Package: src:glibc; Maintainer for src:glibc is GNU Libc Maintainers <debian-glibc@lists.debian.org>;
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Wed, 19 Aug 2015 14:03:01 UTC
Severity: important
Tags: security
Fixed in versions glibc/2.21-0experimental1, glibc/2.19-18+deb8u1, glibc/2.19-20
Done: Aurelien Jarno <aurel32@debian.org>
Bug is archived. No further changes may be made.
View this report as an mbox folder, status mbox, maintainer mbox
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GNU Libc Maintainers <debian-glibc@lists.debian.org>
:
Bug#796105
; Package src:glibc
.
(Wed, 19 Aug 2015 14:03:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GNU Libc Maintainers <debian-glibc@lists.debian.org>
.
(Wed, 19 Aug 2015 14:03:05 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: glibc Severity: important Tags: security Hi, please see https://sourceware.org/bugzilla/show_bug.cgi?id=18287 Fix: https://sourceware.org/git/?p=glibc.git;a=commit;h=2959eda9272a03386 Cheers, Moritz
Reply sent
to Aurelien Jarno <aurel32@debian.org>
:
You have taken responsibility.
(Sat, 29 Aug 2015 13:03:33 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>
:
Bug acknowledged by developer.
(Sat, 29 Aug 2015 13:03:33 GMT) (full text, mbox, link).
Message #10 received at 796105-close@bugs.debian.org (full text, mbox, reply):
Source: glibc Source-Version: 2.21-0experimental1 We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 796105@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 29 Aug 2015 00:43:02 +0200 Source: glibc Binary: libc-bin libc-dev-bin libc-l10n glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb Architecture: source all amd64 Version: 2.21-0experimental1 Distribution: experimental Urgency: medium Maintainer: Aurelien Jarno <aurel32@debian.org> Changed-By: Aurelien Jarno <aurel32@debian.org> Description: glibc-doc - GNU C Library: Documentation glibc-source - GNU C Library: sources libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc-l10n - GNU C Library: localization files libc0.1 - GNU C Library: Shared libraries libc0.1-dbg - GNU C Library: detached debugging symbols libc0.1-dev - GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.1-pic - GNU C Library: PIC archive library libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3 - GNU C Library: Shared libraries libc0.3-dbg - GNU C Library: detached debugging symbols libc0.3-dev - GNU C Library: Development Libraries and Header Files libc0.3-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.3-pic - GNU C Library: PIC archive library libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3-xen - GNU C Library: Shared libraries [Xen version] libc6 - GNU C Library: Shared libraries libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - GNU C Library: Shared libraries [i686 optimized] libc6-loongson2f - GNU C Library: Shared libraries (Loongson 2F optimized) libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - GNU C Library: PIC archive library libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) libc6-x32 - GNU C Library: X32 ABI Shared libraries for AMD64 libc6-xen - GNU C Library: Shared libraries [Xen version] libc6.1 - GNU C Library: Shared libraries libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - GNU C Library: detached debugging symbols libc6.1-dev - GNU C Library: Development Libraries and Header Files libc6.1-pic - GNU C Library: PIC archive library libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb) locales - GNU C Library: National Language (locale) data [support] locales-all - GNU C Library: Precompiled locale data multiarch-support - Transitional package to ensure multiarch compatibility nscd - GNU C Library: Name Service Cache Daemon Closes: 717544 766877 775179 781245 782198 788352 796105 Changes: glibc (2.21-0experimental1) experimental; urgency=medium . [ Samuel Thibault ] * patches/hurd-i386/cvs-libpthread.diff: Update from upstream. * patches/hurd-i386/cvs-libpthread-dlopen.diff: Merged. * patches/hurd-i386/cvs-libpthread-libc-lockP2.diff: Merged. * patches/hurd-i386/cvs-bind_umask.diff: Merged. * patches/hurd-i386/cvs-fork_ss_hang.diff: Merged. * patches/hurd-i386/cvs-munmap-0.diff: Merged. * patches/hurd-i386/cvs-static-dlopen.diff: Merged. * patches/hurd-i386/cvs-tcbhead_t.diff: Merged. * patches/hurd-i386/cvs-libpthread_versions.diff: Rebased. * patches/hurd-i386/local-disable-tst-xmmymm.diff: Dropped. * patches/hurd-i386/local-hurdsig-global-dispositions-version.diff: Rebased. * patches/hurd-i386/submitted-exec_filename.diff: Rebased. * patches/hurd-i386/submitted-net.diff: Rebased. * patches/hurd-i386/tg-EIEIO-fr.diff: Rebased. * patches/hurd-i386/tg-af_local_strlen.diff: Rebased. * patches/hurd-i386/tg-chflags.diff: Rebased. * patches/hurd-i386/tg-tls-threadvar.diff: Update. * patches/hurd-i386/tg-tls.diff: Rebased. * patches/hurd-i386/tg-tls_thread_leak.diff: Rebased. * patches/hurd-i386/unsubmitted-NO_HIDDEN.diff: Rebased. * patches/hurd-i386/tg-no-hp-timing.diff: Update. * patches/series: Re-enable all hurd patches. * patches/hurd-i386/libpthread-versions.diff: New patch, updates to new version engine. * patches/hurd-i386/cvs-revert-gnu-gnu-cleanup.diff: New patch, reverts cleanup of the gnu-gnu hack. * patches/hurd-i386/libpthread_pthread_types.diff: New patch, fixes inclusion of pthread_types.h * patches/hurd-i386/unsubmitted-libc_alloca_cutoff.diff: New patch, implements alloca cutoff limit. * patches/hurd-i386/cvs-unwind-resume.diff: New patch, fixes unwind-resume build. * patches/hurd-i386/unsubmitted-libpthread-semaphore.h.diff: New patch, fixes semaphore header inclusion. * patches/hurd-i386/unsubmitted-timer_routines.diff: New patch, fixes timer_routines build. * patches/hurd-i386/cvs-libc-modules.h.diff: New patch, adds missing dependency on libc-modules.h. * patches/hurd-i386/cvs-warnings.diff: New patch, fixes warnings. * patches/hurd-i386/cvs-check-local-headers.diff: New patch, clears spurious local-header warnings. * sysdeps/hurd.mk: Disable -Werror since MIG currently generates warnings. * testsuite-checking/expected-results-{i586-gnu-libc,i686-gnu- {i386,i686,xen}}: update testsuite results . [ Adam Conrad ] * debian/{rules.d/debhelper.mk,sysdeps/*}: Define per-platform pldd variable to control installation of usr/bin/pldd in libc-bin, and leverage the same trick to decide to install usr/lib/pt_chown too. * debian/patches/kfreebsd/local-no-pldd.diff: Drop, no longer used. * debian/patches/alpha/submitted-PTR_MANGLE.diff: Use IS_IN macros. * debian/patches/powerpc/cvs-ppc-sqrt.diff: Fix sqrt() on powerpc. * debian/patches/powerpc/cvs-ppc-sqrtf.diff: Likewise for sqrtf(). * debian/patches/powerpc/cvs-ppc-pow.diff: Likewise for pow(). * debian/patches/powerpc/cvs-ppc-feraiseexcept.diff: Fix inline feraiseexcept and feclearexcept macro input conversion on PPC. * debian/patches/any/submitted-longdouble.diff: Refresh for above. * debian/patches/any/local-disable-test-tgmath4.diff: Likewise. * debian/patches/any/cvs-logbl-accuracy.diff: Fix ldbl-128ibm logbl. * debian/patches/powerpc/local-math-logb.diff: Refresh and move to debian/patches/any/local-math-logb.diff, as it's not PPC-specific. * debian/patches/any/cvs-localplt-new-readelf.diff: Preemptively fix localplt test breakage with binutils 2.26 before it lands. * debian/patches/any/cvs-make-typo.diff: Fix typo in elf/Makefile. * debian/patches/powerpc/cvs-power7-strncpy.diff: Optimize strncpy for POWER7 drastically (10-70%) on strings longer than 16 chars. * debian/patches/powerpc/cvs-ppc-tabort-le.diff: Fix TABORT encoding when building on toolchains without HTM support (no-op on gcc-4.9) * debian/patches/arm/cvs-arm-sfi_breg.diff: Fix LDR_GLOBAL macro. * debian/patches/arm/cvs-memcpy-memmove-always-bx.diff: Fix memcpy and memmove for the ARM_ALWAYS_BX class of hardware like ArmadaXP. * debian/{control.in/*,debhelper.in/*,rules.d/*}: Stop hardcoding our upstream version all over the place and use GLIBC_VERSION instead. * debian/debhelper.in/libc.preinst: Unconditionally wipe ld.so.cache on major version upgrades, which is significantly less error-prone. . [ Aurelien Jarno ] * debian/patches/any/local-libgcc-compat-main.diff: Fix definition of __floatdisf for sparc. * debian/patches/any/local-libgcc-compat-ports.diff: Fix definition of __floatdisf for mips. Remove usage of INTUSE (Closes: #782198). * debian/sysdeps/linux.mk, debhelper.in/libc.preinst: bump minimal Linux kernel version to 3.2 (ie the version in Wheezy). * debian/patches/localedata/locale-C.diff: fix d_fmt time format (Closes: #775179). * Create source tarball in a deterministic manner: adjust file modification time, user, group, permissions, and file order (addresses: #783210). * Update from upstream stable branch: - Fix a buffer overflow in overflow in getanswer_r (CVE-2015-1781) Closes: #796105. * sysdeps/linux.mk: don't build pt_chown (CVE-2013-2207). Closes: #717544. * Move translation to a new libc-l10n package from the locales packages. Add a dependency from locales and locales-all to libc-l10n, so that they both provide the same feature. Closes: #788352. * control.in/main: Bump Standards-Version to 3.9.6 (no changes). . [ Breno Leitao ] * Remove --without-cvs that is not used anymore as a valid configuration. It was removed in commit 92963737c4376bcfd65235d5c325fa7f48302f89 (Closes: #781245). . [ Matthias Klose ] * Fix multilib enabled stage1 cross builds (closes: #766877). Checksums-Sha1: d61af29d082d6d557d72d6fbe6e0d5f5c82a6010 8327 glibc_2.21-0experimental1.dsc 2f8c4269a8ba8c30c8f6c66cfacfcf041caa87a4 972228 glibc_2.21-0experimental1.debian.tar.xz 71cf6a29e87041a8eb2f878602190755ae4dd1c0 2351200 glibc-doc_2.21-0experimental1_all.deb 5ef0cf0f646650f588e3324dcff65a13ebbe594d 14014956 glibc-source_2.21-0experimental1_all.deb cbf6138158bcee90672fcd760b8a56e99150faad 784776 libc-l10n_2.21-0experimental1_all.deb 29e1677514fcf78fd9ff6a65e2ed79a909d78708 3337440 locales_2.21-0experimental1_all.deb Checksums-Sha256: 58459e5338faaf2d8f1240b0204752bd048b3a2dc130f988b19ec20f2abf97cb 8327 glibc_2.21-0experimental1.dsc cd1881e9fa51fb33e9cece843fb17f40f0c945f80d2e9c19732c6b6ddf40b3a6 972228 glibc_2.21-0experimental1.debian.tar.xz bdc1db55cb5732f5b66322b9956887725484d0006942e39415a1955ff71af274 2351200 glibc-doc_2.21-0experimental1_all.deb fa9fd08053e53d07952b3192d653def36cad17f233362c29573fc0fc60b2814a 14014956 glibc-source_2.21-0experimental1_all.deb 205e77af78fa0bc04327ef7c63293dd3cd47de6088f4e7540844b1f7d3fc261a 