Debian Bug report logs -
#813187
glibc: CVE-2014-9761: Unbounded stack allocation in nan* functions
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GNU Libc Maintainers <debian-glibc@lists.debian.org>:
Bug#813187; Package src:glibc.
(Sat, 30 Jan 2016 09:33:15 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
New Bug report received and forwarded. Copy sent to carnil@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, GNU Libc Maintainers <debian-glibc@lists.debian.org>.
(Sat, 30 Jan 2016 09:33:15 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: glibc
Version: 2.19-18
Severity: normal
Tags: security upstream
Forwarded: https://sourceware.org/bugzilla/show_bug.cgi?id=16962
Hi,
the following vulnerability was published for glibc, reporting it as
well to the BTS to have a BTS <-> security-tracker cross reference.
CVE-2014-9761[0]:
nan function unbounded stack allocation
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2014-9761
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1300310
[2] https://sourceware.org/bugzilla/show_bug.cgi?id=16962
Regards,
Salvatore
Added tag(s) fixed-upstream.
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Thu, 04 Feb 2016 17:57:51 GMT) (full text, mbox, link).
Reply sent
to Santiago Ruano Rincón <santiagorr@riseup.net>:
You have taken responsibility.
(Fri, 05 Feb 2016 12:24:17 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Fri, 05 Feb 2016 12:24:17 GMT) (full text, mbox, link).
Message #12 received at 813187-close@bugs.debian.org (full text, mbox, reply):
Source: eglibc
Source-Version: 2.11.3-4+deb6u9
We believe that the bug you reported is fixed in the latest version of
eglibc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 813187@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Santiago Ruano Rincón <santiagorr@riseup.net> (supplier of updated eglibc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 04 Feb 2016 20:54:36 +0100
Source: eglibc
Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-sparcv9b libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb
Architecture: source all amd64
Version: 2.11.3-4+deb6u9
Distribution: squeeze-lts
Urgency: medium
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net>
Description:
eglibc-source - Embedded GNU C Library: sources
glibc-doc - Embedded GNU C Library: Documentation
libc-bin - Embedded GNU C Library: Binaries
libc-dev-bin - Embedded GNU C Library: Development binaries
libc0.1 - Embedded GNU C Library: Shared libraries
libc0.1-dbg - Embedded GNU C Library: detached debugging symbols
libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files
libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for AMD64
libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64
libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc0.1-pic - Embedded GNU C Library: PIC archive library
libc0.1-prof - Embedded GNU C Library: Profiling Libraries
libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc0.3 - Embedded GNU C Library: Shared libraries
libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files
libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc0.3-pic - Embedded GNU C Library: PIC archive library
libc0.3-prof - Embedded GNU C Library: Profiling Libraries
libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version]
libc6 - Embedded GNU C Library: Shared libraries
libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64
libc6-dbg - Embedded GNU C Library: detached debugging symbols
libc6-dev - Embedded GNU C Library: Development Libraries and Header Files
libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64
libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64
libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for MIPS64
libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for MIPS64
libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development libraries for p
libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for PowerPC64
libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM zSeri
libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for UltraSPAR
libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64
libc6-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64
libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64
libc6-pic - Embedded GNU C Library: PIC archive library
libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for ppc64
libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64
libc6-prof - Embedded GNU C Library: Profiling Libraries
libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries
libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC
libc6-sparcv9b - Embedded GNU C Library: Shared libraries [v9b optimized]
libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc6-xen - Embedded GNU C Library: Shared libraries [Xen version]
libc6.1 - Embedded GNU C Library: Shared libraries
libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized)
libc6.1-dbg - Embedded GNU C Library: detached debugging symbols
libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files
libc6.1-pic - Embedded GNU C Library: PIC archive library
libc6.1-prof - Embedded GNU C Library: Profiling Libraries
libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb)
libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb)
locales - Embedded GNU C Library: National Language (locale) data [support]
locales-all - Embedded GNU C Library: Precompiled locale data
nscd - Embedded GNU C Library: Name Service Cache Daemon
Closes: 812441 812445 812455 813187
Changes:
eglibc (2.11.3-4+deb6u9) squeeze-lts; urgency=medium
.
