CVE-2012-3480.patch: rearrange calculations
and modify types to void integer overflows
- CVE-2012-3480
-- Steve Beattie <email address hidden> Thu, 20 Sep 2012 15:45:17 -0700
-
eglibc (2.13-0ubuntu13.1) natty-security; urgency=low
* SECURITY UPDATE: timezone header parsing integer overflow (LP: #906961)
- debian/patches/any/glibc-CVE-2009-5029.patch: Check values from
TZ file header
- CVE-2009-5029
* SECURITY UPDATE: /etc/mtab corruption denial of service
- debian/patches/any/glibc-CVE-2011-1089.patch: Report write
error in addmnt even for cached streams
- CVE-2011-1089
* SECURITY UPDATE: ld.so insecure handling of privileged programs'
RPATHs with $ORIGIN
- debian/patches/any/glibc-CVE-2011-1658.patch: improve handling of
RPATH and ORIGIN
- CVE-2011-1658
* SECURITY UPDATE: fnmatch integer overflow
- debian/patches/any/glibc-CVE-2011-1659.patch: check size of
pattern in wide character representation
- CVE-2011-1659
* SECURITY UPDATE: DoS in RPC implementation (LP: #901716)
- debian/patches/any/glibc-CVE-2011-4609.patch: nanosleep when too
many open fds is detected
- CVE-2011-4609
* SECURITY UPDATE: vfprintf nargs overflow leading to FORTIFY
check bypass
- debian/patches/any/glibc-CVE-2012-0864.patch: check for integer
overflow
- CVE-2012-0864
-- Steve Beattie <email address hidden> Mon, 05 Mar 2012 17:14:28 -0800
-
eglibc (2.13-0ubuntu13) natty; urgency=low
* debian/sysdeps/linux.mk: detect when linux-libc-dev has moved its
headers to the multiarch dir, and create the symlink to the right place
so we can find those headers for building. LP: #750585.
-- Steve Langasek <email address hidden> Mon, 11 Apr 2011 02:15:33 -0700
-
eglibc (2.13-0ubuntu12) natty; urgency=low
* For memcpy-ssse3, enable chk symbols in static builds. LP: #726802.
* Disable the memcpy multiarch implementaiton on x86_64. LP: #727064.
* Merge from Debian:
- Add patches/i386/cvs-cacheinfo.diff to fix empty LEVEL*CACHE* getconf()
entries for some CPU. Closes: #609389.
-- Matthias Klose <email address hidden> Tue, 05 Apr 2011 10:54:32 +0200
-
eglibc (2.13-0ubuntu11) natty; urgency=low
* debian/rules.d/build.mk: when building 32-bit biarch libraries for
64-bit archs, ship an /etc/ld.so.conf/biarch.conf config snippet adding
/lib32,/usr/lib32 to the path; these are already included in the path
for the biarch build itself, but the biarch ld.so may be Replaced: by
the multiarch libc which does not have built-in support for these
non-standard paths.
* debian/rules.d/debhelper.mk: the ld.so.conf snippet isn't included in
all of the alternate libc builds, only in libc6-i386 and libc6-powerpc;
so we add this by hand to the dh_install invocation for these packages.
LP: #741949.
* debian/debhelper.in/libc.preinst: don't restart kdm on upgrade. It may
no longer be required, and in any case the restart will break running
sessions so we want to avoid this for beta1. LP: #744944.
eglibc (2.13-0ubuntu10) natty; urgency=low
* Provide compatibility symlinks for .o files in /usr/lib. LP: #744908.
* debian/control.in/libc: Remove the Multi-Arch: same attribute.
-- Steve Langasek <email address hidden> Tue, 29 Mar 2011 23:15:42 -0700
-
eglibc (2.13-0ubuntu9) natty; urgency=low
* Update to r13241 from the eglibc-2.13 branch.
* Create ARM unwind records for system call stubs (Ulrich Weigand).
