clang-3.5: CVE-2014-2893: scan-build: insecure use of /tmp

Debian Bug report logs - #744817
clang-3.5: CVE-2014-2893: scan-build: insecure use of /tmp

Toggle useless messages

Message #3 received at submit@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: clang-3.5: scan-build: insecure use of /tmp

Date: Tue, 15 Apr 2014 00:13:23 +0200

Package: clang-3.5
Version: 1:3.5~svn201651-1
Severity: important
Tags: security

The GetHTMLRunDir subroutine creates temporary directories in an 
insecure way:

1) The directory name is easily predictable:

 if (!defined $Dir) {
   $Dir = $ENV{'TMPDIR'} || $ENV{'TEMP'} || $ENV{'TMP'} || "/tmp";
   $TmpMode = 1;
 }
 # [...]
 my $TimeString = sprintf("%02d%02d%02d", $hour, $min, $sec);
 my $DateString = sprintf("%d-%02d-%02d-%s-$$",
                          $year, $month, $day, $TimeString);
 # [...]
 if ($TmpMode) {
   $NewDir = "$Dir/$Prog-$DateString-$RunNumber";
 }

2) The directory is created with default permissions (instead of 0700).

3) The function doesn't fail if the directory already exists, even if 
it's owned by another user. Now, the upstream intention was to always 
choose a directory that doesn't exist, but the logic is broken:

   foreach my $f (@FILES) {
     # Strip the prefix '$Prog-' if we are dumping files to /tmp.
     if ($TmpMode) {
       next if (!($f =~ /^$Prog-(.+)/));
       $f = $1;
     }
     my @x = split/-/, $f;
     next if (scalar(@x) != 4);
     next if ($x[0] != $year);
     next if ($x[1] != $month);
     next if ($x[2] != $day);
     next if ($x[3] != $TimeString);
     next if ($x[4] != $$);
     if ($x[5] > $max) {
       $max = $x[5];
     }
   }
   $RunNumber = $max + 1;

But, for files that could be created by GetHTMLRunDir, scalar(@x) is 6, 
not 4, so the loop is mostly no-op. (Even if the loop was implemented 
correctly, there would still be race window between when the directory 
name is chosen and when it is created.)


This bug can be exploited by malicious local user for denial of service, 
information disclosure, or to overwrite arbitrary files via symlink 
attack.

-- 
Jakub Wilk

Message #8 received at 744817@bugs.debian.org (full text, mbox, reply):

From: Sylvestre Ledru <sylvestre@debian.org>

To: Jakub Wilk <jwilk@debian.org>, 744817@bugs.debian.org

Subject: Re: Bug#744817: clang-3.5: scan-build: insecure use of /tmp

Date: Tue, 15 Apr 2014 14:30:06 +0200

Hello Jakub,

Thanks for this analysis.

FYI, clang 3.3 and 3.4 are most likely impacted too.

On 15/04/2014 00:13, Jakub Wilk wrote:
> Package: clang-3.5
> Version: 1:3.5~svn201651-1
> Severity: important
> Tags: security
> 
> The GetHTMLRunDir subroutine creates temporary directories in an
> insecure way:
> 
> 1) The directory name is easily predictable:
> 
>  if (!defined $Dir) {
>    $Dir = $ENV{'TMPDIR'} || $ENV{'TEMP'} || $ENV{'TMP'} || "/tmp";
>    $TmpMode = 1;
>  }
>  # [...]
>  my $TimeString = sprintf("%02d%02d%02d", $hour, $min, $sec);
>  my $DateString = sprintf("%d-%02d-%02d-%s-$$",
>                           $year, $month, $day, $TimeString);
>  # [...]
>  if ($TmpMode) {
>    $NewDir = "$Dir/$Prog-$DateString-$RunNumber";
>  }
For this issue, adding a random number at the end would fix the issue,
right?


> 2) The directory is created with default permissions (instead of 0700).
That will probably be easy to do.

Sylvestre

Message #13 received at 744817@bugs.debian.org (full text, mbox, reply):

From: Murray McAllister <mmcallis@redhat.com>

To: oss-security@lists.openwall.com

Cc: 744817@bugs.debian.org

Subject: CVE request: insecure temporary file handling in clang's scan-build utility

Date: Wed, 16 Apr 2014 14:26:06 +1000

Hello,

Jakub Wilk discovered that clang's scan-build utility insecurely handled 
temporary files. Full details in his report:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817

Can a CVE please be assigned?

Cheers,

--
Murray McAllister / Red Hat Security Response Team

https://bugzilla.redhat.com/show_bug.cgi?id=1088105

Message #18 received at 744817@bugs.debian.org (full text, mbox, reply):

From: cve-assign@mitre.org

To: mmcallis@redhat.com

Cc: cve-assign@mitre.org, 744817@bugs.debian.org, oss-security@lists.openwall.com

Subject: Re: CVE request: insecure temporary file handling in clang's scan-build utility

Date: Fri, 18 Apr 2014 23:29:07 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Jakub Wilk discovered that clang's scan-build utility insecurely handled
> temporary files.
> 
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817

> The GetHTMLRunDir subroutine ...
> 
> 3) The function doesn't fail if the directory already exists, even if 
> it's owned by another user.

Use CVE-2014-2893.


[ other notes:

> 1) The directory name is easily predictable

This doesn't seem to be independently exploitable.

> 2) The directory is created with default permissions (instead of 0700).

Using default permissions is not necessarily wrong, from a CVE
perspective, in all development environments. See the
http://openwall.com/lists/oss-security/2014/03/09/1 post. In any case,
we're not currently making a separate CVE assignment for the
permissions issue. ]

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)

iQEcBAEBAgAGBQJTUezyAAoJEKllVAevmvms3VoH/AiIbJnqY+jfvDtCpQN7YRiw
I/2aoWY5uBPgD7V2F7JVnejX64QIN5jG8PB78JJRRRLNo9W71kJGpWpdZYVsVIFI
3rymLYd32AnAWdwx4b3NeRCncMWon5tN6WYhUvClzNl1v1A1XzP167PSPAczYhSf
pOUcJ8KiibI/UN3MuHVs35PKOTyQv9CXV9ITy6yE/TloCWXmd6zBJT4Ozd0hr39Z
XEAUcz9XhcKETC2SZuIbEKf5yk6oEhOacN3VN3JcT1lXe5Fq7YaYeMY95PRxBRPT
XHb0pEzJIO2eEpfrJkm/gdLUaXzgDyw4CSKJ35zhmveOxz6zLnstHKg9+OXPoC0=
=l1R7
-----END PGP SIGNATURE-----

Message #25 received at 744817@bugs.debian.org (full text, mbox, reply):

From: Sylvestre Ledru <sylvestre@debian.org>

To: cve-assign@mitre.org, 744817@bugs.debian.org, mmcallis@redhat.com

Cc: oss-security@lists.openwall.com

Subject: Re: Bug#744817: CVE request: insecure temporary file handling in clang's scan-build utility

Date: Sun, 20 Apr 2014 11:17:43 +0200

[Message part 1 (text/plain, inline)]

On 19/04/2014 05:29, cve-assign@mitre.org wrote:
> > Jakub Wilk discovered that clang's scan-build utility insecurely handled
> > temporary files.
>
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817
>
> > The GetHTMLRunDir subroutine ...
>
> > 3) The function doesn't fail if the directory already exists, even if
> > it's owned by another user.
>
> Use CVE-2014-2893.
I am going to have a look next week. It should be trivial to fix.

Sylvestre

[signature.asc (application/pgp-signature, attachment)]

Message #28 received at 744817@bugs.debian.org (full text, mbox, reply):

From: Jakub Wilk <jwilk@debian.org>

To: 744817@bugs.debian.org

Subject: Re: Bug#744817: clang-3.5: scan-build: insecure use of /tmp

Date: Sun, 27 Apr 2014 00:05:05 +0200

* Sylvestre Ledru <sylvestre@debian.org>, 2014-04-15, 14:30:
>>1) The directory name is easily predictable:
>>
>> if (!defined $Dir) {
>>   $Dir = $ENV{'TMPDIR'} || $ENV{'TEMP'} || $ENV{'TMP'} || "/tmp";
>>   $TmpMode = 1;
>> }
>> # [...]
>> my $TimeString = sprintf("%02d%02d%02d", $hour, $min, $sec);
>> my $DateString = sprintf("%d-%02d-%02d-%s-$$",
>>                          $year, $month, $day, $TimeString);
>> # [...]
>> if ($TmpMode) {
>>   $NewDir = "$Dir/$Prog-$DateString-$RunNumber";
>> }
>For this issue, adding a random number at the end would fix the issue, 
>right?