* Non-maintainer upload by the Squeeze LTS Team.
* Fix CVE-2014-9761: Unbounded stack allocation in nan* functions.
Closes: #813187.
* Fix CVE-2015-8776: Segmentation fault caused by passing out-of-range data
to strftime(). Closes: #812445.
* Fix CVE-2015-8778: Integer overflow in hcreate and hcreate_r.
Closes: #812441.
* Fix CVE-2015-8779: Multiple unbounded stack allocations in catopen().
Closes: #812455.
Checksums-Sha1:
d285a4ba6656a9215323d0a3b29364a5079331d2 3250 eglibc_2.11.3-4+deb6u9.dsc
c6e3d5d1a67869e72e943c3f1a62c6cda05e08e2 990384 eglibc_2.11.3-4+deb6u9.diff.gz
bddc5a15d157130398f22a783ef05d0e922155a9 1854040 glibc-doc_2.11.3-4+deb6u9_all.deb
0e2f1de9f48d5e8d5e83c128ebe00a96aeac7aa2 11227394 eglibc-source_2.11.3-4+deb6u9_all.deb
8ce4e5d85fe4f0f01d89b42c0fdc0c8f195d2c63 4760432 locales_2.11.3-4+deb6u9_all.deb
f724ce90524e9c4f215b95f598978a4cb0052ebc 4306982 libc6_2.11.3-4+deb6u9_amd64.deb
aeff9f282a19286a436540f589206706e2d67b46 2617498 libc6-dev_2.11.3-4+deb6u9_amd64.deb
bfab507e9852cf43d0d657a5c26f71272290dbd8 2059568 libc6-prof_2.11.3-4+deb6u9_amd64.deb
ac75d66f7be3ab85af41522779144d6a755be63c 1574938 libc6-pic_2.11.3-4+deb6u9_amd64.deb
f3157da6152cfbd6b2ad000ac70d6ed2b7d29170 756370 libc-bin_2.11.3-4+deb6u9_amd64.deb
2c1aa47f91cf179cad9d29eb43eb90d0cb108a95 211242 libc-dev-bin_2.11.3-4+deb6u9_amd64.deb
a98dd2ddcd9349c9d39186fbfab154b5a0212bf7 3603888 locales-all_2.11.3-4+deb6u9_amd64.deb
47204594544cd52f09ba79e7f6fdccba21a3a897 3841374 libc6-i386_2.11.3-4+deb6u9_amd64.deb
402bbfdc5fa0b487f0806038b0c87e61b59ce2f4 1556430 libc6-dev-i386_2.11.3-4+deb6u9_amd64.deb
d3632518540989a16828be0cc026f521ba45ad9e 201130 nscd_2.11.3-4+deb6u9_amd64.deb
10a2679e709efdc14e6b19970bbf7aac84ffbef5 10585246 libc6-dbg_2.11.3-4+deb6u9_amd64.deb
42ceb550ab69c496e012ecb0954706894a5a1e4a 1172628 libc6-udeb_2.11.3-4+deb6u9_amd64.udeb
b2b10c8f1996b6a60be02b143f76c6c42f817e44 11108 libnss-dns-udeb_2.11.3-4+deb6u9_amd64.udeb
a401243af0d410ead7c6d11de174c7f5f89fb28c 20142 libnss-files-udeb_2.11.3-4+deb6u9_amd64.udeb
Checksums-Sha256:
ef8f8103b778881d68744b53a79e2185e7d78248e59fea8e8179b85e923e006f 3250 eglibc_2.11.3-4+deb6u9.dsc
dc6c661e3406390b25cd7ae0d16b2b7b979a9cf6f874b1f710aa17e77a430e82 990384 eglibc_2.11.3-4+deb6u9.diff.gz