LP: #684218.
-- Matthias Klose <email address hidden> Wed, 23 Mar 2011 00:35:13 +0100
-
eglibc (2.13-0ubuntu8) natty; urgency=low
* debian/rules.d/debhelper.mk: when doing a stage1 build, all our files are
in /lib, not in $slibdir (which is not the same thing under multiarch).
* debian/sysdeps/armhf.mk: use /lib/$(DEB_HOST_MULTIARCH) for rtlddir, so
that we avoid a file conflict with the armel libc and armel+armhf can
be multiarch-coinstallable.
* debian/control.in/libc, debian/control.in/main: make multiarch-support a
real package depending on the native libc; this eliminates the problem
of a circular depends/pre-depends loop never permitting apt to install
the base libraries for any foreign architecture. We still have the
dependency loop for the native architecture, which is safe (and needs to
be enforced!), but whenever a package is installed non-native, it's ok
to bypass this requirement (which is effectively what we're doing by
making multiarch-support Multi-Arch: foreign), because none of the
concerned library packages are installable at all unless a Multi-Arch:
same libc6 is available.
-- Steve Langasek <email address hidden> Mon, 21 Mar 2011 01:39:32 -0700
-
eglibc (2.13-0ubuntu7) natty; urgency=low
* debian/patches/any/local-ldconfig-system-dirs.diff: make ldconfig
use the built-in system paths. Closes LP: #736932.
-- Steve Langasek <email address hidden> Thu, 17 Mar 2011 16:01:07 -0700
-
eglibc (2.13-0ubuntu6) natty; urgency=low
* Build for multiarch. FFe LP: #733501.
[ Aurelien Jarno ]
* Use the multiarch path for the native version and optimized flavors, and
mark these packages as Multi-Arch: same.
* patches/any/local-ld-multiarch.diff: add the multiarch compat dir
instead of the multiarch dir.
* Simplify the creation of /etc/ld.so.conf.d/<triplet>.conf.
* Install a symlink ABI -> multiarch path.
[ Steve Langasek ]
* build-depend on the multiarch dpkg-dev.
* debian/control.in/libc: add 'multiarch-support' provide.
* debian/control.in/libc: make the main multiarch main libc replace the
biarch or triarch libc-foo package of the *corresponding* architecture;
this gives us a libc6:i386 package that Replaces libc6-i386, since both
packages contain the same linker and we want multiarch to take
precedence.
* Use globbing in lintian overrides instead of directory names, so that we
can use an architecture-agnostic override file.
* debian/debhelper.in/libc.preinst, debian/debhelper.in/libc.prerm:
remove the ld.so.cache when upgrading from or downgrading to a
pre-multiarch version; otherwise maintainer scripts start segfaulting
immediately, and dpkg will entertainingly roll back the libc upgrade.
* debian/rules.d/build.mk: populate /etc/ld.so.conf.d with the
$(DEB_HOST_MULTIARCH) paths, but also include $(DEB_HOST_GNU_TYPE) paths
if this is a different triplet to ensure backwards-compatibility with
packages already using the multiarch paths (on i386)
* Remove spurious debian/control.in/libc?* files from the source package,
since their presence caused the latest build to be Multi-Arch: no
* Include $rtlddir in the debhelper substitution rules
-- Steve Langasek <email address hidden> Tue, 15 Mar 2011 19:50:48 -0700
-
eglibc (2.13-0ubuntu5) natty; urgency=low
* Enable SSE2 memset for AMD's upcoming Orochi processor and bugfix.
LP: #735020.
-- Matthias Klose <email address hidden> Mon, 14 Mar 2011 21:35:41 +0100
-
eglibc (2.13-0ubuntu4) natty; urgency=low
* Merge with Debian (r4564, 2.13 branch).
* Merge Debian 2.11.2-12.
- Fix a typo in debian/patches/any/local-rtld.diff. Closes: #615806.
