Ubuntu
eglibc package

lp://staging/ubuntu/raring-security/eglibc

  1. Raring (13.04)
  2. raring-security
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp://staging/ubuntu/raring-security/eglibc
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

327. By Marc Deslauriers

* SECURITY UPDATE: denial of service and possible code execution via
  strcoll overflows
  - debian/patches/any/CVE-2012-44xx.diff: fix overflows in
    string/strcoll_l.c, add test to string/tst-strcoll-overflow.c,
    string/Makefile.
  - CVE-2012-4412
  - CVE-2012-4424
* SECURITY UPDATE: denial of service in regular expression matcher
  - debian/patches/any/CVE-2013-0242.diff: fix buffer overrun in
    posix/regexec.c, add test to posix/bug-regex34.c, posix/Makefile.
  - CVE-2013-0242
* SECURITY UPDATE: denial of service in getaddrinfo
  - debian/patches/any/CVE-2013-1914.diff: fix overflow in
    sysdeps/posix/getaddrinfo.c.
  - CVE-2013-1914
* SECURITY UPDATE: denial of service and possible code execution via
  readdir_r
  - debian/patches/any/CVE-2013-4237.diff: enforce NAME_MAX limit in
    sysdeps/posix/readdir_r.c, add errcode to sysdeps/posix/dirstream.h,
    sysdeps/posix/opendir.c, sysdeps/posix/rewinddir.c, remove
    GETDENTS_64BIT_ALIGNED from
    sysdeps/unix/sysv/linux/i386/readdir64_r.c,
    sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c.
  - CVE-2013-4237
* SECURITY UPDATE: denial of service and possible code execution via
  overflows in memory allocator
  - debian/patches/any/CVE-2013-4332.diff: check for overflows in
    malloc/malloc.c.
  - CVE-2013-4332

326. By Adam Conrad

* debian/debhelper.in/libc.postint: Switch from 'awk gsub' to 'tr -d' to
  avoid warnings when the awk alternative points to gawk (LP: #1156923)
* debian/patches/any/submitted-setfsid-wur.diff: Drop __wur from setfsuid
  and setfsgid functions to avoid -Werror=unused-result (Closes: #701422)
* debian/patches/i386/cvs-simd-exception.diff: Pull patch from upstream
  to fix a performance regression in i386 SIMD exceptions (LP: #1157244)
* debian/patches/svn-updates.diff: Update to r22884 of eglibc-2_17 branch
* debian/testsuite-checking/compare.sh: Disable hard testsuite failures
  for release to avoid stable updates exploding as buildd kernels change

325. By Adam Conrad

Brown paper bag release: restore g++-multilib build-dep on armhf.

324. By Adam Conrad

* Merge with Debian experimental, bringing in several small fixes.
* Sync Ubuntu's expected testsuite results with Debian's new ones.

323. By Adam Conrad

* Merge with Debian, bringing in a new upstream and many small fixes:
  - patches/any/cvs-malloc-deadlock.diff: Dropped, merged upstream.
  - patches/ubuntu/lddebug-scopes.diff: Rebase for upstream changes.
  - patches/ubuntu/local-CVE-2012-3406.diff: Rebased against upstream.
  - patches/ubuntu/no-asm-mtune-i686.diff: Fixed in recent binutils.
* This upstream merge fixes a nasty hang in pulseaudio (LP: #1085342)
* Bump MIN_KERNEL_SUPPORTED to 2.6.32 on ARM, now that we no longer
  have to support shonky 2.6.31 kernels on imx51 babbage builders.
* Drop patches/ubuntu/local-disable-nscd-host-caching.diff, as these
  issues were apparently resolved upstream a while ago (LP: #613662)
* Fix the compiled-in bug URL to point to launchpad.net, not Debian.

322. By Adam Conrad

* Switch armel/armhf libc-dev-alt builds to the same symlink method
  used by other arches to avoid duplicate files and dpkg oopses.
* Merge with experimental, fixing rtlddir for x32 alternate builds.

321. By Adam Conrad

* Merge with 2.16-0experimental1 from Debian, bringing in my
  upstream version of the C++ header autodetection patch, some
  packaging and upgrade fixes, and reducing our delta further.
* Fix debian/tests/control syntax for autopkgtest (LP: #1081500)
* Add patch ubuntu/local-disable-nscd-netgroup-caching.diff to
  disable netgroup caching in the default config (LP: #1068889)
* Backport any/cvs-malloc-deadlock.diff from upstream to prevent
  glibc deadlocking in mallock arena retry paths (LP: #1081734)

320. By Adam Conrad

* debian/tests/{control,rebuild}: add a stub autopkgtest rebuild
  test and add the XS-Testsuite header to control (LP: #1081500)
* Rework unsubmitted-cxxheaders-detection3.dif one more time to
  account for more multiarch versus multilib location oddities.
* Adjust expected results for intermittent tst-mqueue5 failures.

319. By Matthias Klose

Regenerate the control file.

318. By Adam Conrad

* Merge with unreleased 2.16 in Debian experimental, remaining changes:
  - Drop the Breaks line from libc6, which refers to a Debian transition
  - Remove the libc6 recommends on libc6-i686, which we don't build
  - Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel
  - Ship update-locale and validlocale in /usr/sbin in libc-bin
  - Don't build locales or locales-all in Ubuntu, we rely on langpacks
  - Heavily mangle the way we do service restarting on major upgrades
  - Use different MIN_KERNEL_SUPPORTED versions than Debian, due to
    buildd needs. This should be universally bumped to 3.2.0 once all
    our buildds (including the PPA guests) are running precise kernels
  - Build i386 variants as -march=i686, build amd64 with -O3, and build
    ppc64 variants (both 64-bit and 32-bit) with -O3 -fno-tree-vectorize
  - Re-enable unsubmitted-ldconfig-cache-abi.diff and rebuild the cache
    on upgrades from previous versions that used a different constant
  - debian/patches/any/local-CVE-2012-3406.diff: switch to malloc when
    array grows too large to handle via alloca extension (CVE-2012-3406)
  - Build generic i386/i686 flavour with -mno-tls-direct-seg-refs
* Changes added/dropped with this merge while reducing our delta:
  - Stop building glibc docs from the eglibc source, and instead make
    the glibc-docs stub have a hard dependency on glibc-doc-reference
  - Remove outdated conflicts against ancient versions of ia32-libs
  - Drop the tzdata dependency from libc6, it's in required and minimal
  - Use gcc-4.7/g++-4.7 by default on all our supported architectures
  - Save our historical changelog as changelog.ubuntu in the source
  - Drop nscd's libaudit build-dep for now, as libaudit is in universe
  - Drop the unnecessary Breaks from libc6 to locales and locales-all
  - Ship xen's ld.so.conf.d snippet as /etc/ld.so.conf.d/libc6-xen.conf
* Disable hard failures on the test suite for the first upload to raring

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp://staging/ubuntu/trusty/eglibc
This branch contains Public information 
Everyone can see this information.

Subscribers