Branches for Precise

Name Status Last Modified Last Commit
lp://staging/ubuntu/precise/eglibc bug 2 Mature 2013-08-28 10:01:22 UTC
309. kdm is not meant to be restarted, onl...

Author: Steve Langasek
Revision Date: 2012-04-19 15:50:02 UTC

kdm is not meant to be restarted, only warned about; moving the restart
code to the preinst is causing kdm restarts that will break the desktop
in the middle of the upgrade. Zero out our list of services between the
two uses of the variable. LP: #985735.

lp://staging/ubuntu/precise-proposed/eglibc bug 2 Mature 2016-04-08 23:59:46 UTC
315. * SECURITY UPDATE: buffer overflow in...

Author: Steve Beattie
Revision Date: 2016-04-08 23:59:46 UTC

* SECURITY UPDATE: buffer overflow in gethostbyname_r and related
  functions
  - debian/patches/any/CVE-2015-1781.diff: take alignment padding
    into account when computing if buffer is too small.
  - CVE-2015-1781
* SECURITY UPDATE: glibc Name Service Switch (NSS) denial of sevice
  - debian/patches/any/CVE-2014-8121-1.diff: do not close NSS files
    database during iteration.
  - debian/patches/any/CVE-2014-8121-2.diff: Separate internal state
    between getXXent and getXXbyYY NSS calls.
  - CVE-2014-8121
* SECURITY UPDATE: glibc unbounded stack usage in NaN strtod
  conversion
  - debian/patches/any/CVE-2014-9761-1.diff: Refactor strtod parsing
    of NaN payloads.
  - debian/patches/any/CVE-2014-9761-1.diff: Fix nan functions
    handling of payload strings
  - CVE-2014-9761
* SECURITY UPDATE: out of range data to strftime() causes segfault
  (denial of service)
  - debian/patches/any/CVE-2015-8776.diff: add range checks to
    strftime() processing
  - CVE-2015-8776
* SECURITY UPDATE: glibc honors LD_POINTER_GUARD env for setuid
  AT_SECURE programs (e.g. setuid), allowing disabling of pointer
  mangling
  - debian/patches/any/CVE-2015-8777.diff: Always enable pointer
    guard
  - CVE-2015-8777
* SECURITY UPDATE: integer overflow in hcreate and hcreate_r
  - debian/patches/any/CVE-2015-8778.diff: check for large inputs
  - CVE-2015-8778
* SECURITY UPDATE: unbounded stack allocation in catopen()
  - debian/patches/any/CVE-2015-8779.diff: stop using unbounded
    alloca()
  - CVE-2015-8779
* SECURITY UPDATE: Stack overflow in _nss_dns_getnetbyname_r
  - debian/patches/any/CVE-2016-3075.diff: do not make unneeded
    memory copy on the stack.
  - CVE-2016-3075
* SECURITY UPDATE: pt_chown privilege escalation
  - debian/patches/any/CVE-2016-2856-pre.diff: add option to
    enable/disable pt_chown.
  - debian/patches/any/CVE-2016-2856.diff: grantpt: trust the kernel
    about pty group and permission mode
  - debian/debhelper.in/libc-bin.install: drop installation of
    pt_chown
  - CVE-2016-2856, CVE-2013-2207
* debian/debhelper.in/libc.postinst: add reboot notifications for
  security updates (LP: #1546457)

lp://staging/ubuntu/precise-security/eglibc bug 2 Mature 2016-08-11 06:12:54 UTC
319. * REGRESSION UPDATE: revert CVE-2014-...

Author: Steve Beattie
Revision Date: 2016-05-26 00:08:17 UTC

* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
  dependency from libm to libc (LP: #1585614)
  - debian/patches/any/CVE-2014-9761-2.diff: keep exporting
    __strto*_nan symbols added to libc.

lp://staging/ubuntu/precise-updates/eglibc bug 2 Mature 2016-08-11 06:12:57 UTC
322. * REGRESSION UPDATE: revert CVE-2014-...

Author: Steve Beattie
Revision Date: 2016-05-26 00:08:17 UTC

* REGRESSION UPDATE: revert CVE-2014-9761 fix due to added symbol
  dependency from libm to libc (LP: #1585614)
  - debian/patches/any/CVE-2014-9761-2.diff: keep exporting
    __strto*_nan symbols added to libc.

lp://staging/~adam-stokes/ubuntu/precise/eglibc/avx-support-979003 1 Development 2012-08-23 02:33:26 UTC
289. [ Adam Conrad ] * Backport FMA4/AVX d...

Author: Adam Stokes
Revision Date: 2012-08-23 02:32:22 UTC

[ Adam Conrad ]
* Backport FMA4/AVX detection from glibc 2.16 (LP: #956051, #979003)
* Backport fixups to AVX-using code to match the detection backport.

lp://staging/~jamesodhunt/ubuntu/precise/eglibc/fix-for-bug-508083 bug 1 Development 2012-03-23 16:47:11 UTC
275. * debian/control: Add "Pre-Depends: d...

Author: James Hunt
Revision Date: 2012-03-23 16:47:11 UTC

* debian/control: Add "Pre-Depends: debconf" to allow preinst to prompt for
  services to restart (rather than postinst).
* debian/debhelper.in/libc.preinst: Moved logic from postinst to
  prompt user for services to restart. We ask here here to allow the
  problematic cron to be stopped in the preinst, but defer the restart of
  remaining services until postinst time (LP: #508083).
* debian/debhelper.in/libc.postinst: Perform restart on all services except
  cron, which is started if it had been stopped in the preinst.

lp://staging/~michaelh1/ubuntu/precise/eglibc/lp696794 (Has a merge proposal) 1 Development 2012-03-07 22:01:40 UTC
273. Revert an accidental debian/changelog...

Author: Michael Hope
Revision Date: 2012-03-07 22:01:40 UTC

Revert an accidental debian/changelog edit.

lp://staging/~ubuntu-branches/ubuntu/precise/eglibc/precise-201308281639 (Has a merge proposal) 1 Development 2013-08-28 16:40:14 UTC
309. kdm is not meant to be restarted, onl...

Author: Steve Langasek
Revision Date: 2012-04-19 15:50:02 UTC

kdm is not meant to be restarted, only warned about; moving the restart
code to the preinst is causing kdm restarts that will break the desktop
in the middle of the upgrade. Zero out our list of services between the
two uses of the variable. LP: #985735.

lp://staging/~vorlon/ubuntu/precise/eglibc/obsolete-conffile (Has a merge proposal) 1 Development 2012-04-09 16:49:33 UTC
277. Remove the /etc/ld.so.conf.d/i486-lin...

Author: Steve Langasek
Revision Date: 2012-04-09 16:48:53 UTC

Remove the /etc/ld.so.conf.d/i486-linux-gnu.conf conffile on upgrade on
i386, since it's no longer shipped and we should give consistent results
on upgrade and install; and add a Breaks on the three library packages
in lucid that used this path.

19 of 9 results