784776 libc-l10n_2.21-0experimental1_all.deb d42a3b9e21fb18fcb35d7acd5e0190aafb6d018185e07f9c147c2381eaf291af 3337440 locales_2.21-0experimental1_all.deb Files: e79df7ffb7b6e2176f017aca68be886c 8327 libs required glibc_2.21-0experimental1.dsc ec53c2241fc99b680a4df743f65d4464 972228 libs required glibc_2.21-0experimental1.debian.tar.xz fc875c1f16055bb395c3863cdf046672 2351200 doc optional glibc-doc_2.21-0experimental1_all.deb ad27f1b064276ca1919fdf2e7b8d1af8 14014956 devel optional glibc-source_2.21-0experimental1_all.deb 5537158eb7e1208615d277aa33eca45b 784776 localization standard libc-l10n_2.21-0experimental1_all.deb bd8382066e25814d23f1e99d7661aee6 3337440 localization standard locales_2.21-0experimental1_all.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJV4PNHAAoJELqceAYd3YybKx4P/3C8QIZmfy/Mrw69HI+fYx8z oHAJxRIl32zItYVA5CGXeKu04eLjfkVcmq14wwZeUS2d8IW86k6j4CQjte4i3yG3 bccr4FFsEq17RS725wGRP1kG9f5w/xYOkRC7DjQlxqJe0XWKYCBs+AqDYqWETrLJ //OmsoHpzcyOfREtncDhbs8BI8SsrVV8rOxKewO11ugvq4kAYBnv7TNrnfDIy6uO VwMgm+pgNyL+Qdwhj4fLg26hofM/7R334FXCLcVEfeX862esmRurp2udm6DgxyIZ laBbB5hTUB+Jwa8+/0abNLwx7cBYgMdSKSi6TwGRhnombmXJXrZX877wvggsJduj pulLDI72OBDHmF4w9BnzPMr874G2NqKyZV0MSepF+Cqism9bVbBCC0w7BIklAdPU K9zjX/rxMGH5zaJY0lbRNltIUarS0Cz3wLiKZDJRLMpAsFGiZ/uVylbHaTXnjNpN pOWVerG9DmMgL7Y+Gtx2eK8fQxsY2WQ5onuiHaAU6FvxpDgBeFPzigrbYBhWhOvJ jwa+qh9lqrffw/EKhmiF/xdh+dC1LdwUBuhV+r4wRomFfE5p1Bq7XQ3vBPfYrTEV 5Z3aBHqg2Gto/H6lXp9o1nRooSMjYT2w69xUO5RvLqc7md7eh4d0zAf7grzt6Wlw MiTXjAc2gJeq/9b5nsLl =GCZs -----END PGP SIGNATURE-----
Reply sent
to Aurelien Jarno <aurel32@debian.org>
:
You have taken responsibility.
(Sat, 29 Aug 2015 15:51:16 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>
:
Bug acknowledged by developer.
(Sat, 29 Aug 2015 15:51:16 GMT) (full text, mbox, link).
Message #15 received at 796105-close@bugs.debian.org (full text, mbox, reply):
Source: glibc Source-Version: 2.19-18+deb8u1 We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 796105@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 29 Aug 2015 10:56:31 +0200 Source: glibc Binary: libc-bin libc-dev-bin glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb Architecture: source all amd64 Version: 2.19-18+deb8u1 Distribution: stable Urgency: medium Maintainer: Aurelien Jarno <aurel32@debian.org> Changed-By: Aurelien Jarno <aurel32@debian.org> Description: glibc-doc - GNU C Library: Documentation glibc-source - GNU C Library: sources libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc0.1 - GNU C Library: Shared libraries libc0.1-dbg - GNU C Library: detached debugging symbols libc0.1-dev - GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.1-pic - GNU C Library: PIC archive library libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3 - GNU C Library: Shared libraries libc0.3-dbg - GNU C Library: detached debugging symbols libc0.3-dev - GNU C Library: Development Libraries and Header Files libc0.3-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.3-pic - GNU C Library: PIC archive library libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3-xen - GNU C Library: Shared libraries [Xen version] libc6 - GNU C Library: Shared libraries libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - GNU C Library: Shared libraries [i686 optimized] libc6-loongson2f - GNU C Library: Shared libraries (Loongson 2F optimized) libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - GNU C Library: PIC archive library libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) libc6-x32 - GNU C Library: X32 ABI Shared libraries for AMD64 libc6-xen - GNU C Library: Shared libraries [Xen version] libc6.1 - GNU C Library: Shared libraries libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - GNU C Library: detached debugging symbols libc6.1-dev - GNU C Library: Development Libraries and Header Files libc6.1-pic - GNU C Library: PIC archive library libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb) locales - GNU C Library: National Language (locale) data [support] locales-all - GNU C Library: Precompiled locale data multiarch-support - Transitional package to ensure multiarch compatibility nscd - GNU C Library: Name Service Cache Daemon Closes: 759197 788999 794222 796105 Changes: glibc (2.19-18+deb8u1) stable; urgency=medium . [ Aurelien Jarno ] * Update from upstream stable branch: - Fix pthread_mutex_trylock with lock elision. Closes: #759197, #788999. - Fix gprof entry point on ppc64el. Closes: #794222. - Fix a buffer overflow in getanswer_r (CVE-2015-1781). Closes: #796105. Checksums-Sha1: b7188cdfc5bf35953b054469d0441e7c51c71619 8236 glibc_2.19-18+deb8u1.dsc 5e6a409379644778ad1bd14f276663213a4352ca 1044476 glibc_2.19-18+deb8u1.debian.tar.xz 886bca58a16c74214b6df212e886375a4d7039e8 2266080 glibc-doc_2.19-18+deb8u1_all.deb 70a00739f3aa9d810926c99bb33540f4a5843d95 13998064 glibc-source_2.19-18+deb8u1_all.deb f5a4e24bee1bbd2a3b9288f8025c48f01e986cac 3908102 locales_2.19-18+deb8u1_all.deb Checksums-Sha256: 3d966ff27fb6aa1392d956f133ef21622da1e950e3f0a7e04bcad1037bd80705 8236 glibc_2.19-18+deb8u1.dsc fb3b2d338bdd663fee605485fe18f7a7d0c4923d68d889d4e161e5e469034479 1044476 glibc_2.19-18+deb8u1.debian.tar.xz e930776ad1036c8dae0bda0cb9c16cf0cb54eb3d49b4525de09cf317f0a374dc 2266080 glibc-doc_2.19-18+deb8u1_all.deb 41c65a0c83451d239e58063c5c47685ea55715f52827bee12991220359b749ae 13998064 glibc-source_2.19-18+deb8u1_all.deb 9bca0d296807d0422a0049b6991f43d0ec656c9a736026a32f841d1232019a12 3908102 locales_2.19-18+deb8u1_all.deb Files: 4f2cab598aef2a15959a9e974d104a96 8236 libs required glibc_2.19-18+deb8u1.dsc 5eb44a1092df15bad4db43deebf46d44 1044476 libs required glibc_2.19-18+deb8u1.debian.tar.xz cc0819f61aa35a14698b6fadf82a1862 2266080 doc optional glibc-doc_2.19-18+deb8u1_all.deb a7ab5e3c5d69450b304da0ee2a47043a 13998064 devel optional glibc-source_2.19-18+deb8u1_all.deb 9c0d8e2a20cdf48e06be9e14909d4472 3908102 localization standard locales_2.19-18+deb8u1_all.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJV4Z9XAAoJELqceAYd3YybV+kP/3FYkQwGj2bAQf8mAWNeKm/0 LTDQf/ofmqq/ZwusZAX/+49OmkB9AYZeYu2rJiUXBBR423MtTXQ2SZWxOOifHXsc z50K8HGAHklzE4qnPkHTS+ZUyvpdvB/Z4XaqurzLnruN+5CUC5dCYN6jEblmRLSu 4+vTTgTOaB1wHptVV+vEJsD2gLFroMaN+cczLVA8OymjFL/MAnnl73DoxpFEHs4Z wdQSLjeYSRrqFo+ugHqUMbTienFLd7AO35b5QMsXikkg38U2s+BQgzT8wsWwrZmf sgAAVdJzRnSzSyYU982Oq5EPTD2Qkn0WVX2HI3otH8A9ShwNX1CTzDUnujeUT+m5 y3HfqMGsz3N77Cgsp6XjVN6tQCgg0q9BIk/3DKP0Ajnc3Mnwyp70pJdvFakJj1Ey wGA3JRhqEJzxsmPY9C40CKtPvdwSHZ45PY1lH6ixHdquHkXWUztTmOCkKP7JRdJ5 W/laEip9Nm6CpK6G3xLAp2HnyINpjuUjI4n00ujgsT1LnImdgiNMsM/iq4pLyu+i HXMUbQBW1DTcZgGCPDS5laRvdPylpWKdej7wBiRBy1YDFaHEFDw6FxsaBG/2TmUW nQo/1eTFUS/wTE43E10SE1acVIXOVaUX9YnX3tAuebqoJwpNoaufbSuY5ubdKwvM XMBv26ld7wHz9qXqSbub =PlXa -----END PGP SIGNATURE-----
Reply sent
to Aurelien Jarno <aurel32@debian.org>
:
You have taken responsibility.
(Sun, 13 Sep 2015 17:21:28 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>
:
Bug acknowledged by developer.