* Merge Debian 2.11.2-13.
[ Aurelien Jarno ]
- Re-enable build failure in case of testsuite regressions.
- Add patches/any/cvs-fnmatch-alloca.patch from upstream to fix a
memory corruption in fnmatch() that can lead to code execution.
Closes: #615120.
- Add patches/any/cvs-qsort-race.diff from upstream to fix race in
qsort_r(). Closes: #614892.
[ Samuel Thibault ]
- patches/any/submitted-sched_h.diff: Synchronize bits/sched.h with
sysdeps/unix/sysv/linux/bits/sched.h (Closes: #527589), rename to
cvs-sched_h.diff.
- patches/hurd-i386/cvs-if_freereq.diff: Fix crash when siocgifconf
actually succeeds.
[ Clint Adams ]
- Patch from Nobuhiro Iwamatsu to cope with the removal of
patch --unified-reject-files. closes: #612540.
[ Steve Langasek ]
- Merge parts of multiarch patch:
- Use the correct path in the ldd script as well
- Set default rtlddir to /lib and override it when needed.
- Install xen library in $(libdir)/xen instead of /usr/lib/xen.
* On ppc64, build with -O3 -fno-tree-vectorize.
* Update to r13065 from the eglibc-2.13 branch.
- debian/patches/any/cvs-rtld-prelink.diff: Remove, applied upstream.
- debian/patches/ppc64/submitted-loader-no-vsx.diff: Likewise.
* Re-enable the upstream change:
2010-06-02 Kirill A. Shutemov <email address hidden>
* elf/dl-reloc.c: Flush cache after solving TEXTRELs if arch
requires it.
Working OpenJDK ARM assembler interpreter. LP: #605042.
-- Matthias Klose <email address hidden> Tue, 08 Mar 2011 00:47:30 +0100
-
eglibc (2.13-0ubuntu3) natty; urgency=low
[ Matthias Klose ]
* Add expected test results for ppc64.
[ Dave Gilbert ]
* debian/patches/arm/local-linaro-cortex-strings.diff:
- ports/sysdeps/arm/memchr.S: Import fast multibyte memchr optimised
for ARM v7 from linaro cortex-strings bzr repo.
- ports/sysdeps/arm/strchr.S: Import simple strchr optimised for
ARM v7 from linaro cortex-strings bzr repo.
-- Matthias Klose <email address hidden> Thu, 24 Feb 2011 07:37:20 +0100
-
eglibc (2.13-0ubuntu2) natty; urgency=low
* Apply upstream patch to fix prelinking.
-- Colin Watson <email address hidden> Wed, 23 Feb 2011 03:36:25 +0000
-
eglibc (2.13-0ubuntu1) natty; urgency=low
* Upload to natty, fixing ld.so assertion on many programs (LP: #721469).
* Replace ppc64/local-loader-no-vsx.diff with submitted version from Ryan
S. Arnold.
-- Colin Watson <email address hidden> Fri, 18 Feb 2011 23:43:05 +0000
-
eglibc (2.13~pre1-0ubuntu1) natty; urgency=low
* Generate 2.13 tarball based on r12879/2.13 branch.
* Merge Debian 2.11.2-8 - -11.
* patches/kfreebsd/local-sysdeps.diff: remove stub marks for at*
syscalls as we don't support FreeBSD 7.x kernels anyway. Closes:
#610749.
* Add patches/amd64/cvs-avx-tcb-alignment.diff from upstream to fix
alignement issues on CPU supporting the AVX instruction set. Closes:
#610657.
* Disable build failure in case of testsuite regressions, will be
re-enabled after squeeze release.
* Japanese debconf translation update from Nobuhiro Iwamatsu.
closes: #604752.
* Add expected gettext failure on hurd-i386.
* Update patches/localedata/locale-et_EE.diff to switch Estonian currency
to euro. Closes: #608803.