6aa2b554cdfd61cc18e8d1cb5579d2d4abcd4990a3198ae5af7456abcae9b049 1854040 glibc-doc_2.11.3-4+deb6u9_all.deb
fe3c812bdaaf33d60a0378e10bbe358aff3d14435e65f361b5bc59a8df7c1e4d 11227394 eglibc-source_2.11.3-4+deb6u9_all.deb
330c9b18df2f3f77a3b604ce68e76bbcaabf288565632e5334418415170cadb8 4760432 locales_2.11.3-4+deb6u9_all.deb
bc8a03cdacd587c77142fbbaf1f31e283dde995256fdfe73e6d1a0dd2ec161c9 4306982 libc6_2.11.3-4+deb6u9_amd64.deb
aee39e3a8e0ecb4023b0369f8cc3940e3814955be16bfb26af969c8d38d70dc1 2617498 libc6-dev_2.11.3-4+deb6u9_amd64.deb
d4620d33e1bdae5dd447d26e8c4a4f095d3bd7192a7bffc2f77b82e9357d6091 2059568 libc6-prof_2.11.3-4+deb6u9_amd64.deb
155ff7eccf46262c7850ec9128a49b49e18de2743fcc37681b6fe99fbb7f03c4 1574938 libc6-pic_2.11.3-4+deb6u9_amd64.deb
27d840767004f1d6b99fb6141b786cc625f2448ea6dc3ea3ba4246f3476f4bee 756370 libc-bin_2.11.3-4+deb6u9_amd64.deb
df0cd96ad5c85b41f1ce6016831e0673d7487e963b0db8a9f9e66d19a68001a8 211242 libc-dev-bin_2.11.3-4+deb6u9_amd64.deb
2dcf5f02d0f2ac807b6fa8dbfc3940b075f868413402fdb96765e15b1f64854a 3603888 locales-all_2.11.3-4+deb6u9_amd64.deb
ce6e6ea558e39dbba7361740a255ce3f267821679d04e0561fc9dd79d52bfd39 3841374 libc6-i386_2.11.3-4+deb6u9_amd64.deb
42ebda60737b28fc468129033ccbf24321610bdabffa7fe4492bc3902e0bd194 1556430 libc6-dev-i386_2.11.3-4+deb6u9_amd64.deb
f2da6a0a8ef3d758cecf4efb73eb3ff6db41172ba4c0493a94ceba1122c4bac1 201130 nscd_2.11.3-4+deb6u9_amd64.deb
2e8d10250605952b77ba95f8704fc4f2efe13870d4318aedb981d6240470013c 10585246 libc6-dbg_2.11.3-4+deb6u9_amd64.deb
f8ca756e8af00a2557ded9885b45716390444e572f8b876b8d14256e97dfc82a 1172628 libc6-udeb_2.11.3-4+deb6u9_amd64.udeb
ceff527a12b8d0a614c10fc806439380d6c4aa28d637644a32787fdda7c1e9f7 11108 libnss-dns-udeb_2.11.3-4+deb6u9_amd64.udeb
ffe11f1adf95eafb3e09858525aeb728f62efb352f8edb3afe8279aa8cbf3438 20142 libnss-files-udeb_2.11.3-4+deb6u9_amd64.udeb
Files:
aa1c9f9f62a8cc7e7291686c7e7bb04f 3250 libs required eglibc_2.11.3-4+deb6u9.dsc
74e798764a617a610c6c9cba9894e1d8 990384 libs required eglibc_2.11.3-4+deb6u9.diff.gz
34619f5be90b1c0b32019d15f8a9d0b7 1854040 doc optional glibc-doc_2.11.3-4+deb6u9_all.deb
24021664a2f2cd30df28cd9fb3f755c3 11227394 devel optional eglibc-source_2.11.3-4+deb6u9_all.deb