(Sun, 13 Sep 2015 17:21:28 GMT) (full text, mbox, link).
Message #20 received at 796105-close@bugs.debian.org (full text, mbox, reply):
Source: glibc Source-Version: 2.19-20 We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 796105@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 13 Sep 2015 18:39:36 +0200 Source: glibc Binary: libc-bin libc-dev-bin glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libc6-loongson2f libnss-dns-udeb libnss-files-udeb Architecture: source all amd64 Version: 2.19-20 Distribution: unstable Urgency: medium Maintainer: Aurelien Jarno <aurel32@debian.org> Changed-By: Aurelien Jarno <aurel32@debian.org> Description: glibc-doc - GNU C Library: Documentation glibc-source - GNU C Library: sources libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc0.1 - GNU C Library: Shared libraries libc0.1-dbg - GNU C Library: detached debugging symbols libc0.1-dev - GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.1-pic - GNU C Library: PIC archive library libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3 - GNU C Library: Shared libraries libc0.3-dbg - GNU C Library: detached debugging symbols libc0.3-dev - GNU C Library: Development Libraries and Header Files libc0.3-i686 - GNU C Library: Shared libraries [i686 optimized] libc0.3-pic - GNU C Library: PIC archive library libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3-xen - GNU C Library: Shared libraries [Xen version] libc6 - GNU C Library: Shared libraries libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - GNU C Library: Shared libraries [i686 optimized] libc6-loongson2f - GNU C Library: Shared libraries (Loongson 2F optimized) libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - GNU C Library: PIC archive library libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) libc6-x32 - GNU C Library: X32 ABI Shared libraries for AMD64 libc6-xen - GNU C Library: Shared libraries [Xen version] libc6.1 - GNU C Library: Shared libraries libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - GNU C Library: detached debugging symbols libc6.1-dev - GNU C Library: Development Libraries and Header Files libc6.1-pic - GNU C Library: PIC archive library libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb) locales - GNU C Library: National Language (locale) data [support] locales-all - GNU C Library: Precompiled locale data multiarch-support - Transitional package to ensure multiarch compatibility nscd - GNU C Library: Name Service Cache Daemon Closes: 759197 785664 788999 793543 794222 796105 796899 798515 Changes: glibc (2.19-20) unstable; urgency=medium . [ Samuel Thibault ] * patches/hurd-i386/tg-mmap32th_bit.diff: New patch to fix libpciaccess mapping of BARs above 2GiB. Closes: #793543. * rules.d/build.mk: Also install crt0.o in stage1, if any. * sysdeps/hurd-i386.mk: Fix stage1 about xen packages for hurd-i386 too. * patches/hurd-i386/tg-sysheaders.diff: New patch to fix stage1 finding hurd headers. * patches/hurd-i386/cvs-libpthread_clean2.diff: New patch to drop spurious code getting in the way for stage1. * patches/hurd-i386/cvs-libpthread_build.diff: New patch to fix build of generic libpthread code. * patches/hurd-i386/libpthread_build.diff: Fix header inclusion to get pthread headers from libpthread/ instead of system. * sysdeps/hurd.mk: Create symlinks to kernel and hurd headers required for build, so that we can pass --with-headers to configure to make the build really self-hosted. * patches/hurd-i386/local-clock_gettime_MONOTONIC.diff: Update patch to not advertise _POSIX_CLOCK_SELECTION for vlc * patches/hurd-i386/{local,cvs}-bootstrap.diff: New patch to fix crt*.o build in stage1. * rules, rules.d/build.mk: Set MIG to gnu-type alias of mig, to fix cross-build. * control, control.d/main: Bump mig dependency to get the gnu-type alias in non-cross case too. . [ Aurelien Jarno ] * Update from upstream stable branch: - Fix pthread_mutex_trylock with lock elision. Closes: #759197, #788999. - Fix gprof entry point on ppc64el. Closes: #794222. - Fix a buffer overflow in getanswer_r (CVE-2015-1781). Closes: #796105. - Fix getaddrinfo sometimes returning uninitialized data with nscd. Closes: #798515. * sysdeps.mk/mips*.mk: force the ISA until it gets propagated to all GCC versions. * Update hppa patches. Closes: #785664: - Replace patches/hppa/local-fpu.diff by upstream patch cvs-fpu-r2.diff. - Add patches/hppa/cvs-fpu2.diff from upstream. - Add patches/hppa/local-fptr-table-size.diff from Carlos O'Donnell. - Add patches/hppa/local-setcontext.diff. - Add patches/hppa/cvs-start.diff from upstream. * patches/any/cvs-pie-lt_executable.diff: new patch from upstream to fix explicit loader invocation with PIE binaries. Closes: #796899. Checksums-Sha1: 2ee6868c14db5a0a6412f44c06319b0425521652 8222 glibc_2.19-20.dsc d968c04b1110b1dce99508048d92cd204491afac 1038748 glibc_2.19-20.debian.tar.xz 8ad1e850112bfa3e397b1caf35e1aace77880557 2266790 glibc-doc_2.19-20_all.deb 85d054841ef23623f52481dd00304283161adfad 13960810 glibc-source_2.19-20_all.deb 1bbbda5228781e936579f1d13f851a3c19fa346d 3940066 locales_2.19-20_all.deb Checksums-Sha256: 4edcf510ba7b11aebd44cb39226747510c0ceaec9d4b062ce436c8c96715a7bd 8222 glibc_2.19-20.dsc e5c27244ecc8f088925a9d1616ad4bb4a5d4fc70c8cbe9e317dc7136eb213f84 1038748 glibc_2.19-20.debian.tar.xz ba250aa9c25813a94b856bb37db91b1a4cf1cf68ee707dc20cc20b6436dfa7de 2266790 glibc-doc_2.19-20_all.deb 0f34c015e348e2cfb6e745acf377964a5b3dbc71877029c64ff7fc4b70488c1c 13960810 glibc-source_2.19-20_all.deb 7708da48f1494e487e20f428cd42b24e0d6237235751deccfa2a03b0ae1d4a73 3940066 locales_2.19-20_all.deb Files: 27db97bff19706ea2227fa1d98f48bd3 8222 libs required glibc_2.19-20.dsc 985147451775b38eef77ed7d4eebc9c7 1038748 libs required glibc_2.19-20.debian.tar.xz a9094f887d98b4dd3a8a8bc1247f6d36 2266790 doc optional glibc-doc_2.19-20_all.deb 3568fe39aedf06ec58630159e7fb6b5a 13960810 devel optional glibc-source_2.19-20_all.deb 217bb24d52031967c5eaee4ddd403171 3940066 localization standard locales_2.19-20_all.deb Package-Type: udeb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJV9av/AAoJELqceAYd3Yyb3AgP/3rf7q3IBUvNa/tLGrTDgtxO EcIGASNB4ZhyspHXHxTL1q59rExcXoNVk6oAkjXUBN6jmWbNlGUougs0ylbBOsdK y+RYKa7VGWofd9kJedOrRSaI1WO99sQYkRTvx4loN6TS8/nMGgPgstXpJ3xxz24y ikLFTK1Tq8x0J+QSfTp8DUKqIW2ZNibTQD93eVQkgSRlI42USwiK1Q+jRhcubwj3 c0mxRX4N1YMwB7liHTxX5aKmHjtYD87TJP9uTLT6vVhNzSpQI3iM7z517DnWZ1+Y xFXLyUklWk2246c0xX4eejc6cLwJEjzZUQ1IFDBykSnI44lVj6PGBAAVmppgu3Xl +6hrjMnipEnIBVYotoN4xTcdmAturZR5+oHK2hqpjYnwQ/lujdCPdrNw+ddFtG1S 3ntGGnmQJhS92UyTQZcVPnJ6mqCUtkodNA8wfnR7MYGbr5HPzsKlOCQH8jW55Dpq gDpzfksi1JtDHCmFvaiuFBx78uuiMEou8dDtmKFV1HKofA2TMCD8eUvNQn5siFVE 4yrKfs3A6u9RwopBLqafKQ8Lq8GlSMpb8GQKjRYVAOtGNBHpxniSctzHpCUt7446 T2koauU13Eyky2UB6mAnHaXdnK+ONQZTWXJDmLoSkQzqBhjX55DBr97THYxnCNJ/ oEACvRPvX5lnxF4wVtDA =NwK6 -----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Tue, 20 Oct 2015 07:25:43 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.
Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.