If it's sufficiently random, yeah. But I'd strongly recommend that we 
throw away most of this logic, and use the tempdir() from the File::Temp 
module instead.

-- 
Jakub Wilk

Message #33 received at 744817@bugs.debian.org (full text, mbox, reply):

From: Sylvestre Ledru <sylvestre@debian.org>

To: cve-assign@mitre.org, 744817@bugs.debian.org, mmcallis@redhat.com

Cc: oss-security@lists.openwall.com

Subject: Re: Bug#744817: CVE request: insecure temporary file handling in clang's scan-build utility

Date: Mon, 16 Jun 2014 22:51:58 +0200

[Message part 1 (text/plain, inline)]

On 19/04/2014 05:29, cve-assign@mitre.org wrote:
> > Jakub Wilk discovered that clang's scan-build utility insecurely handled
> > temporary files.
>
> > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817
>
> > The GetHTMLRunDir subroutine ...
>
> > 3) The function doesn't fail if the directory already exists, even if
> > it's owned by another user.
>
> Use CVE-2014-2893.
>
I think I fixed it upstream:
http://llvm.org/viewvc/llvm-project?view=revision&revision=211051
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/scan-build/scan-build?r1=210971&r2=211051&pathrev=211051

I've just uploaded llvm-snapshot-3.4. I prepared 3.3 and I will upload
the snapshot later.

Sylvestre

[signature.asc (application/pgp-signature, attachment)]

Message #38 received at 744817@bugs.debian.org (full text, mbox, reply):

From: Sylvestre Ledru <sylvestre@debian.org>

To: cve-assign@mitre.org, 744817@bugs.debian.org, mmcallis@redhat.com

Cc: oss-security@lists.openwall.com

Subject: Re: Bug#744817: CVE request: insecure temporary file handling in clang's scan-build utility

Date: Mon, 16 Jun 2014 23:00:21 +0200

[Message part 1 (text/plain, inline)]

On 16/06/2014 22:51, Sylvestre Ledru wrote:
> On 19/04/2014 05:29, cve-assign@mitre.org wrote:
>>> Jakub Wilk discovered that clang's scan-build utility insecurely handled
>>> temporary files.
>>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=744817
>>> The GetHTMLRunDir subroutine ...
>>> 3) The function doesn't fail if the directory already exists, even if
>>> it's owned by another user.
>> Use CVE-2014-2893.
>>
> I think I fixed it upstream:
> http://llvm.org/viewvc/llvm-project?view=revision&revision=211051
> http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/scan-build/scan-build?r1=210971&r2=211051&pathrev=211051
>
Actual patch fixed:
http://llvm.org/viewvc/llvm-project/cfe/trunk/tools/scan-build/scan-build?r1=210971&r2=211053&pathrev=211053
Sorry about the noise

Sylvestre

[signature.asc (application/pgp-signature, attachment)]

Message #43 received at 744817-close@bugs.debian.org (full text, mbox, reply):

