CVE-2015-1781

Debian Bug report logs - #796105
CVE-2015-1781

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Moritz Muehlenhoff <jmm@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: CVE-2015-1781

Date: Wed, 19 Aug 2015 15:59:06 +0200

Source: glibc
Severity: important
Tags: security

Hi,
please see https://sourceware.org/bugzilla/show_bug.cgi?id=18287

Fix:
https://sourceware.org/git/?p=glibc.git;a=commit;h=2959eda9272a03386

Cheers,
        Moritz

Message #10 received at 796105-close@bugs.debian.org (full text, mbox, reply):

From: Aurelien Jarno <aurel32@debian.org>

To: 796105-close@bugs.debian.org

Subject: Bug#796105: fixed in glibc 2.21-0experimental1

Date: Sat, 29 Aug 2015 13:00:21 +0000

Source: glibc
Source-Version: 2.21-0experimental1

We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 796105@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 29 Aug 2015 00:43:02 +0200
Source: glibc
Binary: libc-bin libc-dev-bin libc-l10n glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb
Architecture: source all amd64
Version: 2.21-0experimental1
Distribution: experimental
Urgency: medium
Maintainer: Aurelien Jarno <aurel32@debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description:
 glibc-doc  - GNU C Library: Documentation
 glibc-source - GNU C Library: sources
 libc-bin   - GNU C Library: Binaries
 libc-dev-bin - GNU C Library: Development binaries
 libc-l10n  - GNU C Library: localization files
 libc0.1    - GNU C Library: Shared libraries
 libc0.1-dbg - GNU C Library: detached debugging symbols
 libc0.1-dev - GNU C Library: Development Libraries and Header Files
 libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64
 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64
 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc0.1-pic - GNU C Library: PIC archive library
 libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc0.3    - GNU C Library: Shared libraries
 libc0.3-dbg - GNU C Library: detached debugging symbols
 libc0.3-dev - GNU C Library: Development Libraries and Header Files
 libc0.3-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc0.3-pic - GNU C Library: PIC archive library
 libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc0.3-xen - GNU C Library: Shared libraries [Xen version]
 libc6      - GNU C Library: Shared libraries
 libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64
 libc6-dbg  - GNU C Library: detached debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64
 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64
 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS
 libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64
 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64
 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64
 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64
 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries
 libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC
 libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC
 libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64
 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64
 libc6-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc6-loongson2f - GNU C Library: Shared libraries (Loongson 2F optimized)
 libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS
 libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64
 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64
 libc6-pic  - GNU C Library: PIC archive library
 libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64
 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64
 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries
 libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC
 libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC
 libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc6-x32  - GNU C Library: X32 ABI Shared libraries for AMD64
 libc6-xen  - GNU C Library: Shared libraries [Xen version]
 libc6.1    - GNU C Library: Shared libraries
 libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized)
 libc6.1-dbg - GNU C Library: detached debugging symbols
 libc6.1-dev - GNU C Library: Development Libraries and Header Files
 libc6.1-pic - GNU C Library: PIC archive library
 libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb)
 libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb)
 locales    - GNU C Library: National Language (locale) data [support]
 locales-all - GNU C Library: Precompiled locale data
 multiarch-support - Transitional package to ensure multiarch compatibility
 nscd       - GNU C Library: Name Service Cache Daemon
Closes: 717544 766877 775179 781245 782198 788352 796105
Changes:
 glibc (2.21-0experimental1) experimental; urgency=medium
 .
   [ Samuel Thibault ]
   * patches/hurd-i386/cvs-libpthread.diff: Update from upstream.
   * patches/hurd-i386/cvs-libpthread-dlopen.diff: Merged.
   * patches/hurd-i386/cvs-libpthread-libc-lockP2.diff: Merged.
   * patches/hurd-i386/cvs-bind_umask.diff: Merged.
   * patches/hurd-i386/cvs-fork_ss_hang.diff: Merged.
   * patches/hurd-i386/cvs-munmap-0.diff: Merged.
   * patches/hurd-i386/cvs-static-dlopen.diff: Merged.
   * patches/hurd-i386/cvs-tcbhead_t.diff: Merged.
   * patches/hurd-i386/cvs-libpthread_versions.diff: Rebased.
   * patches/hurd-i386/local-disable-tst-xmmymm.diff: Dropped.
   * patches/hurd-i386/local-hurdsig-global-dispositions-version.diff: Rebased.
   * patches/hurd-i386/submitted-exec_filename.diff: Rebased.
   * patches/hurd-i386/submitted-net.diff: Rebased.
   * patches/hurd-i386/tg-EIEIO-fr.diff: Rebased.
   * patches/hurd-i386/tg-af_local_strlen.diff: Rebased.
   * patches/hurd-i386/tg-chflags.diff: Rebased.
   * patches/hurd-i386/tg-tls-threadvar.diff: Update.
   * patches/hurd-i386/tg-tls.diff: Rebased.
   * patches/hurd-i386/tg-tls_thread_leak.diff: Rebased.
   * patches/hurd-i386/unsubmitted-NO_HIDDEN.diff: Rebased.
   * patches/hurd-i386/tg-no-hp-timing.diff: Update.
   * patches/series: Re-enable all hurd patches.
   * patches/hurd-i386/libpthread-versions.diff: New patch, updates to new
     version engine.
   * patches/hurd-i386/cvs-revert-gnu-gnu-cleanup.diff: New patch, reverts
     cleanup of the gnu-gnu hack.
   * patches/hurd-i386/libpthread_pthread_types.diff: New patch, fixes
     inclusion of pthread_types.h
   * patches/hurd-i386/unsubmitted-libc_alloca_cutoff.diff: New patch,
     implements alloca cutoff limit.
   * patches/hurd-i386/cvs-unwind-resume.diff: New patch, fixes unwind-resume
     build.
   * patches/hurd-i386/unsubmitted-libpthread-semaphore.h.diff: New patch,
     fixes semaphore header inclusion.