* Revert incorrect upstream patch for CVE-2010-3847 and use the correct
set of patches:
- Remove patches/any/submitted-origin.diff
- Add patches/any/cvs-dont-expand-dst-twice.diff
- Add debian/patches/any/cvs-ignore-origin-privileged.diff
- Keep debian/patches/any/cvs-audit-suid.diff
* Merge with Debian (r4525, 2.13 branch).
eglibc (2.13-0exp1) experimental; urgency=low
[ Aurelien Jarno ]
* New upstream release:
- Fix spurious warning in bswap_16() with -Wconversion. Closes:
#561249.
- Add back support for m68k. Closes: #446503, #601126.
- Add support for NTP API 4. Closes: #558314.
- Fix memchr() on alpha. Closes: #521737.
- Add optimized string functions via STT_GNU_IFUNC on PowerPC. Closes:
#408959.
- Provide POSIX2008 compliant futimens(). Closes: #563724.
- Fix auxilary cache file creation. Closes: 588218.
- Fix POSIX2008 compliance. Closes: #610824.
- Update patches/locale/locale-print-LANGUAGE.diff.
- Update patches/localedata/sort-UTF8-first.diff.
- Remove patches/localedata/submitted-pt_BR.diff (merged upstream).
- Update patches/localedata/locale-et_EE.diff (partially merged upstream).
- Remove patches/localedata/locale-es_CR.diff (merged upstream).
- Update patches/localedata/locales-fr.diff.
- Update patches/localedata/tailor-iso14651_t1.diff.
- Remove patches/localedata/fr_BE-first_weekday.diff (merged upstream).
- Update localedata/first_weekday.diff.
- Remove patches/alpha/submitted-dl-procinfo.diff (merged upstream).
- Remove patches/alpha/submitted-fpu-round.diff (merged upstream).
- Remove patches/alpha/submitted-asm-memchr.diff (merged upstream).
- Remove patches/alpha/submitted-sock_nonblock.diff (merged upstream).
- Remove patcheS/alpha/submitted-epoll.diff (merged upstream).
- Remove patches/alpha/cvs-timer_settime.diff (merged upstream).
- Remove patches/alpha/submitted-PTR_MANGLE.diff (obsolete).
- Remove patches/alpha/local-fcntl_h.diff (obsolete).
- Remove patches/alpha/local-longjmp-chk.diff (obsolete).
- Remove patches/alpha/submitted-fdatasync.diff (obsolete).
- Remove patches/amd64/cvs-avx-tcb-alignment.diff (merged upstream).
- Remove patches/arm/local-no-hwcap.diff (merged upstream).
- Remove patches/arm/local-hwcap-updates.diff (merged upstream).
- Remove patches/hppa/cvs-nptl-compat.diff (merged upstream).
- Update patches/hppa/local-stack-grows-up.diff.
- Remove patches/hppa/cvs-vfork.diff (merged upstream).
- Remove patches/hurd-i386/submitted-rtld_lock_recursive.diff (merged
upstream).
- Remove patches/hurd-i386/cvs-getcwd.diff (merged upstream).
- Remove patches/hurd-i386/cvs-setsid.diff (merged upstream).
- Remove patches/hurd-i386/cvs-linkat.diff (merged upstream).
- Remove patches/hurd-i386/cvs-ttyname.diff (merged upstream).
- Remove patches/hurd-i386/cvs-getnprocs.diff (merged upstream).
- Remove patches/hurd-i386/cvs-select.diff (merged upstream).
- Remove patches/hurd-i386/cvs-sched_param.diff (merged upstream).
- Remove patches/hurd-i386/cvs-sendmsg-leak.diff (merged upstream).
- Update patches/i386/local-pthread_cond_wait.diff.
- Remove patches/m68k/cvs-define-m68k-tls-relocations.patch (merged
upstream).
- Remove patches/m68k/cvs-tls-support.patch (merged upstream).