7dde06777c7fcb3c5bbee9e250623eb3 4760432 localization standard locales_2.11.3-4+deb6u9_all.deb
e4195fc5ce566d32e883cd9f0584a23a 4306982 libs required libc6_2.11.3-4+deb6u9_amd64.deb
b1e2e889b57b79d86d7b7d82af741ec0 2617498 libdevel optional libc6-dev_2.11.3-4+deb6u9_amd64.deb
b03c6c648fc2268435b82917b5bddb05 2059568 libdevel extra libc6-prof_2.11.3-4+deb6u9_amd64.deb
ad8b26bd99aa09eaa2b79abc91b74c4a 1574938 libdevel optional libc6-pic_2.11.3-4+deb6u9_amd64.deb
7df25d65ee57ce1d4f123f88746c95d3 756370 libs required libc-bin_2.11.3-4+deb6u9_amd64.deb
24d063a21ff0a3e71b0e35bc3ef0fcba 211242 libdevel optional libc-dev-bin_2.11.3-4+deb6u9_amd64.deb
9cc041aa64b4023e293f59ba45dda337 3603888 localization extra locales-all_2.11.3-4+deb6u9_amd64.deb
23860c3d0565dd369f080895249fcee0 3841374 libs optional libc6-i386_2.11.3-4+deb6u9_amd64.deb
fa37b70e86eacd2486cead37d5e08a4f 1556430 libdevel optional libc6-dev-i386_2.11.3-4+deb6u9_amd64.deb
49c7cc517104acb2fd1c4de2bf015558 201130 admin optional nscd_2.11.3-4+deb6u9_amd64.deb
190e2a23584d79c93dae5017487b2f84 10585246 debug extra libc6-dbg_2.11.3-4+deb6u9_amd64.deb
a86f42229a1ac3ea7cabee88eae8bcd1 1172628 debian-installer extra libc6-udeb_2.11.3-4+deb6u9_amd64.udeb
a71cc1f8fdfc21370327ae4ecebb4433 11108 debian-installer extra libnss-dns-udeb_2.11.3-4+deb6u9_amd64.udeb
1a6890e68feb92099a7e5847c101e82c 20142 debian-installer extra libnss-files-udeb_2.11.3-4+deb6u9_amd64.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJWtIYiAAoJEN5v/bjI1ki9EGUP/iFIZkQUf0eWof4J9uog+s1f
7V1aMi4thzg7BXzUGu/16Q3RACbwLJzEYu8Cqk4YiAoLbvd4vQKa6DhCk3RnZWdE
uHnH2oCIqZ1+etPiQ0oqOvnPSkOpevaSnNmyIj8Fhr0FWSCwUuH2XNK8i3Q10p5N
NPBPrQ4jf3WmpocTkCVTf8MlxcBQUyRs5KiTDTdkX2AV9mAPCVMUbDp0Ss0yXvNe
tQau+iYDvljzOJKb2CSI0+TMWCPJvLwWFGeXyIRhRQcQoWWGvxCrCIVpT3DPJBZG
McXPB7dt8YcrihAIUf9a4PgiIeQRq31A0rhH5bT5VOKIx0z4r9TMQyWv4EsJZAQs
SSPkBeiMz4TTd5lcRck+l9zI0pj1qseE/B6cf9a056nOFp7GOn2pcbBcoFm9BxXP
u8IFNaC8Cq2ReYPC/FJGYiXbcrDg6dLSvfefhgPkV0OXNz8nxiyLAkuB+UmQbuYX
VzC/mWI13RKI1PvPSmmqLMrLWaC2Ua5KaN+DgXSC0iyjcj/Xx1US8xmWnSlGYzQW
eIDi/bkS/BXCeWKhKOr8cw6hH2OUI6ngO+YIsCOsDM6L35Ej9Q+uINNDstQH+LGt
qlaPIxitJxASSXZVlPBbSU+4Kit9qJ6HbG5IZ/8T2OW7/7JqOSS1O/d7SZLEztOe
EbYJ35RQ9H08V/m06EzN
=Cu/n
-----END PGP SIGNATURE-----
Added tag(s) pending.