   * patches/hurd-i386/unsubmitted-timer_routines.diff: New patch, fixes
     timer_routines build.
   * patches/hurd-i386/cvs-libc-modules.h.diff: New patch, adds missing
     dependency on libc-modules.h.
   * patches/hurd-i386/cvs-warnings.diff: New patch, fixes warnings.
   * patches/hurd-i386/cvs-check-local-headers.diff: New patch, clears spurious
     local-header warnings.
   * sysdeps/hurd.mk: Disable -Werror since MIG currently generates warnings.
   * testsuite-checking/expected-results-{i586-gnu-libc,i686-gnu-
     {i386,i686,xen}}: update testsuite results
 .
   [ Adam Conrad ]
   * debian/{rules.d/debhelper.mk,sysdeps/*}: Define per-platform pldd
     variable to control installation of usr/bin/pldd in libc-bin, and
     leverage the same trick to decide to install usr/lib/pt_chown too.
   * debian/patches/kfreebsd/local-no-pldd.diff: Drop, no longer used.
   * debian/patches/alpha/submitted-PTR_MANGLE.diff: Use IS_IN macros.
   * debian/patches/powerpc/cvs-ppc-sqrt.diff: Fix sqrt() on powerpc.
   * debian/patches/powerpc/cvs-ppc-sqrtf.diff: Likewise for sqrtf().
   * debian/patches/powerpc/cvs-ppc-pow.diff: Likewise for pow().
   * debian/patches/powerpc/cvs-ppc-feraiseexcept.diff: Fix inline
     feraiseexcept and feclearexcept macro input conversion on PPC.
   * debian/patches/any/submitted-longdouble.diff: Refresh for above.
   * debian/patches/any/local-disable-test-tgmath4.diff: Likewise.
   * debian/patches/any/cvs-logbl-accuracy.diff: Fix ldbl-128ibm logbl.
   * debian/patches/powerpc/local-math-logb.diff: Refresh and move to
     debian/patches/any/local-math-logb.diff, as it's not PPC-specific.
   * debian/patches/any/cvs-localplt-new-readelf.diff: Preemptively
     fix localplt test breakage with binutils 2.26 before it lands.
   * debian/patches/any/cvs-make-typo.diff: Fix typo in elf/Makefile.
   * debian/patches/powerpc/cvs-power7-strncpy.diff: Optimize strncpy
     for POWER7 drastically (10-70%) on strings longer than 16 chars.
   * debian/patches/powerpc/cvs-ppc-tabort-le.diff: Fix TABORT encoding
     when building on toolchains without HTM support (no-op on gcc-4.9)
   * debian/patches/arm/cvs-arm-sfi_breg.diff: Fix LDR_GLOBAL macro.
   * debian/patches/arm/cvs-memcpy-memmove-always-bx.diff: Fix memcpy
     and memmove for the ARM_ALWAYS_BX class of hardware like ArmadaXP.
   * debian/{control.in/*,debhelper.in/*,rules.d/*}: Stop hardcoding our
     upstream version all over the place and use GLIBC_VERSION instead.
   * debian/debhelper.in/libc.preinst: Unconditionally wipe ld.so.cache
     on major version upgrades, which is significantly less error-prone.
 .
   [ Aurelien Jarno ]
   * debian/patches/any/local-libgcc-compat-main.diff: Fix definition of
     __floatdisf for sparc.
   * debian/patches/any/local-libgcc-compat-ports.diff: Fix definition of
     __floatdisf for mips. Remove usage of INTUSE (Closes: #782198).
   * debian/sysdeps/linux.mk, debhelper.in/libc.preinst: bump minimal Linux
     kernel version to 3.2 (ie the version in Wheezy).
   * debian/patches/localedata/locale-C.diff: fix d_fmt time format (Closes:
     #775179).
   * Create source tarball in a deterministic manner: adjust file modification
     time, user, group, permissions, and file order (addresses: #783210).
   * Update from upstream stable branch:
     - Fix a buffer overflow in overflow in getanswer_r (CVE-2015-1781)
       Closes: #796105.
   * sysdeps/linux.mk: don't build pt_chown (CVE-2013-2207). Closes: #717544.
   * Move translation to a new libc-l10n package from the locales packages.
     Add a dependency from locales and locales-all to libc-l10n, so that they
     both provide the same feature. Closes: #788352.
   * control.in/main: Bump Standards-Version to 3.9.6 (no changes).
 .
   [ Breno Leitao ]
   * Remove --without-cvs that is not used anymore as a valid configuration.
     It was removed in commit 92963737c4376bcfd65235d5c325fa7f48302f89
     (Closes: #781245).
 .
   [ Matthias Klose ]
   * Fix multilib enabled stage1 cross builds (closes: #766877).
Checksums-Sha1:
 d61af29d082d6d557d72d6fbe6e0d5f5c82a6010 8327 glibc_2.21-0experimental1.dsc
 2f8c4269a8ba8c30c8f6c66cfacfcf041caa87a4 972228 glibc_2.21-0experimental1.debian.tar.xz
 71cf6a29e87041a8eb2f878602190755ae4dd1c0 2351200 glibc-doc_2.21-0experimental1_all.deb
 5ef0cf0f646650f588e3324dcff65a13ebbe594d 14014956 glibc-source_2.21-0experimental1_all.deb
 cbf6138158bcee90672fcd760b8a56e99150faad 784776 libc-l10n_2.21-0experimental1_all.deb
 29e1677514fcf78fd9ff6a65e2ed79a909d78708 3337440 locales_2.21-0experimental1_all.deb
Checksums-Sha256:
 58459e5338faaf2d8f1240b0204752bd048b3a2dc130f988b19ec20f2abf97cb 8327 glibc_2.21-0experimental1.dsc
 cd1881e9fa51fb33e9cece843fb17f40f0c945f80d2e9c19732c6b6ddf40b3a6 972228 glibc_2.21-0experimental1.debian.tar.xz
 bdc1db55cb5732f5b66322b9956887725484d0006942e39415a1955ff71af274 2351200 glibc-doc_2.21-0experimental1_all.deb
 fa9fd08053e53d07952b3192d653def36cad17f233362c29573fc0fc60b2814a 14014956 glibc-source_2.21-0experimental1_all.deb
 205e77af78fa0bc04327ef7c63293dd3cd47de6088f4e7540844b1f7d3fc261a 784776 libc-l10n_2.21-0experimental1_all.deb
 d42a3b9e21fb18fcb35d7acd5e0190aafb6d018185e07f9c147c2381eaf291af 3337440 locales_2.21-0experimental1_all.deb
Files:
 e79df7ffb7b6e2176f017aca68be886c 8327 libs required glibc_2.21-0experimental1.dsc
 ec53c2241fc99b680a4df743f65d4464 972228 libs required glibc_2.21-0experimental1.debian.tar.xz
 fc875c1f16055bb395c3863cdf046672 2351200 doc optional glibc-doc_2.21-0experimental1_all.deb
 ad27f1b064276ca1919fdf2e7b8d1af8 14014956 devel optional glibc-source_2.21-0experimental1_all.deb
 5537158eb7e1208615d277aa33eca45b 784776 localization standard libc-l10n_2.21-0experimental1_all.deb
 bd8382066e25814d23f1e99d7661aee6 3337440 localization standard locales_2.21-0experimental1_all.deb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJV4PNHAAoJELqceAYd3YybKx4P/3C8QIZmfy/Mrw69HI+fYx8z
oHAJxRIl32zItYVA5CGXeKu04eLjfkVcmq14wwZeUS2d8IW86k6j4CQjte4i3yG3
bccr4FFsEq17RS725wGRP1kG9f5w/xYOkRC7DjQlxqJe0XWKYCBs+AqDYqWETrLJ
//OmsoHpzcyOfREtncDhbs8BI8SsrVV8rOxKewO11ugvq4kAYBnv7TNrnfDIy6uO
VwMgm+pgNyL+Qdwhj4fLg26hofM/7R334FXCLcVEfeX862esmRurp2udm6DgxyIZ
laBbB5hTUB+Jwa8+/0abNLwx7cBYgMdSKSi6TwGRhnombmXJXrZX877wvggsJduj
pulLDI72OBDHmF4w9BnzPMr874G2NqKyZV0MSepF+Cqism9bVbBCC0w7BIklAdPU
K9zjX/rxMGH5zaJY0lbRNltIUarS0Cz3wLiKZDJRLMpAsFGiZ/uVylbHaTXnjNpN
pOWVerG9DmMgL7Y+Gtx2eK8fQxsY2WQ5onuiHaAU6FvxpDgBeFPzigrbYBhWhOvJ
jwa+qh9lqrffw/EKhmiF/xdh+dC1LdwUBuhV+r4wRomFfE5p1Bq7XQ3vBPfYrTEV
5Z3aBHqg2Gto/H6lXp9o1nRooSMjYT2w69xUO5RvLqc7md7eh4d0zAf7grzt6Wlw
MiTXjAc2gJeq/9b5nsLl
=GCZs
-----END PGP SIGNATURE-----