From: Sylvestre Ledru <sylvestre@debian.org>

To: 744817-close@bugs.debian.org

Subject: Bug#744817: fixed in llvm-toolchain-3.4 1:3.4.2-1

Date: Mon, 16 Jun 2014 21:41:17 +0000

Source: llvm-toolchain-3.4
Source-Version: 1:3.4.2-1

We believe that the bug you reported is fixed in the latest version of
llvm-toolchain-3.4, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 744817@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sylvestre Ledru <sylvestre@debian.org> (supplier of updated llvm-toolchain-3.4 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 06 Jun 2014 15:55:57 +0200
Source: llvm-toolchain-3.4
Binary: clang-3.4 clang-format-3.4 cpp11-migrate-3.4 clang-modernize-3.4 clang-3.4-doc libclang1-3.4 libclang1-3.4-dbg libclang-3.4-dev libclang-common-3.4-dev python-clang-3.4 clang-3.4-examples libllvm3.4 libllvm3.4-dbg llvm-3.4 llvm-3.4-runtime llvm-3.4-dev llvm-3.4-tools libllvm-3.4-ocaml-dev llvm-3.4-doc llvm-3.4-examples lldb-3.4 lldb-3.4-dev
Architecture: source amd64 all
Version: 1:3.4.2-1
Distribution: unstable
Urgency: medium
Maintainer: LLVM Packaging Team <pkg-llvm-team@lists.alioth.debian.org>
Changed-By: Sylvestre Ledru <sylvestre@debian.org>
Description:
 clang-3.4  - C, C++ and Objective-C compiler (LLVM based)
 clang-3.4-doc - C, C++ and Objective-C compiler (LLVM based) - Documentation
 clang-3.4-examples - Clang examples
 clang-format-3.4 - Tool to format C/C++/Obj-C code
 clang-modernize-3.4 - Tool to convert C++98 and C++03 code to C++11
 cpp11-migrate-3.4 - Tool to convert C++98 and C++03 code to C++11
 libclang-3.4-dev - clang library - Development package
 libclang-common-3.4-dev - clang library - Common development package
 libclang1-3.4 - C interface to the clang library
 libclang1-3.4-dbg - clang library
 libllvm-3.4-ocaml-dev - Modular compiler and toolchain technologies, OCaml bindings
 libllvm3.4 - Modular compiler and toolchain technologies, runtime library
 libllvm3.4-dbg - Modular compiler and toolchain technologies, debugging libraries
 lldb-3.4   - Next generation, high-performance debugger
 lldb-3.4-dev - Next generation, high-performance debugger - Header files
 llvm-3.4   - Modular compiler and toolchain technologies
 llvm-3.4-dev - Modular compiler and toolchain technologies, libraries and header
 llvm-3.4-doc - Modular compiler and toolchain technologies, documentation
 llvm-3.4-examples - Modular compiler and toolchain technologies, examples
 llvm-3.4-runtime - Modular compiler and toolchain technologies, IR interpreter
 llvm-3.4-tools - Modular compiler and toolchain technologies, tools
 python-clang-3.4 - Clang Python Bindings
Closes: 744817 750868 751322
Changes:
 llvm-toolchain-3.4 (1:3.4.2-1) unstable; urgency=medium
 .
   * New upstream release
   * Add build conflict on libllvm-3.5-ocaml-dev
   * Also disable lldb tests under armel (like armhf). Timeout
   * Update of the repack script
   * Use llvm-3.4-dev.links.in to manage the symlinks
   * Fix the soname of liblldb.so to see it treated as a real library
     (Closes: #750868)
   * Switch to the default gcc/g++ compiler. Currently 4.9 (Closes: #751322)
   * Fixes CVE-2014-2893 (Closes: #744817)
Checksums-Sha1:
 ee717a7ca44b2e8c84b12de0e170eff6712f6a44 5498 llvm-toolchain-3.4_3.4.2-1.dsc
 cd12463c2dc3cd856573d18497a9242d81e9636a 180154 llvm-toolchain-3.4_3.4.2.orig-clang-tools-extra.tar.bz2
 f372796f6adaf16dfe5fb17895a95644109c46d4 8414352 llvm-toolchain-3.4_3.4.2.orig-clang.tar.bz2
 648453d778fe66977e0b3ce88d54d7faa4f36490 1331955 llvm-toolchain-3.4_3.4.2.orig-compiler-rt.tar.bz2
 e903524d94d862ca6d371601dce280b097d44fde 2753623 llvm-toolchain-3.4_3.4.2.orig-lldb.tar.bz2
 13ceb0f552fe1ffdba1b47228cb0179b524ca9d7 327886 llvm-toolchain-3.4_3.4.2.orig-polly.tar.bz2
 56b67bd60a00d68d5b695dcd6dfc5bf30504f91d 12089898 llvm-toolchain-3.4_3.4.2.orig.tar.bz2
 da1df40da3813e4a73ce591e29613fb6ca2406d1 45320 llvm-toolchain-3.4_3.4.2-1.debian.tar.xz
 523a337f1e4f95e52fd58c76218d9b48b519c8ab 19175840 clang-3.4_3.4.2-1_amd64.deb
 f6057a891a9ac2672df40378c493ba8a02d15d10 3193692 clang-format-3.4_3.4.2-1_amd64.deb
 ebca29b5a71ba68f1265f07eebedda4de2fe2ab8 12112 cpp11-migrate-3.4_3.4.2-1_amd64.deb
 fbc675771902984564e24505d458c84d29f57ce1 3384718 clang-modernize-3.4_3.4.2-1_amd64.deb
 6e57ade6be4d8ff164a66a829ead1d1157942752 471776 clang-3.4-doc_3.4.2-1_all.deb
 12451525c17edcc91a2a1762ad0ba7ca44a6771a 3618034 libclang1-3.4_3.4.2-1_amd64.deb
 8ae1dfc1b51777ac40bc200222f167a8b0179252 91097258 libclang1-3.4-dbg_3.4.2-1_amd64.deb
 c943e92b51517889773c613eea30942688ef504e 8328646 libclang-3.4-dev_3.4.2-1_amd64.deb
 027e87cae659b357f0574281095c131072ef9d98 539144 libclang-common-3.4-dev_3.4.2-1_amd64.deb
 386852b235089f8ce9c13f3cb1dae703aa20fcd9 33368 python-clang-3.4_3.4.2-1_amd64.deb
 76769758e170184e8e90f02c35d88c4bc457aa92 17910 clang-3.4-examples_3.4.2-1_amd64.deb
 20cfc0a9c909962b4ff4b95443666b8e306efd31 6720910 libllvm3.4_3.4.2-1_amd64.deb
 cd0565dbf3f287004ff62d1225f76e47059103e1 110682204 libllvm3.4-dbg_3.4.2-1_amd64.deb
 dd4ea25e66b95a8ccb7e4ff720a267eac477049e 1102000 llvm-3.4_3.4.2-1_amd64.deb
 a5fc1892a279eb4954d368219642c4d52f5ca536 46246 llvm-3.4-runtime_3.4.2-1_amd64.deb
 9bb7465f66ad63734b3e475959f3782153e9c02f 10178200 llvm-3.4-dev_3.4.2-1_amd64.deb
 e136d352a52ba67e025b38aa2d1cc8e6fe335089 210686 llvm-3.4-tools_3.4.2-1_amd64.deb
 e47ef29d897686841b12bed0c442fcd976607723 284666 libllvm-3.4-ocaml-dev_3.4.2-1_amd64.deb
 b4f733a7cb6a397fb1944a686fce11cd745aa560 1294518 llvm-3.4-doc_3.4.2-1_all.deb
 1603ea912ce4f185d86dd11de9cc7eacf78c9741 176536 llvm-3.4-examples_3.4.2-1_all.deb
 3a325fb51fd2fe7ebb7173e0fc7d2aae1c780793 6315638 lldb-3.4_3.4.2-1_amd64.deb
 f8d80804168375029f41ce45b461fbd009b32405 3193028 lldb-3.4-dev_3.4.2-1_amd64.deb
Checksums-Sha256:
 73d8a04cb47377a3859bccc409659aa3e67c723a528497bd595c55d9e361605b 5498 llvm-toolchain-3.4_3.4.2-1.dsc
 d8f74d5362a1abe1f02a6911163372adfb3a0ff04443dc4baa6f5ed63e272ccc 180154 llvm-toolchain-3.4_3.4.2.orig-clang-tools-extra.tar.bz2
 4d81d6678facbbe2dce59a147c9dcd65db47a8d92c7db9fd702a5f0c3ee3fce4 8414352 llvm-toolchain-3.4_3.4.2.orig-clang.tar.bz2
 5a02deb3d92c34c820dbdef93690d9aef0784f9dfa1d9c54c9c6beb85600574a 1331955 llvm-toolchain-3.4_3.4.2.orig-compiler-rt.tar.bz2
 44236f51cb374bff5c78870c7e153cc1b7cd5e6276a434504fd1c33f32dc2e65 2753623 llvm-toolchain-3.4_3.4.2.orig-lldb.tar.bz2
 c22e5100d8fce1a60207677ffb228d21d2604d44e4bf064785448490a2d2bb9e 327886 llvm-toolchain-3.4_3.4.2.orig-polly.tar.bz2
 88eb31224991753e79d5eb31df5f92f683dbeedffc177b538bc71ec58ee5c393 12089898 llvm-toolchain-3.4_3.4.2.orig.tar.bz2
 ea65b6ec0ee4c737c05884430ce881b492341f282c68261a7ccf5d64dc42e4cf 45320 llvm-toolchain-3.4_3.4.2-1.debian.tar.xz
 e59f13c69f93c1b03d6345719ba3995f12ab18595433ef1c3df7785952b92f81 19175840 clang-3.4_3.4.2-1_amd64.deb
 e6cc087d4148300741e72f5c19eae06c0ac21749597a453f1cb765ed030fc7d7 3193692 clang-format-3.4_3.4.2-1_amd64.deb
 a4ea252fea86fb073f6c19f678bd514c2caafb80aed3299f541b18012120c42a 12112 cpp11-migrate-3.4_3.4.2-1_amd64.deb
 146f743e16b1f8058d2c901e46c2d3f5eef2d3062a05434565af9757a823d291 3384718 clang-modernize-3.4_3.4.2-1_amd64.deb
 c8dca6668e4f91b96c1ee97b6252130ff00cfcefe1bfc833c56b4a9d9ff9838f 471776 clang-3.4-doc_3.4.2-1_all.deb
 b2d77d7052c3b51ccf909f379de18bbff0a7ee467ec624d6dcf9ebeccaf46cec 3618034 libclang1-3.4_3.4.2-1_amd64.deb
 174e36227a85fc6cd5bd05eadcbb8594f7938226b257762fbdfd9e9d1e6dd12f 91097258 libclang1-3.4-dbg_3.4.2-1_amd64.deb
 c7fa44c79236eebdcfec904d042e4720cee1f547c508c8419e96a43e2f613fb7 8328646 libclang-3.4-dev_3.4.2-1_amd64.deb
 ed482598166d021371ff04245219c834bdb95ac174e28fc0249c7aa0844ab704 539144 libclang-common-3.4-dev_3.4.2-1_amd64.deb
 439e4e7a0c7f52b7f26060bae2787086858056361cd00906b366bc8d54638c78 33368 python-clang-3.4_3.4.2-1_amd64.deb
 bd71a1177a385a9b6a69481b30e0c7fb3ec36d4c44d364aff681ac8bacecd253 17910 clang-3.4-examples_3.4.2-1_amd64.deb
 6187760a296ef478aee85603427e8c9539593b7f0304ef155b98189f5f8e3caf 6720910 libllvm3.4_3.4.2-1_amd64.deb
 8a1f0199a80028c43ea124adc203a23a0912cdcd22d047f747ece123ce932d69 110682204 libllvm3.4-dbg_3.4.2-1_amd64.deb
 5958242ab1ee669b06a53af2e96f343bd539014f4cb68b283ac2526fa5aedeb5 1102000 llvm-3.4_3.4.2-1_amd64.deb
 9cef3049ec50aef92cdfc001706960c19ec0c9315a7937760920fe3547a44fd0 46246 llvm-3.4-runtime_3.4.2-1_amd64.deb
 ef2df22e9670e11753a0ba1ef072300a83230ab5d2b669c0f936a4704a948a03 10178200 llvm-3.4-dev_3.4.2-1_amd64.deb
 123a1bf67718efd88ae0e41f3c7e6ef424cb5660800b614388368788602b802f 210686 llvm-3.4-tools_3.4.2-1_amd64.deb
 57536a1bcd885fde6e7916ed95e9350307ccc23d85ad0c632a9721f15d6b4f48 284666 libllvm-3.4-ocaml-dev_3.4.2-1_amd64.deb
 7425d7608ff293f6eb0e6086f9fbc57a95ba50db562884a0edf728bab068f9ee 1294518 llvm-3.4-doc_3.4.2-1_all.deb
 645a61db1623556dfe15424314b9b74c6482b80c40286852e3e7cffe0d91b1f7 176536 llvm-3.4-examples_3.4.2-1_all.deb
 54d419d71838c71da82e83603c4324cb2b1986300f213c950f158fb8bdd3d4b6 6315638 lldb-3.4_3.4.2-1_amd64.deb
 0531cb3193d56656b14da293d02dd21c6bb4957e91085c9d3e66c1a4f6c4cfa9 3193028 lldb-3.4-dev_3.4.2-1_amd64.deb
Files:
 bf56f35fe74509a00298dafdcf82a803 19175840 devel optional clang-3.4_3.4.2-1_amd64.deb
 385fc07ee44008289105163f1838fe85 3193692 devel optional clang-format-3.4_3.4.2-1_amd64.deb
 546fd2a350787d6acd8fd2087da27913 12112 devel optional cpp11-migrate-3.4_3.4.2-1_amd64.deb
 40eb77ab586a69bf0f47caff56e74fe7 3384718 devel optional clang-modernize-3.4_3.4.2-1_amd64.deb
 238b45eeaa363e4510a78effaec57e5e 471776 doc optional clang-3.4-doc_3.4.2-1_all.deb
 c6ee5779585131efd0214885a4b8995e 3618034 devel optional libclang1-3.4_3.4.2-1_amd64.deb
 b11c9f32901982e1fbe2318b8af169a1 91097258 debug extra libclang1-3.4-dbg_3.4.2-1_amd64.deb
 fe09e79ae6a3fb47046938ae8bf7714b 8328646 libdevel optional libclang-3.4-dev_3.4.2-1_amd64.deb
 e1599696d6c1d4ace5213c3668f5236c 539144 libdevel optional libclang-common-3.4-dev_3.4.2-1_amd64.deb
 367a779593317325565353519c81b6e2 33368 python optional python-clang-3.4_3.4.2-1_amd64.deb
 85580dccaf66ee2d9e43c6d1ccd9171c 17910 doc optional clang-3.4-examples_3.4.2-1_amd64.deb
 85b067b27bec06bf58162922b91f1ceb 6720910 libs optional libllvm3.4_3.4.2-1_amd64.deb
 9a84bad77e7c842716a4fdfa53ae196b 110682204 debug extra libllvm3.4-dbg_3.4.2-1_amd64.deb
 554a0b8e6862b28ca223bcdeda10da7e 1102000 devel optional llvm-3.4_3.4.2-1_amd64.deb
 833f54d52e780956959e0c38df63bcb0 46246 devel optional llvm-3.4-runtime_3.4.2-1_amd64.deb
 57cf52c84c7fd9eed601dcb7d8ca624c 10178200 devel optional llvm-3.4-dev_3.4.2-1_amd64.deb
 472cf426f9b2a0f266c46a76d0d2bcc8 210686 devel optional llvm-3.4-tools_3.4.2-1_amd64.deb
 d43ac09ac3e07981da371f0a4d972a40 284666 ocaml optional libllvm-3.4-ocaml-dev_3.4.2-1_amd64.deb
 0960bd023384bbc25ac8c0d0f40dd9c3 1294518 doc optional llvm-3.4-doc_3.4.2-1_all.deb
 9bdb822d8fbd77ba58bfeea5b6e76a9e 176536 doc optional llvm-3.4-examples_3.4.2-1_all.deb
 d448b8d82a9281e5ff4c2d4237cae179 6315638 devel optional lldb-3.4_3.4.2-1_amd64.deb
 f68caedd090ce629d5c12e326539a24b 3193028 devel optional lldb-3.4-dev_3.4.2-1_amd64.deb
 d91b665bec6d7bbd21942a6babd22320 5498 devel optional llvm-toolchain-3.4_3.4.2-1.dsc
 789696620682db8d6898f236d7928113 180154 devel optional llvm-toolchain-3.4_3.4.2.orig-clang-tools-extra.tar.bz2
 473e94f67fe3b7d9875705ede9f68af8 8414352 devel optional llvm-toolchain-3.4_3.4.2.orig-clang.tar.bz2
 70a9bc1c2bff7d717a32f469ae7f9ccd 1331955 devel optional llvm-toolchain-3.4_3.4.2.orig-compiler-rt.tar.bz2
 2dcb8fd097eef53e34eda3e12422cf41 2753623 devel optional llvm-toolchain-3.4_3.4.2.orig-lldb.tar.bz2
 5439795d90514ef5b80d33a77a5df280 327886 devel optional llvm-toolchain-3.4_3.4.2.orig-polly.tar.bz2
 52fd1fa0ecca5e9599a39941c07b8f6a 12089898 devel optional llvm-toolchain-3.4_3.4.2.orig.tar.bz2
 34dee40c523798af2ce6e8f98519ccb4 45320 devel optional llvm-toolchain-3.4_3.4.2-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJTn1jmAAoJEH5lKNp1LxvhE4cP/j+uTWm2fIvgU+jxPAJlA/n2
jAuU5wC/wIrNFFI+IxWxTEigiBNgYPb4R6FOOP59HUscgN65ss6YnWXkyzTc+YJ7
IIJ3LYQ1iL/FHDjikpRViz7i6HFmBwIFDzlGUGFWAZCnOY0CXQFfrc6/gggO2Cp7
LajkUh+M09fPccNdOpEG0EXmzj8SBB4EDeeZnRaXNW5wuScxFONp/ahcip+2r4ZU
8TkM7dy/zoEJQEAyq8pQS3z4qFuvqANPseULKWNLCel3XqneJruDVN0o3NzchJXa
VbX1xyTJB/I7ScZ9piVpOXXPSul+tskZZXcWMhWwSAPKCkOknxnnvMcIc/tvgBYX
5bdSu+uaXjS6ptqx33nnW+eHdHTV20fm0ZQr2j45KkQ4IgDpd9+DOI68UM/Qh4TR
XWNa92uGlvqooy5yhYpjlI3h9HgjDIK9bfUmmNuaJeQHeLxfPocVnc5uztvKisFh
1+hLXhTrDs/4m1/OwBya49mub0q5yAgoxcKkPrJyUmMpcDKsN+85+V+AbNQJTrDV
m+O7NM7BQiI5ujwngE/3BFVvcysHP7PvWI7mnH1xtvTXqM6u5ZGAuFsMJZOLRzuE
rs+3TtXRKHKtcvw6BuFx59undKaJNzpsiq5obdO6SlD3jYjQgnWjVIwKUEO0ZMTG
+YP3wLG9QNT4A/uf72mQ
=zG8A
-----END PGP SIGNATURE-----

Message #48 received at 744817-close@bugs.debian.org (full text, mbox, reply):

From: Sylvestre Ledru <sylvestre@debian.org>

To: 744817-close@bugs.debian.org

Subject: Bug#744817: fixed in llvm-toolchain-3.4 1:3.4.2-2

Date: Tue, 17 Jun 2014 06:50:17 +0000

Source: llvm-toolchain-3.4
Source-Version: 1:3.4.2-2

We believe that the bug you reported is fixed in the latest version of
llvm-toolchain-3.4, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 744817@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sylvestre Ledru <sylvestre@debian.org> (supplier of updated llvm-toolchain-3.4 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 16 Jun 2014 23:00:47 +0200
Source: llvm-toolchain-3.4
Binary: clang-3.4 clang-format-3.4 cpp11-migrate-3.4 clang-modernize-3.4 clang-3.4-doc libclang1-3.4 libclang1-3.4-dbg libclang-3.4-dev libclang-common-3.4-dev python-clang-3.4 clang-3.4-examples libllvm3.4 libllvm3.4-dbg llvm-3.4 llvm-3.4-runtime llvm-3.4-dev llvm-3.4-tools libllvm-3.4-ocaml-dev llvm-3.4-doc llvm-3.4-examples lldb-3.4 lldb-3.4-dev
Architecture: source amd64 all
Version: 1:3.4.2-2
Distribution: unstable
Urgency: medium
Maintainer: LLVM Packaging Team <pkg-llvm-team@lists.alioth.debian.org>
Changed-By: Sylvestre Ledru <sylvestre@debian.org>
Description:
 clang-3.4  - C, C++ and Objective-C compiler (LLVM based)
 clang-3.4-doc - C, C++ and Objective-C compiler (LLVM based) - Documentation
 clang-3.4-examples - Clang examples
 clang-format-3.4 - Tool to format C/C++/Obj-C code
 clang-modernize-3.4 - Tool to convert C++98 and C++03 code to C++11
 cpp11-migrate-3.4 - Tool to convert C++98 and C++03 code to C++11
 libclang-3.4-dev - clang library - Development package
 libclang-common-3.4-dev - clang library - Common development package
 libclang1-3.4 - C interface to the clang library
 libclang1-3.4-dbg - clang library
 libllvm-3.4-ocaml-dev - Modular compiler and toolchain technologies, OCaml bindings
 libllvm3.4 - Modular compiler and toolchain technologies, runtime library
 libllvm3.4-dbg - Modular compiler and toolchain technologies, debugging libraries
 lldb-3.4   - Next generation, high-performance debugger
 lldb-3.4-dev - Next generation, high-performance debugger - Header files
 llvm-3.4   - Modular compiler and toolchain technologies
 llvm-3.4-dev - Modular compiler and toolchain technologies, libraries and header
 llvm-3.4-doc - Modular compiler and toolchain technologies, documentation
 llvm-3.4-examples - Modular compiler and toolchain technologies, examples
 llvm-3.4-runtime - Modular compiler and toolchain technologies, IR interpreter
 llvm-3.4-tools - Modular compiler and toolchain technologies, tools
 python-clang-3.4 - Clang Python Bindings
Closes: 744817
Changes:
 llvm-toolchain-3.4 (1:3.4.2-2) unstable; urgency=medium
 .
   * Improve the CVE-2014-2893 fix (Closes: #744817)
   * Add a check to avoid an error on arch where compiler-rt is not available
Checksums-Sha1:
 9b1b8e5dad31512afb5e5cd99a37cf3c79724634 5498 llvm-toolchain-3.4_3.4.2-2.dsc
 550194eee9f648a82fa4618c7c1bd10ab54ddcde 45400 llvm-toolchain-3.4_3.4.2-2.debian.tar.xz
 d129b4235e5f8f7219247826ded189d31e9456e2 19176500 clang-3.4_3.4.2-2_amd64.deb
 55f16ab9717b4934be594921165e4fa99441bfd8 3193464 clang-format-3.4_3.4.2-2_amd64.deb
 737559bf67d2a30bee08a6904a774250e1ea1dc9 12160 cpp11-migrate-3.4_3.4.2-2_amd64.deb
 0ce71e3bb171c018286d31b71915bfee0727e61e 3384770 clang-modernize-3.4_3.4.2-2_amd64.deb
 24eab2f793c2a1ca7513b9092239efcfe437117c 471818 clang-3.4-doc_3.4.2-2_all.deb
 17da45f544a502144dfda2a50270ccb6d6afe903 3619306 libclang1-3.4_3.4.2-2_amd64.deb
 5586e944f34a7773e43741203a975f75af3df0c0 91097294 libclang1-3.4-dbg_3.4.2-2_amd64.deb
 d395c9f3dee523600beb7bdce6453ff84b20c01f 8328072 libclang-3.4-dev_3.4.2-2_amd64.deb
 6c80d85f0947cc736982f5c50a1e1353a744bfaf 543498 libclang-common-3.4-dev_3.4.2-2_amd64.deb
 5d68072771f0819d6465d04a04de051d5ebf3858 33416 python-clang-3.4_3.4.2-2_amd64.deb
 b747fac045b2f46a7a5a1ce5e711eae3c28db06d 17950 clang-3.4-examples_3.4.2-2_amd64.deb
 ce9025afb6052112ad6b2535dc91283c70faaffb 6721480 libllvm3.4_3.4.2-2_amd64.deb
 1adde520ac9075e16c1bb19396b2e1d63f754960 110682538 libllvm3.4-dbg_3.4.2-2_amd64.deb
 24114c6d8af18c7577d61c0c0cb880c2409d4112 1101928 llvm-3.4_3.4.2-2_amd64.deb
 f6f4c08d5e6bd6315f08a268c304abd7d748a8fc 46382 llvm-3.4-runtime_3.4.2-2_amd64.deb
 da983b80edc4cdff6e0b59524bf1a04979e1e52d 10173772 llvm-3.4-dev_3.4.2-2_amd64.deb
 91333d0d3e1082e5f0e3d9e6591a9e4a9c799e4d 210508 llvm-3.4-tools_3.4.2-2_amd64.deb
 30c00547aec0687194545b1f5a4470f4997b8f25 284390 libllvm-3.4-ocaml-dev_3.4.2-2_amd64.deb
 00fa6ad228011f52d4bf7c18533c3eb2a66fcafd 1294696 llvm-3.4-doc_3.4.2-2_all.deb
 9b59ecf0c5dfa8db7156f3713a0d04e6d311639e 176566 llvm-3.4-examples_3.4.2-2_all.deb
 ceec100095671637228e88e687803329d2b1c3a9 6316154 lldb-3.4_3.4.2-2_amd64.deb
 4b7b69f170b1b233e455a4f5d2655d5657c8142c 3192684 lldb-3.4-dev_3.4.2-2_amd64.deb
Checksums-Sha256:
 45526d45566bdf6a1a361dc94c490a542e4cc18a40e31c99157760aaeb86cb23 5498 llvm-toolchain-3.4_3.4.2-2.dsc
 ce2308146173aa5a90e32e2bdbc23e27d5b8dcb71a7fb4f4da86b25a7935904d 45400 llvm-toolchain-3.4_3.4.2-2.debian.tar.xz
 684fb30a0beba003a6bdd09871c6570f711e057d4796c39ad9318f12fa78bdad 19176500 clang-3.4_3.4.2-2_amd64.deb
 1805aaae1f79445e9a313ee141454b5eb84f4098d3cf396e229a07609f4e4dda 3193464 clang-format-3.4_3.4.2-2_amd64.deb
 a478c95c24bfe43c40e867fbde353605639cd4baecbd31e0b16c3bc13e5f18a5 12160 cpp11-migrate-3.4_3.4.2-2_amd64.deb
 a57f76272ace32e5a25ba749b3dfc206115dae7d689f88034a146b443fea3065 3384770 clang-modernize-3.4_3.4.2-2_amd64.deb
 9ff0d4c324f5b87f848c3ac03015369b8d843e6e6abe2c9d0793af496ed9b2f7 471818 clang-3.4-doc_3.4.2-2_all.deb
 cff9cc4e168ec01790dfa4968eac21eea28080bee21773cabccdb43f0e011aff 3619306 libclang1-3.4_3.4.2-2_amd64.deb
 29ca0f0357c4825722129eea5776ce3fed49abfef963be1df7ca5f0bde6be127 91097294 libclang1-3.4-dbg_3.4.2-2_amd64.deb
 095dc78be65e179f71520a3de9e53e652c1792de34531d12d906a7f017075aaa 8328072 libclang-3.4-dev_3.4.2-2_amd64.deb
 35318129e13d03935093a5f9d6ac8239badc5c3c8e10503cbedc6fdd106db556 543498 libclang-common-3.4-dev_3.4.2-2_amd64.deb
 123d56ce714731495544ff800b2a120edd50b00feb70ac7c46f73345fba2ee69 33416 python-clang-3.4_3.4.2-2_amd64.deb
 275233934babb3e1b63ffc39b00bd6d3acbf7e682f62ea20cf71e72ff60c5a8b 17950 clang-3.4-examples_3.4.2-2_amd64.deb
 a15ec5bc10a0a9ce1d03f3597b948d242c6a7d3493f94abbf4803c9f7d7e03ba 6721480 libllvm3.4_3.4.2-2_amd64.deb
 9e7172c7c820443cb470d32789cb7f85a4aa2d08b43d606d9d7d4b1357a22b98 110682538 libllvm3.4-dbg_3.4.2-2_amd64.deb
 975db200e4a48062f18dae395d92dae82484c07fe5b3b4131e2f6d77cdf0c673 1101928 llvm-3.4_3.4.2-2_amd64.deb
 40b8048573bf07cb73662478023def2cae795b8e387761764e6bf791bd060590 46382 llvm-3.4-runtime_3.4.2-2_amd64.deb
 6889f455b75360e42a264e43085682764c378d97449a574d0773213a0fab1543 10173772 llvm-3.4-dev_3.4.2-2_amd64.deb
 c435a62b4a61ed03180cd0fce50dc4f73009ffd61fb8ae81a4c8146381f09d6e 210508 llvm-3.4-tools_3.4.2-2_amd64.deb
 d6d3bf6f6b28607fadf2099637bd467a9fc91f826768a23d59e17f5eea160edf 284390 libllvm-3.4-ocaml-dev_3.4.2-2_amd64.deb
 b38d566679fb49a4170a6457248ec00f3d754f0e87d4b786524b263abbd18b47 1294696 llvm-3.4-doc_3.4.2-2_all.deb
 7f99aab25359bbaa257db0ff99501002266c1d7d9f8f54bf560fa6c118543e4e 176566 llvm-3.4-examples_3.4.2-2_all.deb
 dccbee56ae3b40960386a43dfad896a0da513c6e11070404e9c946f67c99901b 6316154 lldb-3.4_3.4.2-2_amd64.deb
 e3e1911fd782a3ce99f0dcdddfc61f59048469fb2dec7cbaeaf1acc5cee9de7a 3192684 lldb-3.4-dev_3.4.2-2_amd64.deb
Files:
 eeed3ad92d2a38aeacee17ece75330b9 19176500 devel optional clang-3.4_3.4.2-2_amd64.deb
 8a1c88477c2817b2d2c00c9f892f8d38 3193464 devel optional clang-format-3.4_3.4.2-2_amd64.deb
 94de40e65d50411ada03c86087a7cce6 12160 devel optional cpp11-migrate-3.4_3.4.2-2_amd64.deb
 755051abb5073c7b3e69ae67dbac596d 3384770 devel optional clang-modernize-3.4_3.4.2-2_amd64.deb
 c8778c71310cec9f1506dabcb9403353 471818 doc optional clang-3.4-doc_3.4.2-2_all.deb
 4d2e7a8907074aa6e17e9113288c20ee 3619306 devel optional libclang1-3.4_3.4.2-2_amd64.deb
 4518bdee6860be3eb6faf6cb8f231363 91097294 debug extra libclang1-3.4-dbg_3.4.2-2_amd64.deb
 09f9b8441b04a09e10c120fa98d72f9d 8328072 libdevel optional libclang-3.4-dev_3.4.2-2_amd64.deb
 be8af1d44491d503b6679dcc47f368ab 543498 libdevel optional libclang-common-3.4-dev_3.4.2-2_amd64.deb
 3a7b0ed631fcad98a9cdb197f2910a63 33416 python optional python-clang-3.4_3.4.2-2_amd64.deb
 9c74ffde73d3fb5c94ec1a62889d8501 17950 doc optional clang-3.4-examples_3.4.2-2_amd64.deb
 2dd45e1f08a2acb391e4965cd7e59d8d 6721480 libs optional libllvm3.4_3.4.2-2_amd64.deb
 554751db1e452a2677ca7a32c0c9ea21 110682538 debug extra libllvm3.4-dbg_3.4.2-2_amd64.deb
 e2984d5bc206e4bd12ed5bc49b796d05 1101928 devel optional llvm-3.4_3.4.2-2_amd64.deb
 1b12c272d3f3604a988cb5a122a273c1 46382 devel optional llvm-3.4-runtime_3.4.2-2_amd64.deb
 6aae0fd5a2cc135f5c3623e83ae01a63 10173772 devel optional llvm-3.4-dev_3.4.2-2_amd64.deb
 380617082dfd59d27c6e317666813b04 210508 devel optional llvm-3.4-tools_3.4.2-2_amd64.deb
 e21a6924bff199b19b3c4a8a29ab6cfc 284390 ocaml optional libllvm-3.4-ocaml-dev_3.4.2-2_amd64.deb
 eeee6828e9f66a4e926626c89d46a1aa 1294696 doc optional llvm-3.4-doc_3.4.2-2_all.deb
 1f540dbf123093beba5cc236f69a4318 176566 doc optional llvm-3.4-examples_3.4.2-2_all.deb
 bc1972de1d72f96c72cf6bd68658e95c 6316154 devel optional lldb-3.4_3.4.2-2_amd64.deb
 25413e2b1aad54a51c2989ff8968a996 3192684 devel optional lldb-3.4-dev_3.4.2-2_amd64.deb
 c057eb6d2ebf345838e9ea73bf7abab8 5498 devel optional llvm-toolchain-3.4_3.4.2-2.dsc
 8f3d530c6d4cef0f4d35afc082a7af08 45400 devel optional llvm-toolchain-3.4_3.4.2-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJTn+OTAAoJEH5lKNp1LxvhB80P/AqemmUCtP0qrZO3VkK7BhAf
pPNytAaCaIiwgMhJVJ2GTXF7xof8IFxvwoWZkr6blNV4XzQAFqoNN6sgHnxdmrIY
Q8Ozgylz/sJYxNwyCsjYXYdbrbWBp/e3AQ1E4MCrnhzq+tq8CtwccQyPHiwZ6e6x
F7tkFSusiBrnLr+pUsnYjo6HAww8ExBcfKEpeQIUbIBuaONv34sVt7ed7AhhCvnW
5+iBPaoAwCQV3FOgSS9wUT28lBvZGNMG9TsNnkhalu/bZlKxlnL9aFxtjxwtUUjO
ga9wNbYrx5FawnfcxDd+4xV4D83otRWlZk7WXma7fTgtGt+dt6WfPj7KMoeh+s7L
tp1B0K3A3ppOTEoY+ZGthRVSvb7TpWGOYNeqBQO7TMT+Xu3k4xz6X/qSIpv5BBiD
BwMBrmokXRUerNq0ML0Siw3Eek0lnQizLJW00JHw6U5T54OXknHB47McWFDG/xl+
K7p7qlkw0ze90GbZnI8psgckRn8fpioSAXOSXG9W6SXelBvp4YDytSUN0qCHTt6y
hftD52/TAWSxgCM7qp37EZ6QNyRRr3s1YZdsqm6/e0Qd+U+l5t5dnRm86hTnUCdT
u/03k+ZM31prsqso0M1xlqVmD2Ex1OcE0clm+W+bdrr/NWKFAQhr+7SPBmWFxR68
Od4vYOZdlDvlaseYk6sG
=kYRd
-----END PGP SIGNATURE-----