Request was from Aurelien Jarno <aurelien@aurel32.net>
to control@bugs.debian.org.
(Sat, 12 Mar 2016 23:42:34 GMT) (full text, mbox, link).
Message sent on
to Salvatore Bonaccorso <carnil@debian.org>:
Bug#813187.
(Sat, 12 Mar 2016 23:42:53 GMT) (full text, mbox, link).
Message #17 received at 813187-submitter@bugs.debian.org (full text, mbox, reply):
tag 813187 pending
thanks
Hello,
Bug #813187 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=pkg-glibc/glibc.git;a=commitdiff;h=e280c57
---
commit e280c57a76b8c26ad9a9fd3366e5aa896ddb5b68
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Sun Mar 13 00:39:38 2016 +0100
Add a few bugs numbers
diff --git a/debian/changelog b/debian/changelog
index a569f16..799d409 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,11 @@ glibc (2.23-0experimental0) UNRELEASED; urgency=medium
[ Aurelien Jarno ]
* New upstream release: version 2.23, with git updates up to 2016-03-12:
+ - Fix German translation of "Alarm clock". Closes: #291293.
+ - Add LFS support for fts functions. Closes: #534521.
+ - Fix build with GCC 6. Closes: #811574.
+ - Fix unbounded stack allocation in nan* functions (CVE-2014-9761).
+ Closes: #813187.
- debian/patches/localedata/locale-ku_TR.diff: rebased.
- debian/patches/localedata/fix-lang.diff: upstreamed.
- debian/patches/localedata/first_weekday.diff: rebased.
Reply sent
to Aurelien Jarno <aurel32@debian.org>:
You have taken responsibility.
(Sun, 13 Mar 2016 18:36:18 GMT) (full text, mbox, link).
Notification sent
to Salvatore Bonaccorso <carnil@debian.org>:
Bug acknowledged by developer.
(Sun, 13 Mar 2016 18:36:18 GMT) (full text, mbox, link).
Message #22 received at 813187-close@bugs.debian.org (full text, mbox, reply):
Source: glibc
Source-Version: 2.23-0experimental0
We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 813187@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated glibc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 13 Mar 2016 19:22:45 +0100
Source: glibc
Binary: libc-bin libc-dev-bin libc-l10n glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-i686 libc6-xen libc0.1-i686 libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb
Architecture: source
Version: 2.23-0experimental0
Distribution: experimental
Urgency: medium
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description:
glibc-doc - GNU C Library: Documentation
glibc-source - GNU C Library: sources
libc-bin - GNU C Library: Binaries
libc-dev-bin - GNU C Library: Development binaries
libc-l10n - GNU C Library: localization files
libc0.1 - GNU C Library: Shared libraries
libc0.1-dbg - GNU C Library: detached debugging symbols
libc0.1-dev - GNU C Library: Development Libraries and Header Files
libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64
libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64
libc0.1-i686 - GNU C Library: Shared libraries [i686 optimized]
libc0.1-pic - GNU C Library: PIC archive library
libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
libc0.3 - GNU C Library: Shared libraries
libc0.3-dbg - GNU C Library: detached debugging symbols
libc0.3-dev - GNU C Library: Development Libraries and Header Files
libc0.3-pic - GNU C Library: PIC archive library
libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb)
libc6 - GNU C Library: Shared libraries
libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64
libc6-dbg - GNU C Library: detached debugging symbols
libc6-dev - GNU C Library: Development Libraries and Header Files
libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64
libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64
libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS
libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64
libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64
libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64
libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64
libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries
libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC
libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC
libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64
libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64
libc6-i686 - GNU C Library: Shared libraries [i686 optimized]
libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS
libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64
libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64
libc6-pic - GNU C Library: PIC archive library
libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64
libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64
libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries
libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC
libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC
libc6-udeb - GNU C Library: Shared libraries - udeb (udeb)
libc6-x32 - GNU C Library: X32 ABI Shared libraries for AMD64
libc6-xen - GNU C Library: Shared libraries [Xen version]
libc6.1 - GNU C Library: Shared libraries
libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized)
libc6.1-dbg - GNU C Library: detached debugging symbols
libc6.1-dev - GNU C Library: Development Libraries and Header Files
libc6.1-pic - GNU C Library: PIC archive library
libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb)
libnss-dns-udeb - GNU C Library: NSS helper for DNS - udeb (udeb)
libnss-files-udeb - GNU C Library: NSS helper for files - udeb (udeb)
locales - GNU C Library: National Language (locale) data [support]
locales-all - GNU C Library: Precompiled locale data
multiarch-support - Transitional package to ensure multiarch compatibility
nscd - GNU C Library: Name Service Cache Daemon
Closes: 291293 458611 534521 811574 813187
Changes:
glibc (2.23-0experimental0) experimental; urgency=medium
.