Message #15 received at 796105-close@bugs.debian.org (full text, mbox, reply):

From: Aurelien Jarno <aurel32@debian.org>

To: 796105-close@bugs.debian.org

Subject: Bug#796105: fixed in glibc 2.19-18+deb8u1

Date: Sat, 29 Aug 2015 15:47:06 +0000

Source: glibc
Source-Version: 2.19-18+deb8u1

We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 796105@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sat, 29 Aug 2015 10:56:31 +0200
Source: glibc
Binary: libc-bin libc-dev-bin glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb
Architecture: source all amd64
Version: 2.19-18+deb8u1
Distribution: stable
Urgency: medium
Maintainer: Aurelien Jarno <aurel32@debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description:
 glibc-doc  - GNU C Library: Documentation
 glibc-source - GNU C Library: sources
 libc-bin   - GNU C Library: Binaries
 libc-dev-bin - GNU C Library: Development binaries
 libc0.1    - GNU C Library: Shared libraries
 libc0.1-dbg - GNU C Library: detached debugging symbols
 libc0.1-dev - GNU C Library: Development Libraries and Header Files
 libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64
 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64
 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc0.1-pic - GNU C Library: PIC archive library
 libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc0.3    - GNU C Library: Shared libraries
 libc0.3-dbg - GNU C Library: detached debugging symbols
 libc0.3-dev - GNU C Library: Development Libraries and Header Files
 libc0.3-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc0.3-pic - GNU C Library: PIC archive library
 libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc0.3-xen - GNU C Library: Shared libraries [Xen version]
 libc6      - GNU C Library: Shared libraries
 libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64
 libc6-dbg  - GNU C Library: detached debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64
 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64
 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS
 libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64
 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64
 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64
 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64
 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries
 libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC
 libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC
 libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64
 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64
 libc6-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc6-loongson2f - GNU C Library: Shared libraries (Loongson 2F optimized)
 libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS
 libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64
 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64
 libc6-pic  - GNU C Library: PIC archive library
 libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64
 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64
 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries
 libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC
 libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC
 libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc6-x32  - GNU C Library: X32 ABI Shared libraries for AMD64