Message #53 received at 744817-close@bugs.debian.org (full text, mbox, reply):

From: Sylvestre Ledru <sylvestre@debian.org>

To: 744817-close@bugs.debian.org

Subject: Bug#744817: fixed in llvm-toolchain-snapshot 1:3.5~svn211669-1

Date: Thu, 26 Jun 2014 04:50:05 +0000

Source: llvm-toolchain-snapshot
Source-Version: 1:3.5~svn211669-1

We believe that the bug you reported is fixed in the latest version of
llvm-toolchain-snapshot, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 744817@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sylvestre Ledru <sylvestre@debian.org> (supplier of updated llvm-toolchain-snapshot package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 25 Jun 2014 07:58:03 +0200
Source: llvm-toolchain-snapshot
Binary: clang-3.5 clang-format-3.5 cpp11-migrate-3.5 clang-modernize-3.5 clang-3.5-doc libclang1-3.5 libclang1-3.5-dbg libclang-3.5-dev libclang-common-3.5-dev python-clang-3.5 clang-3.5-examples libllvm3.5 libllvm3.5-dbg llvm-3.5 llvm-3.5-runtime llvm-3.5-dev llvm-3.5-tools libllvm-3.5-ocaml-dev llvm-3.5-doc llvm-3.5-examples lldb-3.5 lldb-3.5-dev
Architecture: source amd64 all
Version: 1:3.5~svn211669-1
Distribution: unstable
Urgency: medium
Maintainer: LLVM Packaging Team <pkg-llvm-team@lists.alioth.debian.org>
Changed-By: Sylvestre Ledru <sylvestre@debian.org>
Description:
 clang-3.5  - C, C++ and Objective-C compiler (LLVM based)
 clang-3.5-doc - C, C++ and Objective-C compiler (LLVM based) - Documentation
 clang-3.5-examples - Clang examples
 clang-format-3.5 - Tool to format C/C++/Obj-C code
 clang-modernize-3.5 - Tool to convert C++98 and C++03 code to C++11
 cpp11-migrate-3.5 - Tool to convert C++98 and C++03 code to C++11
 libclang-3.5-dev - clang library - Development package
 libclang-common-3.5-dev - clang library - Common development package
 libclang1-3.5 - C interface to the clang library
 libclang1-3.5-dbg - clang library
 libllvm-3.5-ocaml-dev - Modular compiler and toolchain technologies, OCaml bindings
 libllvm3.5 - Modular compiler and toolchain technologies, runtime library
 libllvm3.5-dbg - Modular compiler and toolchain technologies, debugging libraries
 lldb-3.5   - Next generation, high-performance debugger
 lldb-3.5-dev - Next generation, high-performance debugger - Header files
 llvm-3.5   - Modular compiler and toolchain technologies
 llvm-3.5-dev - Modular compiler and toolchain technologies, libraries and header
 llvm-3.5-doc - Modular compiler and toolchain technologies, documentation
 llvm-3.5-examples - Modular compiler and toolchain technologies, examples
 llvm-3.5-runtime - Modular compiler and toolchain technologies, IR interpreter
 llvm-3.5-tools - Modular compiler and toolchain technologies, tools
 python-clang-3.5 - Clang Python Bindings
Closes: 715130 733890 744817 748777 751943
Changes:
 llvm-toolchain-snapshot (1:3.5~svn211669-1) unstable; urgency=medium
 .
   * New snapshot release
   * Fix CVE-2014-2893 (Closes: #744817)
   * Merge with 3.4/debian
   * Ship lldb-mi in lldb
   * Remove scan-build-fix-clang-detection.diff (applied upstream)
   * Ship the compiler-rt static libraries
   * Running tests respect DEB_BUILD_OPTIONS=parallel=X
    (Closes: #751943)
   * Fix FTBFS on powerpc and powerpcspe (Closes: #733890)
   * Broken library symlink fixed in lldb-3.5 (Closes: #715130)
   * Fix --use-cc when no absolute path is provided (Closes: #748777)
Checksums-Sha1:
 39afbaf0a85eec1c0bad177f4bc24804c02fc272 5817 llvm-toolchain-snapshot_3.5~svn211669-1.dsc
 48f36fea5afe5370cfe9b1eab14290f14b55a008 207576 llvm-toolchain-snapshot_3.5~svn211669.orig-clang-tools-extra.tar.bz2
 ba11e9e1c1720780ef300d61cdc529a19d1fba48 8990245 llvm-toolchain-snapshot_3.5~svn211669.orig-clang.tar.bz2
 d5c9818c86b8dfb0310061331a56d33b0836e703 1456276 llvm-toolchain-snapshot_3.5~svn211669.orig-compiler-rt.tar.bz2
 45f31b347516f88ebca71f90cde8fdfa8e3026d8 3097584 llvm-toolchain-snapshot_3.5~svn211669.orig-lldb.tar.bz2
 7b0a71bef75a1173bb5329cc6ba603e616862414 329308 llvm-toolchain-snapshot_3.5~svn211669.orig-polly.tar.bz2
 56eec548abe9ccdb1e7dc1b5b3237879e47c9e29 13326700 llvm-toolchain-snapshot_3.5~svn211669.orig.tar.bz2
 1be85398e15c9ccaa9dc1f5f5c64ef5f36889e8c 45040 llvm-toolchain-snapshot_3.5~svn211669-1.debian.tar.xz
 82df03e2aafff336dfbf5dd4901571d664bb4323 20476242 clang-3.5_3.5~svn211669-1_amd64.deb
 2e0611ea1dddd82203b723aed1a18097f7c2a0a0 386546 clang-format-3.5_3.5~svn211669-1_amd64.deb
 518225f774bbb08a2f1961669a1e5bdaa0c08003 12864 cpp11-migrate-3.5_3.5~svn211669-1_amd64.deb
 00ab1c1f9df6c0dc8973b1014d1b202cc0c35306 3443724 clang-modernize-3.5_3.5~svn211669-1_amd64.deb
 3523036750c4f29828442446e265761644ee0a42 507522 clang-3.5-doc_3.5~svn211669-1_all.deb
 7dbf4262da68f22ebbc403344f3cee9737e68e18 3592510 libclang1-3.5_3.5~svn211669-1_amd64.deb
 c1313b2288b89e4c5ee17aa2b5da851f2d21aff2 116731278 libclang1-3.5-dbg_3.5~svn211669-1_amd64.deb
 2fa1fb24e83d52b4f33bb8172a968731c1c1c239 10168122 libclang-3.5-dev_3.5~svn211669-1_amd64.deb
 c845a9838f00d908e0114f117298c1ed71c33818 623860 libclang-common-3.5-dev_3.5~svn211669-1_amd64.deb
 10c3ecc96e096263225877e085f2072452ee25d1 34412 python-clang-3.5_3.5~svn211669-1_amd64.deb
 1568ab53e87935a1229d98947d54fde964c29532 18648 clang-3.5-examples_3.5~svn211669-1_amd64.deb
 eabbaaaf33c89583c3a645b2113de512021710cc 7460958 libllvm3.5_3.5~svn211669-1_amd64.deb
 ebc4133afd617a407ff61abc6d7d733b333e0f55 138688624 libllvm3.5-dbg_3.5~svn211669-1_amd64.deb
 130e1d9b95a3940e194cc62760c4f84084c921e3 1125484 llvm-3.5_3.5~svn211669-1_amd64.deb
 d93cf53288dc05064f10742f6152c3bbc7006876 51866 llvm-3.5-runtime_3.5~svn211669-1_amd64.deb
 cd7aa1d829af47b6e9ed7586d71a516f245059e1 11665710 llvm-3.5-dev_3.5~svn211669-1_amd64.deb
 778b0115a3f13e22bfa48e0d37315ddd2b39badf 148638 llvm-3.5-tools_3.5~svn211669-1_amd64.deb
 f75182173fffcc6d5833518a6616f4620dc112a7 289478 libllvm-3.5-ocaml-dev_3.5~svn211669-1_amd64.deb
 b87cfbe1e767b3a7fe4aeed3167ec53dc83843f0 1448642 llvm-3.5-doc_3.5~svn211669-1_all.deb
 4bbb9a0bb105eaac19655dbd7a4713d04e195afd 178376 llvm-3.5-examples_3.5~svn211669-1_all.deb
 bb9cecb9c486878b9194c8953bbf35006b1bb58c 7056892 lldb-3.5_3.5~svn211669-1_amd64.deb
 a3d60da4574675a4007b7e5b6c72cd25f66a3b08 3692992 lldb-3.5-dev_3.5~svn211669-1_amd64.deb
Checksums-Sha256:
 9edd543187b68edf3f9df02a3af86adfb0b5e307af43e68d39efdef31a4d91e5 5817 llvm-toolchain-snapshot_3.5~svn211669-1.dsc
 874dcd36c8219367df759c217a1d85969f841f776c0d60c3e08550f606b96732 207576 llvm-toolchain-snapshot_3.5~svn211669.orig-clang-tools-extra.tar.bz2
 561e7a9d92fc495a5e9b15fbcd52c450655abf4a2f5d0951930145d8718dc0f8 8990245 llvm-toolchain-snapshot_3.5~svn211669.orig-clang.tar.bz2
 907b90b4102f863a41e2218d736960267d42d5eb17b12aba293b4f0300c44efb 1456276 llvm-toolchain-snapshot_3.5~svn211669.orig-compiler-rt.tar.bz2