[ Aurelien Jarno ]
* New upstream release: version 2.23, with git updates up to 2016-03-12:
- Fix German translation of "Alarm clock". Closes: #291293.
- Fix strtol in Turkish locales. Closes: #458611.
- Add LFS support for fts functions. Closes: #534521.
- Fix build with GCC 6. Closes: #811574.
- Fix unbounded stack allocation in nan* functions (CVE-2014-9761).
Closes: #813187.
- debian/patches/localedata/locale-ku_TR.diff: rebased.
- debian/patches/localedata/fix-lang.diff: upstreamed.
- debian/patches/localedata/first_weekday.diff: rebased.
- debian/patches/localedata/locale-nb_NO.diff: upstreamed.
- debian/patches/localedata/cvs-bg_BG-t_fmt.diff: upstreamed.
- debian/patches/alpha/local-string-functions.diff: rebased.
- debian/patches/amd64/local-blacklist-for-Intel-TSX.diff: rebased.
- debian/patches/arm/local-ioperm.diff: dropped.
- debian/patches/hppa/cvs-allocatestack-stacktop.diff: upstreamed.
- debian/patches/hppa/local-pthread_spin_unlock.diff: upstreamed.
- debian/patches/hppa/submitted-mathdef.diff: upstreamed.
- debian/patches/hppa/cvs-update-mman.h.diff: upstreamed.
- debian/patches/hppa/submitted-dladdr.diff: upstreamed.
- debian/patches/hurd-i386/local-enable-ldconfig.diff: rebased.
- debian/patches/hurd-i386/tg-tls.diff: rebased.
- debian/patches/hurd-i386/tg-tls-threadvar.diff: rebased.
- debian/patches/hurd-i386/tg-hurdsig-fixes.diff: rebased.
- debian/patches/hurd-i386/tg-hurdsig-global-dispositions.diff: rebased.
- debian/patches/hurd-i386/cvs-libpthread.diff: updated.
- debian/patches/hurd-i386/unsubmitted-gnumach.defs.diff: rebased.
- debian/patches/hurd-i386/submitted-fork_port_leak.diff: upstreamed.
- debian/patches/hurd-i386/tg-libc_getspecific.diff: rebased.
- debian/patches/hurd-i386/cvs-libpthread-libc-lockP.diff: upstreamed.
- debian/patches/hurd-i386/tg-mmap32th_bit.diff: upstreamed.
- debian/patches/hurd-i386/tg-sysheaders.diff: upstreamed.
- debian/patches/hurd-i386/cvs-bootstrap.diff: upstreamed.
- debian/patches/hurd-i386/cvs-cache-mach_host_self.diff: upstreamed.
- debian/patches/hurd-i386/cvs-csu_crt0.diff: upstreamed.
- debian/patches/hurd-i386/cvs-s_scalbn.diff: upstreamed.
- debian/patches/hurd-i386/local-mach_print.diff: rebased.