 libc6-xen  - GNU C Library: Shared libraries [Xen version]
 libc6.1    - GNU C Library: Shared libraries
 libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized)
 libc6.1-dbg - GNU C Library: detached debugging symbols
 libc6.1-dev - GNU C Library: Development Libraries and Header Files
 libc6.1-pic - GNU C Library: PIC archive library
 libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb)
 libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb)
 locales    - GNU C Library: National Language (locale) data [support]
 locales-all - GNU C Library: Precompiled locale data
 multiarch-support - Transitional package to ensure multiarch compatibility
 nscd       - GNU C Library: Name Service Cache Daemon
Closes: 759197 788999 794222 796105
Changes:
 glibc (2.19-18+deb8u1) stable; urgency=medium
 .
   [ Aurelien Jarno ]
   * Update from upstream stable branch:
     - Fix pthread_mutex_trylock with lock elision.  Closes: #759197,
       #788999.
     - Fix gprof entry point on ppc64el.  Closes: #794222.
     - Fix a buffer overflow in getanswer_r (CVE-2015-1781).
       Closes: #796105.
Checksums-Sha1:
 b7188cdfc5bf35953b054469d0441e7c51c71619 8236 glibc_2.19-18+deb8u1.dsc
 5e6a409379644778ad1bd14f276663213a4352ca 1044476 glibc_2.19-18+deb8u1.debian.tar.xz
 886bca58a16c74214b6df212e886375a4d7039e8 2266080 glibc-doc_2.19-18+deb8u1_all.deb
 70a00739f3aa9d810926c99bb33540f4a5843d95 13998064 glibc-source_2.19-18+deb8u1_all.deb
 f5a4e24bee1bbd2a3b9288f8025c48f01e986cac 3908102 locales_2.19-18+deb8u1_all.deb
Checksums-Sha256:
 3d966ff27fb6aa1392d956f133ef21622da1e950e3f0a7e04bcad1037bd80705 8236 glibc_2.19-18+deb8u1.dsc
 fb3b2d338bdd663fee605485fe18f7a7d0c4923d68d889d4e161e5e469034479 1044476 glibc_2.19-18+deb8u1.debian.tar.xz
 e930776ad1036c8dae0bda0cb9c16cf0cb54eb3d49b4525de09cf317f0a374dc 2266080 glibc-doc_2.19-18+deb8u1_all.deb
 41c65a0c83451d239e58063c5c47685ea55715f52827bee12991220359b749ae 13998064 glibc-source_2.19-18+deb8u1_all.deb
 9bca0d296807d0422a0049b6991f43d0ec656c9a736026a32f841d1232019a12 3908102 locales_2.19-18+deb8u1_all.deb
Files:
 4f2cab598aef2a15959a9e974d104a96 8236 libs required glibc_2.19-18+deb8u1.dsc
 5eb44a1092df15bad4db43deebf46d44 1044476 libs required glibc_2.19-18+deb8u1.debian.tar.xz
 cc0819f61aa35a14698b6fadf82a1862 2266080 doc optional glibc-doc_2.19-18+deb8u1_all.deb
 a7ab5e3c5d69450b304da0ee2a47043a 13998064 devel optional glibc-source_2.19-18+deb8u1_all.deb
 9c0d8e2a20cdf48e06be9e14909d4472 3908102 localization standard locales_2.19-18+deb8u1_all.deb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJV4Z9XAAoJELqceAYd3YybV+kP/3FYkQwGj2bAQf8mAWNeKm/0
LTDQf/ofmqq/ZwusZAX/+49OmkB9AYZeYu2rJiUXBBR423MtTXQ2SZWxOOifHXsc
z50K8HGAHklzE4qnPkHTS+ZUyvpdvB/Z4XaqurzLnruN+5CUC5dCYN6jEblmRLSu
4+vTTgTOaB1wHptVV+vEJsD2gLFroMaN+cczLVA8OymjFL/MAnnl73DoxpFEHs4Z
wdQSLjeYSRrqFo+ugHqUMbTienFLd7AO35b5QMsXikkg38U2s+BQgzT8wsWwrZmf
sgAAVdJzRnSzSyYU982Oq5EPTD2Qkn0WVX2HI3otH8A9ShwNX1CTzDUnujeUT+m5
y3HfqMGsz3N77Cgsp6XjVN6tQCgg0q9BIk/3DKP0Ajnc3Mnwyp70pJdvFakJj1Ey
wGA3JRhqEJzxsmPY9C40CKtPvdwSHZ45PY1lH6ixHdquHkXWUztTmOCkKP7JRdJ5
W/laEip9Nm6CpK6G3xLAp2HnyINpjuUjI4n00ujgsT1LnImdgiNMsM/iq4pLyu+i
HXMUbQBW1DTcZgGCPDS5laRvdPylpWKdej7wBiRBy1YDFaHEFDw6FxsaBG/2TmUW
nQo/1eTFUS/wTE43E10SE1acVIXOVaUX9YnX3tAuebqoJwpNoaufbSuY5ubdKwvM
XMBv26ld7wHz9qXqSbub
=PlXa
-----END PGP SIGNATURE-----