- Remove patches/m68k/cvs-versions-def-2-12.patch (merged upstream).
- Remove patches/mips/cvs-mips-atomic_h.diff (merged upstream).
- Remove patches/mips/cvs-non-pic-n32-64-syscall.diff (merged upstream).
- Remove patches/s390/cvs-makecontext.diff (merged upstream).
- Update patches/s390/submitted-nexttowardf.diff.
- Remove patches/sh4/local-fpscr_values.diff (merged upstream).
- Remove patches/sh4/submitted-set_fpscr.diff (merged upstream).
- Remove patches/sparc/cvs-sparcv9-memchr.diff (merged upstream).
- Remove patches/sparc/submitted-epoll.diff (merged upstream).
- Remove patches/sparc/submitted-msgrcv.diff (merged upstream).
- Update patches/any/local-ldso-disable-hwcap.diff.
- Remove patches/any/local-ntp-update.diff (obsolete).
- Update patches/any/local-no-pagesize.diff.
- Update patches/any/submitted-longdouble.diff.
- Remove patches/any/cvs-resolv-bindv6only.diff (merged upstream).
- Remove patches/any/cvs-futimens.diff (merged upstream).
- Remove patches/any/cvs-malloc_info-init.diff (merged upstream).
- Remove patches/any/cvs-stat-issock.diff (merged upstream).
- Remove patches/any/cvs-remove.diff (merged upstream).
- Remove patches/any/cvs-getaddrinfo.diff (merged upstream).
- Remove patches/any/cvs-umount-nofollow.diff (merged upstream).
- Remove patches/any/cvs-glob.diff (merged upstream).
- Remove patches/any/cvs-flush-cache-textrels.diff (merged upstream).
- Remove patches/any/submitted-group_member.diff (merged upstream).
- Remove patches/any/cvs-redirect-throw.diff (merged upstream).
- Remove patches/any/cvs-__block.diff (merged upstream).
- Remove patches/any/cvs-sunrpc-license.diff (merged upstream).
- Remove patches/any/submitted-resolv.conf-thread.diff (merged upstream).
- Remove patches/any/cvs-audit-suid.diff (merged upstream).
- Remove patches/any/cvs-dont-expand-dst-twice.diff (merged upstream).
- Remove patches/any/cvs-ignore-origin-privileged.diff (merged upstream).
- Remove patches/any/submitted-etc-resolv.conf.diff (obsolete).
- Update patches/any/submitted-bits-fcntl_h-at.diff.
- Remove patches/any/submitted-nis-shadow.diff (obsolete).
- Remove patches/any/submitted-futex_robust_pi.diff (obsolete).
- Update patches/kfreebsd/local-readdir_r.diff.
* debian/sysdeps/*.mk, debhelper.in/libc.preinst: bump minimal Linux
kernel version to 2.6.26, and minimal FreeBSD kernel version to
8.0.0. Closes: #610475.
* Add /etc/default/nss.
* Add patches/all/local-nis-shadow.diff to change default value of
ADJUNCT_AS_SHADOW to TRUE. This avoid NIS password leakage
(CVE-2010-0015), but can be changed to FALSE to accomomdate some
NIS installations. Closes: #566297, #566844.
* kfreebsd/local-sysdeps.diff, kfreebsd/local-linuxthreads29.diff:
update to revision 3262 (from glibc-bsd) Closes: #602776.
* debian/rules: split build-indep and build-arch targets. Closes:
#611926.
* sysdeps/sparc.mk, sysdeps/sparc64.mk: build with --enable-multi-arch.
* sysdeps/powerpc.mk, sysdeps/ppc64.mk: build with --enable-multi-arch.
* Drop libc6-sparcv9b package on sparc/sparc64, optimizations are now
done through multi-arch (STT_GNU_IFUNC).
* Add patches/localedata/locale-C.diff to create a C locale.
* Build and install the C locales in libc-bin. Closes: #609306.