- debian/patches/hurd-i386/cvs-hidden.diff: rebased.
- debian/patches/hurd-i386/cvs-O_DIRECTORY.diff: upstreamed.
- debian/patches/hurd-i386/cvs-raise-longjump.diff: upstreamed.
- debian/patches/i386/local-i386-ulps.diff: dropped.
- debian/patches/kfreebsd/local-scripts.diff: rebased.
- debian/patches/m68k/submitted-gcc34-seccomment.diff: rebased.
- debian/patches/mips/cvs-testsuite-o32-fp.diff: upstreamed.
- debian/patches/powerpc/local-powerpc8xx-dcbz.diff: rebased.
- debian/patches/sh4/local-fpscr_values.diff: rebased.
- debian/patches/any/local-bindresvport_blacklist.diff: rebased.
- debian/patches/any/local-libgcc-compat-main.diff: rebased.
- debian/patches/any/local-libgcc-compat-abilists.diff: rebased.
- debian/patches/any/local-mktemp.diff: upstreamed.
- debian/patches/any/cvs-stdio-lock.diff: upstreamed.
- debian/patches/any/local-tcsetaddr.diff: rebased.
- debian/patches/any/local-tst-mktime2.diff: rebased.
- debian/patches/any/submitted-nis-netgrp.diff: upstreamed.
- debian/patches/any/submitted-longdouble.diff: rebased.
- debian/patches/any/local-dynamic-resolvconf.diff: rebased.
- debian/patches/any/local-static-dlopen-search-path.diff: upstreamed.
- debian/patches/any/local-math-logb.diff: upstreamed.
- debian/patches/any/cvs-gawk-gensub.diff: upstreamed.
- debian/patches/any/cvs-grantpt-namespace.diff: upstreamed.
- debian/patches/any/cvs-grantpt-pty-owner.diff: upstreamed.
- debian/patches/any/cvs-bits-libc-stdio-lock.diff: upstreamed.
- debian/patches/any/submitted-hle-checking-mutex.diff: upstreamed.
- debian/{control,symbols.wildcards,copyright}: Updated strings for 2.23.
- debian/patches/kfreebsd/local-undef-glibc.diff: rebased.
- debian/patches/kfreebsd/local-tst-malloc-backtrace.diff: rebased,
renamed into local-tst-malloc-fbtl.diff.
- debian/patches/hurd-i386/submitted-net.diff: rebased.
- debian/patches/hurd-i386/tg-bits_atomic.h_multiple_threads.diff:
rebased.
- debian/patches/hurd-i386/submitted-handle-eprototype.diff: dropped.
* debian/testsuite-xfail-debian.mk (powerpc) mark tst-malloc-thread-fail
test as xfail, it is a known issue and not a regression.
* debian/testsuite-xfail-debian.mk (mipsel): mark a few math tests are
failing, due to a bug in the Loongson 3 FPU.
* patches/kfreebsd/local-fbtl.diff: update to revision 5940 (from
glibc-bsd).