Message #20 received at 796105-close@bugs.debian.org (full text, mbox, reply):

From: Aurelien Jarno <aurel32@debian.org>

To: 796105-close@bugs.debian.org

Subject: Bug#796105: fixed in glibc 2.19-20

Date: Sun, 13 Sep 2015 17:19:48 +0000

Source: glibc
Source-Version: 2.19-20

We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 796105@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 13 Sep 2015 18:39:36 +0200
Source: glibc
Binary: libc-bin libc-dev-bin glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb
Architecture: source all amd64
Version: 2.19-20
Distribution: unstable
Urgency: medium
Maintainer: Aurelien Jarno <aurel32@debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description:
 glibc-doc  - GNU C Library: Documentation
 glibc-source - GNU C Library: sources
 libc-bin   - GNU C Library: Binaries
 libc-dev-bin - GNU C Library: Development binaries
 libc0.1    - GNU C Library: Shared libraries
 libc0.1-dbg - GNU C Library: detached debugging symbols
 libc0.1-dev - GNU C Library: Development Libraries and Header Files
 libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64
 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64
 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc0.1-pic - GNU C Library: PIC archive library
 libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc0.3    - GNU C Library: Shared libraries
 libc0.3-dbg - GNU C Library: detached debugging symbols
 libc0.3-dev - GNU C Library: Development Libraries and Header Files
 libc0.3-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc0.3-pic - GNU C Library: PIC archive library
 libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc0.3-xen - GNU C Library: Shared libraries [Xen version]
 libc6      - GNU C Library: Shared libraries
 libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64
 libc6-dbg  - GNU C Library: detached debugging symbols
 libc6-dev  - GNU C Library: Development Libraries and Header Files
 libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64
 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64
 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS
 libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64
 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64
 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64
 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64
 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries
 libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC
 libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC
 libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64
 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64
 libc6-i686 - GNU C Library: Shared libraries [i686 optimized]
 libc6-loongson2f - GNU C Library: Shared libraries (Loongson 2F optimized)
 libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS
 libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64
 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64
 libc6-pic  - GNU C Library: PIC archive library
 libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64
 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64
 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries
 libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC
 libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC
 libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libc6-x32  - GNU C Library: X32 ABI Shared libraries for AMD64
 libc6-xen  - GNU C Library: Shared libraries [Xen version]
 libc6.1    - GNU C Library: Shared libraries
 libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized)
 libc6.1-dbg - GNU C Library: detached debugging symbols
 libc6.1-dev - GNU C Library: Development Libraries and Header Files
 libc6.1-pic - GNU C Library: PIC archive library
 libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
 libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb)
 libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb)
 locales    - GNU C Library: National Language (locale) data [support]
 locales-all - GNU C Library: Precompiled locale data
 multiarch-support - Transitional package to ensure multiarch compatibility
 nscd       - GNU C Library: Name Service Cache Daemon
Closes: 759197 785664 788999 793543 794222 796105 796899 798515
Changes:
 glibc (2.19-20) unstable; urgency=medium
 .
   [ Samuel Thibault ]
   * patches/hurd-i386/tg-mmap32th_bit.diff: New patch to fix libpciaccess