* Bump to Standards-Version 3.9.1 (no changes).
* Add patches/submitted-rwlock-stack-imbalance.diff to fix regression
in pthread_rwlock_timedrdlock() and pthread_rwlock_timedwrlock().
* Whitelist tst-makecontext3.out test on ia64, as it is new and can't
succeed on this architecture.
* debian/quiltrc: use new option "--reject-format=unified" instead of
"--unified-reject-files". Closes: #612540.
* Build depends on binutils (>= 2.21) on sparc and sparc64 to gain
STT_GNU_IFUNC support.
* Add patches/any/submitted-ldsodefs_rtld_debug.diff to fix
EGLIBC_RTLD_DEBUG support on non NPTL systems.
[ Samuel Thibault ]
* Add patches/any/cvs-glro_dl_debug_mask.diff to fix build without
EGLIBC_RTLD_DEBUG support.
* Add patches/hurd-i386/cvs-header-prot.diff,
patches/hurd-i386/cvs-psiginfo.diff, and
patches/hurd-i386/local-ptsname.diff to fix hurd-i386 build.
* Update expected hurd-i386 failures with new tests.
-- Matthias Klose <email address hidden> Fri, 18 Feb 2011 12:05:45 +0100
-
eglibc (2.12.1-0ubuntu16) natty; urgency=low
* ppc64/local-loader-no-vsx.diff: Build ppc64 ld.so with -mno-vsx, since
otherwise it tries to load a constant from the TOC before the TOC
reference has been relocated.
* any/submitted-sys-uio-vector.diff: Add patch from Petr Baudis to avoid a
clash with Altivec.
-- Colin Watson <email address hidden> Tue, 15 Feb 2011 09:32:49 +0000
-
eglibc (2.12.1-0ubuntu15) natty; urgency=low
* Drop dependencies on findutils, obsolete post-lucid.
-- Steve Langasek <email address hidden> Wed, 09 Feb 2011 15:13:13 -0800
-
eglibc (2.12.1-0ubuntu14) natty; urgency=low
[ Matthias Klose ]
* Call locale-gen --purge when updating from eglibc-2.11.x. LP: #504198.
-- Colin Watson <email address hidden> Fri, 28 Jan 2011 13:31:14 +0000
-
eglibc (2.12.1-0ubuntu13) natty; urgency=low
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/any/submitted-origin.diff: refresh with new
proposed solution, avoiding iconv issues (LP: #701783).
-- Kees Cook <email address hidden> Tue, 11 Jan 2011 22:45:54 -0800
-
eglibc (2.12.1-0ubuntu12) natty; urgency=low
* do not run 'telinit u' on upgrade, as this will break upstart.
touch /var/run/init.upgraded instead, which will force a re-exec just
before remounting root read-only. LP: #672177, LP: #694772.
-- Clint Byrum <email address hidden> Mon, 03 Jan 2011 10:17:18 -0800
-
eglibc (2.12.1-0ubuntu11) natty; urgency=low
* Update to the eglibc 2.12 branch (r12365).
- Fix alignment of AVX safe area on x86_64, issue #12113. LP: #662511.
- Fix issue #12159, x86-64 strchr propagation of search byte into all bytes
of SSE register. (LP: #615953)
- any/cvs-audit-suid.diff, any/cvs-getlogin_r-error-handling-1.patch,
any/cvs-getlogin_r-error-handling-2.patch, any/cvs-issue12092.diff,
any/cvs-getlogin_r-error-handling-3.patch, any/cvs-issue12113.diff,
any/cvs-issue11968.diff: Remove, merged upstream.
- any/cvs-dst-expansion-fix.diff, any/submitted-etc-resolv.conf.diff,
locale/locale-print-LANGUAGE.diff: Updated.
* Sort changelog entries with bzr-builddeb's merge_changelog to help merging
with Debian; update Debian changelog entries to their latest version, and
drop Debian changelog entries which aren't in the unstable changelog; this
keeps the diff between Debian unstable's changelog and Ubuntu's changelog
minimal (only Ubuntu entries) and makes it easier to review new Debian
changes.
* Copy binutils [mips mipsel] build-dep to minimize delta with Debian's
build-deps.
* Drop Vcs-Bzr; this package is now maintained in lp:ubuntu/eglibc.
* Drop version in texinfo build-dep; this is satisfied even in dapper.
* Move belocs-locales-bin conflicts around to lower the diff with Debian's
control.
* Copy Debian's libc6-dev-i386 Conflicts with libc6-i386 (<= 2.9-18) for
some older upgrades; this seems to apply to Ubuntu as well, and reduces
the delta with Debian just a bit. libc6-dev-i386 is not a commonly
installed package, and this is satisfied in lucid and later anyway, so it
shouldn't make upgrades harder, except if people use backports.
* Drop debian/control.in/libc0.1, libc0.3, libc6, and libc6.1 (these are
automatically generated) after confirming that generating them results in
the same data.
* Drop debian/debhelper.in/glibc-doc.docs; ChangeLog* is already listed in
debian/debhelper.in/glibc-doc.install.
* Drop debian/debhelper.in/libc-alt-dev.postinst as it only helps powerpc
upgrades from dapper versions which aren't supported on powerpc anymore.
* debian/debhelper.in/libc.postinst: drop inconsistent quotes around 2.12.
* debian/local/manpages/gencat.1, iconvconfig.8, mtrace.1: revert differing
RCS timestamps.
* debian/patches/series: drop reference to changelog version with respect to
local-ipv6-lookup.diff as the reference is bogus.
* Drop debian/patches/alpha/submitted-getsysstats.diff,
submitted-includes.diff, submitted-lowlevellock.diff,
submitted-procfs_h.diff; these should have been dropped in earlier merges
as they are not applied anymore and were dropped from Debian.
* Drop commented-out hppa/* lines from patches/series to be consistent with
how other arches were handled.
* debian/sysdeps/amd64.mk: symlink ld-linux with the same rune as Debian.
* Drop changes to debian/sysdeps/hurd.mk; Ubuntu doesn't build for Hurd.
* Remove debian/wrapper/objcopy; was dropped in Debian already.
* Add debian/ubuntu-changes trying to document all Debian -> Ubuntu
changes, albeit some remain obscure.
* Merge Debian 2.11.2-3.
- Drop new sparc/hurd/kfreebsd etc. patches from series.
- Replace any/submitted-etc-resolv.conf.diff by upstream version
patches/any/cvs-etc-resolv.conf.diff.
- Remaining changes are listed in debian/ubuntu-changes.
- Prefix "Embedded" to binary packages' short descriptions;
Debian #587586.
- debian/control.in/libc: conflicts with prelink (<< 0.0.20090925) as
earlier versions corrupts libc 2.11+ libraries; Debian #593966.
- Look for apache2.2-common instead of apache2-common in nsscheck;
Debian #586527.
- Always try to restart init when needed, and ignore the possible errors;
Debian #588922, #590175.
- Add localedata/locale-tt_RU.diff from upstream to fix the name of the
tt_RU.UTF-8@iqtelif locale; Debian #588478.
- Update Galician debconf translation, by Jorge Barreiro; Debian #592807.
* debian/control.in/opt, debian/control: Use ${binary:Version} instead of
${Source-Version} for sparc flavors.
* Merge Debian 2.11.2-4.
- Drop new patches/hurd-i386/submitted-sched_param.diff from series.
- Remove manpages now provided by manpages-dev; Debian #595194);
LP: #669361.
* Merge Debian 2.11.2-5.
- Replace any/cvs-etc-resolv.conf.diff with previous version
any/submitted-etc-resolv.conf.diff; Debian #595269.
- Update any/cvs-sunrpc-license.diff from upstream.
* Merge Debian 2.11.2-6.
- Update Arabic debconf translation, by Ossama Khayat; Debian #596161.
- update-locale: if LANGUAGE is not compatible with the selected default
locale, emit a warning and disable it instead of failing;
Debian #596695.
- Add armhf support; Debian #596804.
- any/submitted-resolv.conf-thread.diff: new patch to correctly reload
resolv.conf for all threads; Debian #596499.
* Merge Debian 2.11.2-7.
- Update Portuguese debconf translation, by Pedro Ribeiro; Debian #597348.
- Don't add any/submitted-origin.diff as we have
any/dst-expansion-fix.diff already.
- Add any/cvs-audit-suid.diff to only load SUID audit objects in SUID
binaries. Fix CVE-2010-3847. Debian #600667.
- Update Catalan debconf translation, by Jordi Mallach; Debian #601085.
- Update Vietnamese debconf translation, by Clytie Siddall;
Debian #601531.
- Add arm/local-sigaction.diff to match sigaction with SA_RESTORER
behaviour with other architectures; Debian #595403.
[ Matthias Klose ]
* any/cvs-at-pagesize.diff: Don't assume AT_PAGESIZE is always available.
LP: #672352.
* Remove po/header.pot file. LP: #670678.
* On ARM, use the atomic builtins provided by GCC (Ken Werner). LP: #643171.
* Build using GCC-4.5.
[ Kees Cook ]
* Rearrange recent security patches:
- disable-ld_audit.diff:
- should live in patches/ubuntu for now.
- updated comments to include CVE-2010-3856.
- any/dst-expansion-fix.diff renamed to any/cvs-dst-expansion-fix.diff.
- series updated to move upstream fixes out of Ubuntu-specific section.
-- Matthias Klose <email address hidden> Tue, 21 Dec 2010 20:35:36 +0100
-
eglibc (2.12.1-0ubuntu10) maverick-proposed; urgency=low
* any/cvs-at-pagesize.diff: Don't assume AT_PAGESIZE is always available.
LP: #672352.
* Fix issue #12159, x86-64 strchr propagation of search byte into all bytes
of SSE register.
* Fix issue12113, alignment of AVX safe area on x86_64. LP: #662511.
* Fix ifunc thunk for strspn on x86 in static libc. LP: #615953.
-- Matthias Klose <email address hidden> Sun, 14 Nov 2010 23:49:36 +0100
-
eglibc (2.12.1-0ubuntu9) maverick-proposed; urgency=low
* debian/patches/any/cvs-getlogin_r-error-handling-1.patch,
debian/patches/any/cvs-getlogin_r-error-handling-2.patch,
debian/patches/any/cvs-getlogin_r-error-handling-3.patch:
Take upstream commits c8727fa6, 5305f9b0, d48b7607 from
release/2.12/master to fix a crash in getlogin(). (LP: #658907)
-- Anders Kaseorg <email address hidden> Mon, 01 Nov 2010 15:42:35 -0400
-
eglibc (2.12.1-0ubuntu8) maverick-security; urgency=low
* SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
- debian/patches/any/dst-expansion-fix.diff: upstream fixes.
- CVE-2010-3847
- debian/patches/any/disable-ld_audit.diff: turn off LD_AUDIT
for setuid binaries.
-- Kees Cook <email address hidden> Thu, 21 Oct 2010 12:45:24 -0700
-
eglibc (2.12.1-0ubuntu7) maverick-proposed; urgency=low
* Fix issue #12092, strstr broken for some inputs on pre-SSE4 machines.
LP: #655463.
-- Matthias Klose <email address hidden> Thu, 07 Oct 2010 09:01:06 +0200
-
eglibc (2.12.1-0ubuntu6) maverick; urgency=low
* Fix applying the local-syscall-mcount.diff.
-- Matthias Klose <email address hidden> Fri, 10 Sep 2010 18:47:31 +0200
