Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • Maytha8/glibc
  • vimerbf-guest/glibc
  • schopin/glibc
  • yumeyao/glibc
  • carlespina/po-debconf-manager-glibc
  • Claudia/glibc-widevine
  • andrewsh/glibc
  • jscott/glibc
  • bluca/glibc
  • gioele/glibc
  • rouca/glibc
  • sven/glibc
  • josch/glibc
  • cjwatson/glibc
  • fw/glibc
  • rbalint/glibc
  • bsd-team/glibc-packaging
  • glibc-team/glibc
  • bigon/glibc
  • ahrex-guest/glibc
  • friki/glibc
21 results
Show changes
Commits on Source (8)
  • Aurelien Jarno's avatar
    debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: Fix out-of-bound... · 3ee63d1c
    Aurelien Jarno authored 
    debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: Fix out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT module (CVE-2024-2961).  Closes: #1069191.
    3ee63d1c
  • Aurelien Jarno's avatar
    releasing package glibc version 2.36-9+deb12u6 · 20fa9ac6
    Aurelien Jarno authored
    20fa9ac6
  • Aurelien Jarno's avatar
    debian/patches/local-CVE-2024-33599-nscd.diff: Fix a stack-based buffer... · df18fa3b
    Aurelien Jarno authored 
    debian/patches/local-CVE-2024-33599-nscd.diff: Fix a stack-based buffer overflow in nscd netgroup cache (CVE-2024-33599).
    df18fa3b
  • Aurelien Jarno's avatar
    debian/patches/local-CVE-2024-33600-nscd.diff: Fix a null pointer dereferences... · 7250dfd1
    Aurelien Jarno authored 
    debian/patches/local-CVE-2024-33600-nscd.diff: Fix a null pointer dereferences in nscd after failed netgroup cache insertion (CVE-2024-33600).
    7250dfd1
  • Aurelien Jarno's avatar
    debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: Fix a DoS in nscd in... · 83f48ffd
    Aurelien Jarno authored 
    debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: Fix a DoS in nscd in case of memory allocation failure (CVE-2024-33601) and a memory corruption in nscd when the underlying NSS callback function does not use the buffer space to store all strings (CVE-2024-33602).
    83f48ffd
  • Aurelien Jarno's avatar
    releasing package glibc version 2.36-9+deb12u7 · 99e5fc90
    Aurelien Jarno authored
    99e5fc90
  • Aurelien Jarno's avatar
    releasing package glibc version 2.36-9+deb12u7 · 65086b4d
    Aurelien Jarno authored
    65086b4d
  • Aurelien Jarno's avatar
    debian/patches/git-updates.diff: update from upstream stable branch: · e0351e4b
    Aurelien Jarno authored 
    * debian/patches/git-updates.diff: update from upstream stable branch:
  - debian/patches/kfreebsd/submitted-auxv.diff: refreshed.
  - debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: upstreamed.
  - debian/patches/any/local-CVE-2024-33599-nscd.diff: upstreamed.
  - debian/patches/any/local-CVE-2024-33600-nscd.diff: upstreamed.
  - debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: upstreamed.
  - Fixes ffsll() performance issue depending on code alignment.
  - Fixes memmove/memset on sparc32.
  - Fixes pthread_cancel on sparc32.
  - Fixes a possible crash in _dl_start_user on arm32.
  - Fixes poor malloc/free performance due to lock contentions between
    threads when using core pinning.
  - Uses 64-bit time_t in testsuite on 32-bit systems.
  - Fixes rseq support when built against newer kernel headers.
  - Performance improvements for string functions on arm64.
  - Disables arm64 SVE functions on kernel <= 6.2.0 due to performance
    issues.
  - Fixes ld.so crash on powerpc64* when built with GCC 14.
  - Fixes ld.so crash on amd64 when built with APX enabled.
  - Fixes __WORDSIZE definition on sparc32 with sparcv9.
  - Fixes getutxent() on 32-bit architecture with _TIME_BITS=64.
  - Fixes y2038 regression in nscd following CVE-2024-33601 and
    CVE-2024-33602 fix.
  - Fixes build with --enable-hardcoded-path-in-tests with newer linkers.
  - Fixes crash in wcsncmp() in z13/vector-optimized s390 implementation.
  - Fixes rseq extension mechanism.
  - Fixes misc/tst-preadvwritev2 and misc/tst-preadvwritev64v2 with kernel
    6.9+.
  - Fixes freeing uninitialized memory in libc_freeres_fn().  Closes:
    #1073916.
    e0351e4b
Expand all Hide whitespace changes
Inline Side-by-side
debian/changelog
View file @ e0351e4b
glibc (2.36-9+deb12u8) UNRELEASED; urgency=medium
* debian/patches/git-updates.diff: update from upstream stable branch:
- debian/patches/kfreebsd/submitted-auxv.diff: refreshed.
- debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: upstreamed.
- debian/patches/any/local-CVE-2024-33599-nscd.diff: upstreamed.
- debian/patches/any/local-CVE-2024-33600-nscd.diff: upstreamed.
- debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: upstreamed.
- Fixes ffsll() performance issue depending on code alignment.
- Fixes memmove/memset on sparc32.
- Fixes pthread_cancel on sparc32.
- Fixes a possible crash in _dl_start_user on arm32.
- Fixes poor malloc/free performance due to lock contentions between
threads when using core pinning.
- Uses 64-bit time_t in testsuite on 32-bit systems.
- Fixes rseq support when built against newer kernel headers.
- Performance improvements for string functions on arm64.
- Disables arm64 SVE functions on kernel <= 6.2.0 due to performance
issues.
- Fixes ld.so crash on powerpc64* when built with GCC 14.
- Fixes ld.so crash on amd64 when built with APX enabled.
- Fixes __WORDSIZE definition on sparc32 with sparcv9.
- Fixes getutxent() on 32-bit architecture with _TIME_BITS=64.
- Fixes y2038 regression in nscd following CVE-2024-33601 and
CVE-2024-33602 fix.
- Fixes build with --enable-hardcoded-path-in-tests with newer linkers.
- Fixes crash in wcsncmp() in z13/vector-optimized s390 implementation.
- Fixes rseq extension mechanism.
- Fixes misc/tst-preadvwritev2 and misc/tst-preadvwritev64v2 with kernel
6.9+.
- Fixes freeing uninitialized memory in libc_freeres_fn(). Closes:
#1073916.
-- Aurelien Jarno <aurel32@debian.org> Mon, 22 Jul 2024 20:05:02 +0200
glibc (2.36-9+deb12u7) bookworm-security; urgency=medium
* debian/patches/local-CVE-2024-33599-nscd.diff: Fix a stack-based buffer
overflow in nscd netgroup cache (CVE-2024-33599).
* debian/patches/local-CVE-2024-33600-nscd.diff: Fix a null pointer
dereferences in nscd after failed netgroup cache insertion
(CVE-2024-33600).
* debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: Fix a DoS in nscd
in case of memory allocation failure (CVE-2024-33601) and a memory
corruption in nscd when the underlying NSS callback function does not use
the buffer space to store all strings (CVE-2024-33602).
-- Aurelien Jarno <aurel32@debian.org> Tue, 30 Apr 2024 23:07:28 +0200
glibc (2.36-9+deb12u6) bookworm-security; urgency=medium
* debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: Fix
out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT
module (CVE-2024-2961). Closes: #1069191.
-- Aurelien Jarno <aurel32@debian.org> Fri, 19 Apr 2024 18:34:04 +0200
glibc (2.36-9+deb12u5) bookworm; urgency=medium
 
* debian/patches/git-updates.diff: update from upstream stable branch:
......
debian/patches/git-updates.diff
View file @ e0351e4b
This diff is collapsed.
debian/patches/kfreebsd/submitted-auxv.diff
View file @ e0351e4b
......@@ -36,7 +36,7 @@ https://sourceware.org/bugzilla/show_bug.cgi?id=15794
for (p = GLRO(dl_auxv); p->a_type != AT_NULL; p++)
--- /dev/null
+++ b/bits/auxv.h
@@ -0,0 +1,90 @@
@@ -0,0 +1,93 @@
+/* Copyright (C) 1995-2013 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
......@@ -100,6 +100,9 @@ https://sourceware.org/bugzilla/show_bug.cgi?id=15794
+#define AT_HWCAP2 26 /* More machine-dependent hints about
+ processor capabilities. */
+
+#define AT_RSEQ_FEATURE_SIZE 27 /* rseq supported feature size. */
+#define AT_RSEQ_ALIGN 28 /* rseq allocation alignment. */
+
+#define AT_EXECFN 31 /* Filename of executable. */
+
+/* Pointer to the global system page used for system calls and other
......@@ -129,7 +132,7 @@ https://sourceware.org/bugzilla/show_bug.cgi?id=15794
+#define AT_MINSIGSTKSZ 51 /* Stack needed for signal delivery */
--- a/elf/elf.h
+++ b/elf/elf.h
@@ -1154,80 +1154,7 @@
@@ -1154,83 +1154,7 @@
} a_un;
} Elf64_auxv_t;
......@@ -179,6 +182,9 @@ https://sourceware.org/bugzilla/show_bug.cgi?id=15794
-#define AT_HWCAP2 26 /* More machine-dependent hints about
- processor capabilities. */
-
-#define AT_RSEQ_FEATURE_SIZE 27 /* rseq supported feature size. */
-#define AT_RSEQ_ALIGN 28 /* rseq allocation alignment. */
-
-#define AT_EXECFN 31 /* Filename of executable. */
-
-/* Pointer to the global system page used for system calls and other
......