     mapping of BARs above 2GiB. Closes: #793543.
   * rules.d/build.mk: Also install crt0.o in stage1, if any.
   * sysdeps/hurd-i386.mk: Fix stage1 about xen packages for hurd-i386 too.
   * patches/hurd-i386/tg-sysheaders.diff: New patch to fix stage1 finding hurd
     headers.
   * patches/hurd-i386/cvs-libpthread_clean2.diff: New patch to drop spurious
     code getting in the way for stage1.
   * patches/hurd-i386/cvs-libpthread_build.diff: New patch to fix build of
     generic libpthread code.
   * patches/hurd-i386/libpthread_build.diff: Fix header inclusion to get
     pthread headers from libpthread/ instead of system.
   * sysdeps/hurd.mk: Create symlinks to kernel and hurd headers required for
     build, so that we can pass --with-headers to configure to make the build
     really self-hosted.
   * patches/hurd-i386/local-clock_gettime_MONOTONIC.diff: Update patch to not
     advertise _POSIX_CLOCK_SELECTION for vlc
   * patches/hurd-i386/{local,cvs}-bootstrap.diff: New patch to fix crt*.o build
     in stage1.
   * rules, rules.d/build.mk: Set MIG to gnu-type alias of mig, to fix
     cross-build.
   * control, control.d/main: Bump mig dependency to get the gnu-type alias in
     non-cross case too.
 .
   [ Aurelien Jarno ]
   * Update from upstream stable branch:
     - Fix pthread_mutex_trylock with lock elision.  Closes: #759197,
       #788999.
     - Fix gprof entry point on ppc64el.  Closes: #794222.
     - Fix a buffer overflow in getanswer_r (CVE-2015-1781).  Closes: #796105.
     - Fix getaddrinfo sometimes returning uninitialized data with nscd.
       Closes: #798515.
   * sysdeps.mk/mips*.mk: force the ISA until it gets propagated to all GCC
     versions.
   * Update hppa patches.  Closes: #785664:
     - Replace patches/hppa/local-fpu.diff by upstream patch cvs-fpu-r2.diff.
     - Add patches/hppa/cvs-fpu2.diff from upstream.
     - Add patches/hppa/local-fptr-table-size.diff from Carlos O'Donnell.
     - Add patches/hppa/local-setcontext.diff.
     - Add patches/hppa/cvs-start.diff from upstream.
   * patches/any/cvs-pie-lt_executable.diff: new patch from upstream to fix
     explicit loader invocation with PIE binaries.  Closes: #796899.
Checksums-Sha1:
 2ee6868c14db5a0a6412f44c06319b0425521652 8222 glibc_2.19-20.dsc
 d968c04b1110b1dce99508048d92cd204491afac 1038748 glibc_2.19-20.debian.tar.xz
 8ad1e850112bfa3e397b1caf35e1aace77880557 2266790 glibc-doc_2.19-20_all.deb
 85d054841ef23623f52481dd00304283161adfad 13960810 glibc-source_2.19-20_all.deb
 1bbbda5228781e936579f1d13f851a3c19fa346d 3940066 locales_2.19-20_all.deb
Checksums-Sha256:
 4edcf510ba7b11aebd44cb39226747510c0ceaec9d4b062ce436c8c96715a7bd 8222 glibc_2.19-20.dsc
 e5c27244ecc8f088925a9d1616ad4bb4a5d4fc70c8cbe9e317dc7136eb213f84 1038748 glibc_2.19-20.debian.tar.xz
 ba250aa9c25813a94b856bb37db91b1a4cf1cf68ee707dc20cc20b6436dfa7de 2266790 glibc-doc_2.19-20_all.deb
 0f34c015e348e2cfb6e745acf377964a5b3dbc71877029c64ff7fc4b70488c1c 13960810 glibc-source_2.19-20_all.deb
 7708da48f1494e487e20f428cd42b24e0d6237235751deccfa2a03b0ae1d4a73 3940066 locales_2.19-20_all.deb
Files:
 27db97bff19706ea2227fa1d98f48bd3 8222 libs required glibc_2.19-20.dsc
 985147451775b38eef77ed7d4eebc9c7 1038748 libs required glibc_2.19-20.debian.tar.xz
 a9094f887d98b4dd3a8a8bc1247f6d36 2266790 doc optional glibc-doc_2.19-20_all.deb
 3568fe39aedf06ec58630159e7fb6b5a 13960810 devel optional glibc-source_2.19-20_all.deb
 217bb24d52031967c5eaee4ddd403171 3940066 localization standard locales_2.19-20_all.deb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJV9av/AAoJELqceAYd3Yyb3AgP/3rf7q3IBUvNa/tLGrTDgtxO
EcIGASNB4ZhyspHXHxTL1q59rExcXoNVk6oAkjXUBN6jmWbNlGUougs0ylbBOsdK
y+RYKa7VGWofd9kJedOrRSaI1WO99sQYkRTvx4loN6TS8/nMGgPgstXpJ3xxz24y
ikLFTK1Tq8x0J+QSfTp8DUKqIW2ZNibTQD93eVQkgSRlI42USwiK1Q+jRhcubwj3
c0mxRX4N1YMwB7liHTxX5aKmHjtYD87TJP9uTLT6vVhNzSpQI3iM7z517DnWZ1+Y
xFXLyUklWk2246c0xX4eejc6cLwJEjzZUQ1IFDBykSnI44lVj6PGBAAVmppgu3Xl
+6hrjMnipEnIBVYotoN4xTcdmAturZR5+oHK2hqpjYnwQ/lujdCPdrNw+ddFtG1S
3ntGGnmQJhS92UyTQZcVPnJ6mqCUtkodNA8wfnR7MYGbr5HPzsKlOCQH8jW55Dpq
gDpzfksi1JtDHCmFvaiuFBx78uuiMEou8dDtmKFV1HKofA2TMCD8eUvNQn5siFVE
4yrKfs3A6u9RwopBLqafKQ8Lq8GlSMpb8GQKjRYVAOtGNBHpxniSctzHpCUt7446
T2koauU13Eyky2UB6mAnHaXdnK+ONQZTWXJDmLoSkQzqBhjX55DBr97THYxnCNJ/
oEACvRPvX5lnxF4wVtDA
=NwK6
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.