lp://staging/ubuntu/karmic-security/eglibc
- Get this branch:
- bzr branch lp://staging/ubuntu/karmic-security/eglibc
Branch merges
Branch information
Recent revisions
- 25. By Kees Cook
-
* SECURITY UPDATE: setuid iconv users could load arbitrary libraries.
- debian/patches/ any/dst- expansion- fix.diff: refresh with new
proposed solution, avoiding iconv issues.
- any/cvs-check-setuid- on-audit. diff: upstream fix for CVE-2010-3856,
which was already had a work-around in 2.10.1-0ubuntu18. - 24. By Kees Cook
-
* SECURITY UPDATE: root escalation via LD_AUDIT DST expansion.
- debian/patches/ any/dst- expansion- fix.diff: upstream fixes.
- CVE-2010-3847
- debian/patches/ any/disable- ld_audit. diff: turn off LD_AUDIT
for setuid binaries. - 23. By Kees Cook
-
* SECURITY UPDATE: integer overflow in strfmon() might lead to arbitrary
code execution.
- debian/patches/ any/git- strfmon- overflow. diff: backport from upstream.
- CVE-2008-1391
* SECURITY UPDATE: newlines not escaped in /etc/mtab.
- debian/patches/ any/git- mntent- newline- escape. diff: upstream fixes.
- CVE-2010-0296
* SECURITY UPDATE: arbitrary code execution from ELF headers (LP: #542197).
- debian/patches/ any/git- fix-dtag- cast.diff: upstream fixes.
- CVE-2010-0830
* debian/patches/ any/git- readdir- padding. diff: fix readdir padding when
processing getdents64() in a 32-bit execution environment (LP: #392501). - 22. By Matthias Klose
-
Don't fail the build explicitely on any architecture (used for ppa
uploads to save buildd resources). - 21. By Matthias Klose
-
* Tighten build dependencies for binutils and gcc-4.4 with fix
for PR debug/40521. LP: #440172.
* On armel, don't explicitely build with -fno-dwarf2-cfi-asm.
* On armel, remove check-textrel.out test from expected to fail. - 20. By Matthias Klose
-
* On armel build with -fno-dwarf2-cfi-asm (will be the default with
gcc-4.4 (>= 4.4.1-5ubuntu1).
* Build-depend on binutils fixing PR ld/9863. - 19. By Steve Langasek
-
[ Steve Langasek ]
* Restore missing depends/conflicts/ replaces handling for findutils and
belocs-locales- bin, lost in the latest merge.
* Move ldconfig trigger handling to libc-bin postinst, since that's where
ldconfig and the trigger are actually located.
* Drop debian/local/etc_ init.d from the source, which is no longer shipped
in the package having been dropped in Debian
* debian/rules.d/ debhelper. mk: revert breakage from Debian experimental;
pulling in file substitutions from script.in has to happen before
substituting other tokens, since script.in/nohwcap. sh contains other
tokens that have to be replaced. LP: #427288.[ Matthias Klose ]
* Don't apply hppa patches, don't apply
any/local-linuxthreads- kill_other. diff. - 17. By Matthias Klose
-
[ Matthias Klose ]
* Merge with Debian (r3833, eglibc-2.10 branch).
* Don't build libc6-vfp anymore.
* Update from the eglibc 2.10 maintainance branch (rev 8895).
- Remove patches/any/submitted- libgcc_ s.so.diff.
* Move the ldconfig trigger from libc6 to libc-bin.[ Loïc Minier
* Update testsuite for armel since the real FPU on the buildds passes more
tests than the software emulation.
* Fix Vcs-Bzr URL to use https. - 16. By Steve Langasek
-
debian/
sysdeps/ i386.mk: cherrypick fix from Debian, lost somewhere along
the way, that prevents /etc/ld.so.conf. d/xen.conf being added to the
libc6-xen package. LP: #427288. This still leaves us with a delta
relative to the Debian conffile name, which we ought to clean up at some
later date.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/maverick/eglibc