 cd2dbca7b5945e720f5b563c1808dedde5652d8ae5f6548b667a94ce888754c9 3097584 llvm-toolchain-snapshot_3.5~svn211669.orig-lldb.tar.bz2
 e8d1eb52b5525f7724209ce05e6363995500fef829916549e8164e2fc94eb95e 329308 llvm-toolchain-snapshot_3.5~svn211669.orig-polly.tar.bz2
 d59813dbe8afe2cdc02da683a995f3fdc347058883b7f39948a9bcab50e4346d 13326700 llvm-toolchain-snapshot_3.5~svn211669.orig.tar.bz2
 44e6e3771e590dc1d219a0dee85a3c5b41f06744517cb82d2e309df670664532 45040 llvm-toolchain-snapshot_3.5~svn211669-1.debian.tar.xz
 5c59b3f49acecfdbe1481ae7283bc26e49b067c6bf6d2eae5bbe34fe7d31350a 20476242 clang-3.5_3.5~svn211669-1_amd64.deb
 c2ea521f1958fdd4695c63cf833baf8c4b5ac7c16a9182ddfceeb21f7a0ed51a 386546 clang-format-3.5_3.5~svn211669-1_amd64.deb
 2ce71b0f2e93d0099e16b2d2885e86a06fd9b2dfed8c4ca2461e340936a627b6 12864 cpp11-migrate-3.5_3.5~svn211669-1_amd64.deb
 ea8397ac0dc942a3d7dbf85a3e58ec9d022ad1dc85580b2f963d7919962c08fb 3443724 clang-modernize-3.5_3.5~svn211669-1_amd64.deb
 0cc6d047416feacbbc04176ba5b972d78f76f06e3908c306cb502013be21a8f9 507522 clang-3.5-doc_3.5~svn211669-1_all.deb
 f4c102e83470b72507f1cc6f93bc683418acf9c43e071a337e0837ca73b48cd3 3592510 libclang1-3.5_3.5~svn211669-1_amd64.deb
 442731e87a2c180fab268adfe1e57ba9b80ce258403a85e80e757342abd71bb8 116731278 libclang1-3.5-dbg_3.5~svn211669-1_amd64.deb
 c5b119c6263109784aaaa4bbdfda390045f407ba4f1b5b79f622c28ec86a3aac 10168122 libclang-3.5-dev_3.5~svn211669-1_amd64.deb
 2ada5f104823edb0ec9cb4a35d56990572434e9401d6f97a6dbbaa36ae3cf43f 623860 libclang-common-3.5-dev_3.5~svn211669-1_amd64.deb
 007b59d63a77c0abe2ae6ab9eeb0f5bd6e6879ea14d7cc6ec2842b24508d75a9 34412 python-clang-3.5_3.5~svn211669-1_amd64.deb
 4901d8fd75bc4847e53a438a1422b82847b7225858cdcefb16f777432969d7ee 18648 clang-3.5-examples_3.5~svn211669-1_amd64.deb
 8ce2756f05145cf4d090c3bec85d7a6b126c2fdd9fdd1e9465b54d481504b656 7460958 libllvm3.5_3.5~svn211669-1_amd64.deb
 56e5717dde1a0eb7b8bb46924114e5b5b33efb597632e25ef83d0e6a7fa4a1de 138688624 libllvm3.5-dbg_3.5~svn211669-1_amd64.deb
 73842cf8c76fd80a2a98ad29087a5c566812cba2f35d0277578c9cb7d1066d87 1125484 llvm-3.5_3.5~svn211669-1_amd64.deb
 a1f4bddec0484816217274395fcdba3d7a7b3970c3f4cd9506a10a3ca736064c 51866 llvm-3.5-runtime_3.5~svn211669-1_amd64.deb
 806122b3c1efe418c8b05b9a32dcc0d042f35be226a71cb653c4b9c77615d612 11665710 llvm-3.5-dev_3.5~svn211669-1_amd64.deb
 17f8d53822fe1cb5bdffa7a4ce5bc0c4eb694de2678889ea18c644b3e831f96f 148638 llvm-3.5-tools_3.5~svn211669-1_amd64.deb
 f9582c780b5f819c6e51128d223a9987da5cff38c907d699b7791766ce06c428 289478 libllvm-3.5-ocaml-dev_3.5~svn211669-1_amd64.deb
 2ffce7ba1fe78160a7aa97452d3be8f101f50185a9b34588a7c8518fc614da94 1448642 llvm-3.5-doc_3.5~svn211669-1_all.deb
 5281019a622eae7d6528746529de0cfc266d02dbe90ad042343c54b6d35c26d7 178376 llvm-3.5-examples_3.5~svn211669-1_all.deb
 3c8a89737543033b6b7c4f675d95ba4c76e47add331202c6ccf15ec7a21d1173 7056892 lldb-3.5_3.5~svn211669-1_amd64.deb
 046bb21e2ff8e57bec5c92ff040356da57ae9beb2fa6e70ac7d072f3d4f81023 3692992 lldb-3.5-dev_3.5~svn211669-1_amd64.deb
Files:
 a1abe79b431ab48424dc1b61fcf956e6 20476242 devel optional clang-3.5_3.5~svn211669-1_amd64.deb
 07a09990ab2d3c54808985b377f1f426 386546 devel optional clang-format-3.5_3.5~svn211669-1_amd64.deb
 12b244d534566406a77af2a514ef2ed8 12864 devel optional cpp11-migrate-3.5_3.5~svn211669-1_amd64.deb
 1136c90f5b580dd02b14ad0e6c642c7c 3443724 devel optional clang-modernize-3.5_3.5~svn211669-1_amd64.deb
 d6129af2f2ff480fde4487e882eac058 507522 doc optional clang-3.5-doc_3.5~svn211669-1_all.deb
 d5821edbcfe74a1320c54ae1df252674 3592510 devel optional libclang1-3.5_3.5~svn211669-1_amd64.deb
 dbe99a198f90fcd45dccf6047da02b37 116731278 debug extra libclang1-3.5-dbg_3.5~svn211669-1_amd64.deb
 a2eab4a56d5bd8e888b56ae0987b1e63 10168122 libdevel optional libclang-3.5-dev_3.5~svn211669-1_amd64.deb
 e5582953cecb523f4d496eceef8dcdbe 623860 libdevel optional libclang-common-3.5-dev_3.5~svn211669-1_amd64.deb
 536223473458bd4be285dad165fbcdb5 34412 python optional python-clang-3.5_3.5~svn211669-1_amd64.deb
 36b7ee4d85b980991139ce24accad30f 18648 doc optional clang-3.5-examples_3.5~svn211669-1_amd64.deb
 d0760c1797e4eb56bc8c2aae44df4d1e 7460958 libs optional libllvm3.5_3.5~svn211669-1_amd64.deb
 05759f22da4e39823f86dfb5a26c8043 138688624 debug extra libllvm3.5-dbg_3.5~svn211669-1_amd64.deb
 3ec70a6e304d229911dad6763ff8a93b 1125484 devel optional llvm-3.5_3.5~svn211669-1_amd64.deb
 d9568627500b6199d9e710c3b746dfb3 51866 devel optional llvm-3.5-runtime_3.5~svn211669-1_amd64.deb
 773e2dee09ebe9d2b60a2293ce92f90b 11665710 devel optional llvm-3.5-dev_3.5~svn211669-1_amd64.deb
 c2ff7423150c9020e1b6e79f75286bfc 148638 devel optional llvm-3.5-tools_3.5~svn211669-1_amd64.deb
 0fca6d641d00048c2623439e3f253bcf 289478 ocaml optional libllvm-3.5-ocaml-dev_3.5~svn211669-1_amd64.deb
 c6ce322417cc477083f66ef4445be13d 1448642 doc optional llvm-3.5-doc_3.5~svn211669-1_all.deb
 cffac0022c34c0ed3ed05fd1097b57de 178376 doc optional llvm-3.5-examples_3.5~svn211669-1_all.deb
 1d20a7fd15ec5057581950ad4f145a0e 7056892 devel optional lldb-3.5_3.5~svn211669-1_amd64.deb
 d51038baf2cfe8642652507004e56f86 3692992 devel optional lldb-3.5-dev_3.5~svn211669-1_amd64.deb
 cbb0fa517900000773a0d994b387f09d 5817 devel optional llvm-toolchain-snapshot_3.5~svn211669-1.dsc
 034e5c578ef3012347711f8fe7921b98 207576 devel optional llvm-toolchain-snapshot_3.5~svn211669.orig-clang-tools-extra.tar.bz2
 b6374f3137cd7828d47edfaa34cdd7f2 8990245 devel optional llvm-toolchain-snapshot_3.5~svn211669.orig-clang.tar.bz2
 da441057c0c4cec152c6cf59fad0f561 1456276 devel optional llvm-toolchain-snapshot_3.5~svn211669.orig-compiler-rt.tar.bz2
 f7c6e9c6e9e0d61617df4c6845ae4d25 3097584 devel optional llvm-toolchain-snapshot_3.5~svn211669.orig-lldb.tar.bz2
 c61a45f24543935d766687b11c416d21 329308 devel optional llvm-toolchain-snapshot_3.5~svn211669.orig-polly.tar.bz2
 681c18b39f2e3a6bd1570f338ce5c0e2 13326700 devel optional llvm-toolchain-snapshot_3.5~svn211669.orig.tar.bz2
 be6549cf234b8e9278c860399db2a69c 45040 devel optional llvm-toolchain-snapshot_3.5~svn211669-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJTq6MbAAoJEH5lKNp1LxvhylYP/0gjIOfPhP2Jx0VD/RtTwS/C
V0jBYR+CY6NTjEXXJ6IKuatFp1U7SgA7YoBdVaqBr4Sk+ePjQRuKF9VzfFIBhL/o
lP0Xsv8cyxyH5aonFi5bXzJ66PqMwAwMLhJQw4VJRsj+0Cclz2AdNJS7pvKYc3su
7wcdY+w4Cfg4FO8Vqf8pGSP3yEauu5uwjRTZCDIVj8IojvqZ48Qf9TWg0ElVIm/L
tf4imYVGT4+7fPmuWhZOmvRjdBx6VdT03QW5TWUZ3T8hijby8mZ1j+Koes5zIBWl
uhDAElY1SomFSTyXutlFzceqOr1O+q0fzDMF2FS2KaOUOanyY9YzPunP7oMWP7FG
lnWummjeagAAV6/baOJ7RuDSBdhVz+DPqvYRT3861S3g0LkCBlQkR5bv3K6Kzhor
WD92Ypwd3ey/+thGyANIgvolMb070++xlyA8FQanF8EcjdY5pLuk1pkP10agIHWQ
Kh5EQ+zeAihIy8J7Y46AQCktGxroRBsE+Ab76dfaDve8w/RLPF6xnY3ci6YPe92k
T3q+Evj2YJfHZnEjv1w3VznckUHYcoMNJlf4gXSIIUqJnBf/iEsYUIufBwmzCh/v
LFdlh4E71GEzURz/AC3yXpgdDLwNmlHMPUGUU4QFjSiTgzXwhtQiqavRh8axHOKr
6xDcgUD3zaKtTZ/xieI9
=kAEE
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.