Checksums-Sha1:
6e2812650c034d8f532c4961268b64ce1ecfd64f 8241 glibc_2.23-0experimental0.dsc
fcd58cc91038a54faa5dac68ea000c6dd92184ae 13849968 glibc_2.23.orig.tar.xz
55e9413d5c09761caf92670c5c2a58860fd1aaa2 1143576 glibc_2.23-0experimental0.debian.tar.xz
Checksums-Sha256:
28ff3eec498296142fb83de9b82bf90dda6cae7f9431f73dca362700638e0873 8241 glibc_2.23-0experimental0.dsc
bf6c528eeebefcacc295270068b79330c1fb2b22458ff66285b4175d23442c96 13849968 glibc_2.23.orig.tar.xz
3fbb788065ecb9ccba54fc61c6020a2ff82fd86164b9c6f0c2d5395da63dc467 1143576 glibc_2.23-0experimental0.debian.tar.xz
Files:
5e2ec4e24a901f99dd6961211bb04b85 8241 libs required glibc_2.23-0experimental0.dsc
7945832c8f9ddfec9841582ad9109f36 13849968 libs required glibc_2.23.orig.tar.xz
9ec2adfcd5adfaac44c7d7f5981e1c07 1143576 libs required glibc_2.23-0experimental0.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJW5bB4AAoJELqceAYd3YybgBMP/RkoVgnF+h0mMRor1wB3y7PI
cxE/V7iycm+wJ2wktxxFn+a6RCaaT2RV7IPiVGOW8HmHGEO0vaQ9bhHmNrvmvp9t
6M00QTuI8WzuS5DnKwraFTiZDCUGxceDjSk0gxMHWJ2JSAN+WmBD3EdsktkZL7Kk
y85QlU3Gi7XVdzBqZ0M8jiMD575LBcFzwZ++Hgcbtyv+/h0dJGxynNLzqG7ZVIIw
zaRQgj+r/MLXhnaCxKa56eLGzV0lBpB2BsQeZUF6DwaxvhsU1x0Lmt27gTEqlp+x
DVv6VGc7QMoqogpeG8QRWrV5o053Hb/PxFH5YuwiP4FSePIzzDJGvyu3r4rI9v9V
XX9nPyg3phmkJieTw/XdzWrrp4nAQIBzyV+tuTS+6+TfdlQPFQrVgzqq3ikc8SXf
4lTR/a73Y10sb9mqXYPb/ZGgeJVopQNOmLSLjAz0qDPvLU00FNo07TdgqfgDZz+E
LEchy3kldq1Llt1sgrCOCn2aU5GgFdFWQW+JECSoBqdNe8vC/0RShAqODSM5JomJ
dINv3Og4Nq/ymOXmqGK82Kr26xB3Xsx60onfJ7Pno3jzUXbTKnszYQlFJPD4s9+p
bP228+eQ6egxr7K7A1CEf9Gr3+Fpkn3FlTFaVN/l7K1+oIV5zmZPHhp2hhZMZ+5S
ogVJfJL0fLSS/XvClefQ
=NGeG
-----END PGP SIGNATURE-----
Added tag(s) pending.
Request was from Aurelien Jarno <aurelien@aurel32.net>
to control@bugs.debian.org.
(Fri, 01 Jul 2016 09:24:11 GMT) (full text, mbox, link).
Message sent on
to Salvatore Bonaccorso <carnil@debian.org>:
Bug#813187.
(Fri, 01 Jul 2016 09:24:34 GMT) (full text, mbox, link).
Message #27 received at 813187-submitter@bugs.debian.org (full text, mbox, reply):
tag 813187 pending
thanks
Hello,
Bug #813187 reported by you has been fixed in the Git repository. You can
see the changelog below, and you can check the diff of the fix at:
http://git.debian.org/?p=pkg-glibc/glibc.git;a=commitdiff;h=e280c57
---
commit e280c57a76b8c26ad9a9fd3366e5aa896ddb5b68
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Sun Mar 13 00:39:38 2016 +0100
Add a few bugs numbers
diff --git a/debian/changelog b/debian/changelog
index a569f16..799d409 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,11 @@ glibc (2.23-0experimental0) UNRELEASED; urgency=medium
[ Aurelien Jarno ]
* New upstream release: version 2.23, with git updates up to 2016-03-12:
+ - Fix German translation of "Alarm clock". Closes: #291293.
+ - Add LFS support for fts functions. Closes: #534521.
+ - Fix build with GCC 6. Closes: #811574.
+ - Fix unbounded stack allocation in nan* functions (CVE-2014-9761).
+ Closes: #813187.
- debian/patches/localedata/locale-ku_TR.diff: rebased.
- debian/patches/localedata/fix-lang.diff: upstreamed.
- debian/patches/localedata/first_weekday.diff: rebased.
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 26 Sep 2016 07:36:51 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:27:34 2019;
Machine Name:
beach
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon