date:20180113

[glibc] branch sid updated (52e1594 -> c22afdd)

2018-01-13 Thread Aurelien Jarno

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a change to branch sid
in repository glibc.

  from  52e1594   debian/control.in/*: add conflicts to only allow to 
install one set of multilib packages simultaneously.  Closes: #702962, #743618, 
#784015, #820826, #870257.
   new  c22afdd   Fix previous commit

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Summary of changes:
 debian/changelog  | 4 ++--
 debian/control| 3 ---
 debian/control.in/s390| 1 -
 debian/control.in/sparc   | 1 -
 debian/control.in/sparc64 | 1 -
 5 files changed, 2 insertions(+), 8 deletions(-)

-- 
Alioth's /usr/local/bin/git-commit-notice on 
/srv/git.debian.org/git/pkg-glibc/glibc.git

[glibc] 01/01: Fix previous commit

2018-01-13 Thread Aurelien Jarno

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a commit to branch sid
in repository glibc.

commit c22afdd5739ad24934b34b91f7a0585fc4030906
Author: Aurelien Jarno 
Date:   Sun Jan 14 00:55:47 2018 +0100

Fix previous commit
---
 debian/changelog  | 4 ++--
 debian/control| 3 ---
 debian/control.in/s390| 1 -
 debian/control.in/sparc   | 1 -
 debian/control.in/sparc64 | 1 -
 5 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 53e990f..1ed856d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,8 +8,8 @@ glibc (2.26-4) UNRELEASED; urgency=medium
   * debian/patches/git-updates.diff: update from upstream stable branch:
 - Fix a buffer underflow in getcwd() (CVE-2018-101).  Closes:
   #887001.
-  * debian/control.in/*: add conflicts to only allow to install one set of
-multilib packages simultaneously.  Closes: #702962, #743618, #784015,
+  * debian/control.in/*: add conflicts to only allow one to install one set
+of multilib packages simultaneously.  Closes: #702962, #743618, #784015,
 #820826, #870257.
 
  -- Aurelien Jarno   Fri, 12 Jan 2018 22:26:33 +0100
diff --git a/debian/control b/debian/control
index 59f9982..20bbd4b 100644
--- a/debian/control
+++ b/debian/control
@@ -540,7 +540,6 @@ Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
 Build-Profiles: 
-Package: libc6-sparc
 Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-s390, libc6-sparc64, libc6-x32
 Description: GNU C Library: 32bit Shared libraries for SPARC
  This package includes shared versions of the standard C library and the
@@ -565,7 +564,6 @@ Architecture: sparc
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
-Package: libc6-sparc64
 Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-s390, libc6-sparc, libc6-x32
 Build-Profiles: 
 Description: GNU C Library: 64bit Shared libraries for UltraSPARC
@@ -591,7 +589,6 @@ Architecture: s390x
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
-Package: libc6-s390
 Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-sparc, libc6-sparc64, libc6-x32
 Build-Profiles: 
 Description: GNU C Library: 32bit Shared libraries for IBM zSeries
diff --git a/debian/control.in/s390 b/debian/control.in/s390
index f7d605f..a6fe094 100644
--- a/debian/control.in/s390
+++ b/debian/control.in/s390
@@ -3,7 +3,6 @@ Architecture: s390x
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
-Package: libc6-s390
 Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-sparc, libc6-sparc64, libc6-x32
 Build-Profiles: 
 Description: GNU C Library: 32bit Shared libraries for IBM zSeries
diff --git a/debian/control.in/sparc b/debian/control.in/sparc
index 50795e1..abb1ecd 100644
--- a/debian/control.in/sparc
+++ b/debian/control.in/sparc
@@ -4,7 +4,6 @@ Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
 Build-Profiles: 
-Package: libc6-sparc
 Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-s390, libc6-sparc64, libc6-x32
 Description: GNU C Library: 32bit Shared libraries for SPARC
  This package includes shared versions of the standard C library and the
diff --git a/debian/control.in/sparc64 b/debian/control.in/sparc64
index 3a3dbbe..3076034 100644
--- a/debian/control.in/sparc64
+++ b/debian/control.in/sparc64
@@ -3,7 +3,6 @@ Architecture: sparc
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
-Package: libc6-sparc64
 Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-s390, libc6-sparc, libc6-x32
 Build-Profiles: 
 Description: GNU C Library: 64bit Shared libraries for UltraSPARC

-- 
Alioth's /usr/local/bin/git-commit-notice on 
/srv/git.debian.org/git/pkg-glibc/glibc.git

[glibc] branch sid updated (82a8885 -> 52e1594)

2018-01-13 Thread Aurelien Jarno

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a change to branch sid
in repository glibc.

  from  82a8885   debian/patches/git-updates.diff: update from upstream 
stable branch:
   new  52e1594   debian/control.in/*: add conflicts to only allow to 
install one set of multilib packages simultaneously.  Closes: #702962, #743618, 
#784015, #820826, #870257.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Summary of changes:
 debian/changelog|  3 +++
 debian/control  | 15 +++
 debian/control.in/amd64 |  1 +
 debian/control.in/i386  |  1 +
 debian/control.in/kfreebsd-i386 |  1 +
 debian/control.in/mips32|  1 +
 debian/control.in/mips64|  1 +
 debian/control.in/mipsn32   |  1 +
 debian/control.in/powerpc   |  1 +
 debian/control.in/ppc64 |  1 +
 debian/control.in/s390  |  2 ++
 debian/control.in/sparc |  2 ++
 debian/control.in/sparc64   |  2 ++
 debian/control.in/x32   |  1 +
 14 files changed, 33 insertions(+)

-- 
Alioth's /usr/local/bin/git-commit-notice on 
/srv/git.debian.org/git/pkg-glibc/glibc.git

Processed: Bug#743618 marked as pending

2018-01-13 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 743618 pending
Bug #743618 [libc6-dev-i386] libc6-dev-i386: /usr/include/sys/file.h conflict 
between libc6-dev-i386 and libc6-dev-ppc64
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
743618: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=743618
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#870257 marked as pending

2018-01-13 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 870257 pending
Bug #870257 [src:glibc] Add conflicts for multilib development packages
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
870257: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870257
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#820826 marked as pending

2018-01-13 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 820826 pending
Bug #820826 [src:glibc] libc6-dev-amd64: Multiarch allows conflicting packages, 
and apt-get does not detect this
Bug #702962 [src:glibc] file conflicts in libc6-dev-i386 and libc6-dev-mips64
Ignoring request to alter tags of bug #820826 to the same tags previously set
Ignoring request to alter tags of bug #702962 to the same tags previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
702962: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702962
820826: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820826
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#702962 marked as pending

2018-01-13 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 702962 pending
Bug #702962 [src:glibc] file conflicts in libc6-dev-i386 and libc6-dev-mips64
Bug #820826 [src:glibc] libc6-dev-amd64: Multiarch allows conflicting packages, 
and apt-get does not detect this
Added tag(s) pending.
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
702962: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702962
820826: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820826
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: Bug#784015 marked as pending

2018-01-13 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 784015 pending
Bug #784015 [libc6-i386,libc6-mipsn32] undeclared file conflict between 
libc6-i386 and libc6-mipsn32
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
784015: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=784015
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

[glibc] 01/01: debian/control.in/*: add conflicts to only allow to install one set of multilib packages simultaneously. Closes: #702962, #743618, #784015, #820826, #870257.

2018-01-13 Thread Aurelien Jarno

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a commit to branch sid
in repository glibc.

commit 52e1594ab5088f525092f74b0b82d5fb92afff5e
Author: Aurelien Jarno 
Date:   Sun Jan 14 00:08:46 2018 +0100

debian/control.in/*: add conflicts to only allow to install one set of 
multilib packages simultaneously.  Closes: #702962, #743618, #784015, #820826, 
#870257.
---
 debian/changelog|  3 +++
 debian/control  | 15 +++
 debian/control.in/amd64 |  1 +
 debian/control.in/i386  |  1 +
 debian/control.in/kfreebsd-i386 |  1 +
 debian/control.in/mips32|  1 +
 debian/control.in/mips64|  1 +
 debian/control.in/mipsn32   |  1 +
 debian/control.in/powerpc   |  1 +
 debian/control.in/ppc64 |  1 +
 debian/control.in/s390  |  2 ++
 debian/control.in/sparc |  2 ++
 debian/control.in/sparc64   |  2 ++
 debian/control.in/x32   |  1 +
 14 files changed, 33 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index f1cebf4..53e990f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -8,6 +8,9 @@ glibc (2.26-4) UNRELEASED; urgency=medium
   * debian/patches/git-updates.diff: update from upstream stable branch:
 - Fix a buffer underflow in getcwd() (CVE-2018-101).  Closes:
   #887001.
+  * debian/control.in/*: add conflicts to only allow to install one set of
+multilib packages simultaneously.  Closes: #702962, #743618, #784015,
+#820826, #870257.
 
  -- Aurelien Jarno   Fri, 12 Jan 2018 22:26:33 +0100
 
diff --git a/debian/control b/debian/control
index 9dc2598..59f9982 100644
--- a/debian/control
+++ b/debian/control
@@ -513,6 +513,7 @@ Architecture: amd64 x32
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
+Conflicts: libc0.1-i386, libc6-amd64 [amd64], libc6-amd64:i386 [x32], 
libc6-i386:amd64 [x32], libc6-i386:x32 [amd64], libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-s390, libc6-sparc, 
libc6-sparc64, libc6-x32 [x32], libc6-x32:i386 [amd64]
 Replaces: libc6-dev-i386
 Build-Profiles: 
 Description: GNU C Library: 32-bit shared libraries for AMD64
@@ -539,6 +540,8 @@ Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
 Build-Profiles: 
+Package: libc6-sparc
+Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-s390, libc6-sparc64, libc6-x32
 Description: GNU C Library: 32bit Shared libraries for SPARC
  This package includes shared versions of the standard C library and the
  standard math library, as well as many others. This is the 32bit version
@@ -562,6 +565,8 @@ Architecture: sparc
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
+Package: libc6-sparc64
+Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-s390, libc6-sparc, libc6-x32
 Build-Profiles: 
 Description: GNU C Library: 64bit Shared libraries for UltraSPARC
  This package includes shared versions of the standard C library and the
@@ -586,6 +591,8 @@ Architecture: s390x
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
+Package: libc6-s390
+Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-sparc, libc6-sparc64, libc6-x32
 Build-Profiles: 
 Description: GNU C Library: 32bit Shared libraries for IBM zSeries
  This package includes shared versions of the standard C library and the
@@ -610,6 +617,7 @@ Architecture: i386 x32
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
+Conflicts: libc0.1-i386, libc6-amd64:i386 [x32], libc6-amd64:x32 [i386], 
libc6-i386 [i386], libc6-i386:amd64 [x32], libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-ppc64, libc6-s390, libc6-sparc, 
libc6-sparc64, libc6-x32 [x32], libc6-x32:amd64 [i386]
 Build-Profiles: 
 Description: GNU C Library: 64bit Shared libraries for AMD64
  This package includes shared versions of the standard C library and the
@@ -634,6 +642,7 @@ Architecture: ppc64
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
+Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-ppc64, libc6-s390, libc6-sparc, libc6-sparc64, libc6-x32
 Build-Profiles: 
 Description: GNU C Library: 32bit powerpc shared libraries for ppc64
  This package includes shared versions of the standard C
@@ -658,6 +667,7 @@ Architecture: powerpc
 Section: libs
 Priority: optional
 Depends: libc6 (= ${binary:Version}), ${misc:Depends}
+Conflicts: libc0.1-i386, libc6-amd64, libc6-i386, libc6-mips32, libc6-mips64, 
libc6-mipsn32, libc6-powerpc, libc6-s390, libc6-sparc,

Re: Bug#882158: stretch-pu: package glibc/2.24-11+deb9u2

2018-01-13 Thread Julien Cristau

Control: tag -1 confirmed

On Sat, Dec  9, 2017 at 14:22:45 +0100, Aurelien Jarno wrote:

> Unfortunately it didn't make in 9.3 due to the regression introduced wrt
> /etc/ld.so.nohwcap (see bug#883394). The issue is due to the conversion
> of libc6-i686 into a transitional package between jessie and stretch, and
> dropping the postinst and postrm script handling the removal of
> /etc/ld.so.nohwcap after the upgrade. The problem always existed in
> stretch, but the probability for it to happen has been greatly increased
> by the fix for #882272. The issue doesn't affect buster/sid as the
> transitional package has been removed.
> 
> I have fixed the issue in version 2.24-11+deb9u3 by reintroducing the
> postinst and postrm scripts in the transitional package. You will find
> below the corresponding patch.
> 
> Thanks for considering it for 9.4.
> 
Assuming that's been tested in all the various scenarios, please go
ahead.

Cheers,
Julien

[glibc] branch sid updated (96e8c35 -> 82a8885)

2018-01-13 Thread Aurelien Jarno

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a change to branch sid
in repository glibc.

  from  96e8c35   debian/testsuite-xfail-debian.mk: since we now also run 
the testsuite for the multilib flavours, simplify the mips* entries into mips*, 
mips be and mips le, instead of trying to keep all the flavours in sync. Remove 
XFAILs for tests that have been fixed.
   new  82a8885   debian/patches/git-updates.diff: update from upstream 
stable branch:

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Summary of changes:
 debian/changelog|   3 +
 debian/patches/git-updates.diff | 137 ++--
 2 files changed, 136 insertions(+), 4 deletions(-)

-- 
Alioth's /usr/local/bin/git-commit-notice on 
/srv/git.debian.org/git/pkg-glibc/glibc.git

Processed: Bug#887001 marked as pending

2018-01-13 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> tag 887001 pending
Bug #887001 [src:glibc] glibc: CVE-2018-101: realpath() buffer underflow 
when getcwd() returns relative path allows privilege escalation
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
887001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887001
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

[glibc] 01/01: debian/patches/git-updates.diff: update from upstream stable branch:

2018-01-13 Thread Aurelien Jarno

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a commit to branch sid
in repository glibc.

commit 82a888594125b1d05bed4092b23af44fc23907a2
Author: Aurelien Jarno 
Date:   Sat Jan 13 16:14:06 2018 +0100

debian/patches/git-updates.diff: update from upstream stable branch:

* debian/patches/git-updates.diff: update from upstream stable branch:
  - Fix a buffer underflow in getcwd() (CVE-2018-101).  Closes:
#887001.
---
 debian/changelog|   3 +
 debian/patches/git-updates.diff | 137 ++--
 2 files changed, 136 insertions(+), 4 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index f72b868..f1cebf4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,9 @@ glibc (2.26-4) UNRELEASED; urgency=medium
 the multilib flavours, simplify the mips* entries into mips*, mips be and
 mips le, instead of trying to keep all the flavours in sync. Remove
 XFAILs for tests that have been fixed.
+  * debian/patches/git-updates.diff: update from upstream stable branch:
+- Fix a buffer underflow in getcwd() (CVE-2018-101).  Closes:
+  #887001.
 
  -- Aurelien Jarno   Fri, 12 Jan 2018 22:26:33 +0100
 
diff --git a/debian/patches/git-updates.diff b/debian/patches/git-updates.diff
index be70c25..532da88 100644
--- a/debian/patches/git-updates.diff
+++ b/debian/patches/git-updates.diff
@@ -1,10 +1,19 @@
 GIT update of https://sourceware.org/git/glibc.git/release/2.26/master from 
glibc-2.26
 
 diff --git a/ChangeLog b/ChangeLog
-index 8dbfc7eaff..efc8395ebb 100644
+index 8dbfc7eaff..98ef90f461 100644
 --- a/ChangeLog
 +++ b/ChangeLog
-@@ -1,3 +1,1136 @@
+@@ -1,3 +1,1146 @@
++2018-01-12  Dmitry V. Levin  
++
++  [BZ #22679]
++  CVE-2018-101
++  * sysdeps/unix/sysv/linux/getcwd.c (__getcwd): Fall back to
++  generic_getcwd if the path returned by getcwd syscall is not absolute.
++  * io/tst-getcwd-abspath.c: New test.
++  * io/Makefile (tests): Add tst-getcwd-abspath.
++
 +2017-12-19  Adhemerval Zanella  
 +  James Clarke 
 +
@@ -981,6 +990,7 @@ index 8dbfc7eaff..efc8395ebb 100644
 +
 +2017-09-01  Florian Weimer  
 +
++  [BZ #20532]
 +  * sysdeps/posix/getaddrinfo.c (gaih_inet): Make reporting of NSS
 +  function lookup failures more reliable.
 +
@@ -1165,10 +1175,10 @@ index 9bb707c168..828a445f24 100644
  # Don't try to use -lc when making libc.so itself.
  # Also omits crti.o and crtn.o, which we do not want
 diff --git a/NEWS b/NEWS
-index 8295f20c0a..f04b3ed4e8 100644
+index 8295f20c0a..7f88e9e310 100644
 --- a/NEWS
 +++ b/NEWS
-@@ -5,6 +5,98 @@ See the end for copying conditions.
+@@ -5,6 +5,105 @@ See the end for copying conditions.
  Please send GNU C library bug reports via 
  using `glibc' in the "product" field.
  
@@ -1226,10 +1236,15 @@ index 8295f20c0a..f04b3ed4e8 100644
 +  for AT_SECURE or SUID binaries could be used to load libraries from the
 +  current directory.
 +
++  CVE-2018-101: Buffer underflow in realpath function when getcwd function
++  succeeds without returning an absolute path due to unexpected behaviour
++  of the Linux kernel getcwd syscall.  Reported by halfdog.
++
 +The following bugs are resolved with this release:
 +
 +  [16750] ldd: Never run file directly.
 +  [17956] crypt: Use NSPR header files in addition to NSS header files
++  [20532] getaddrinfo: More robust handling of dlopen failures
 +  [21242] assert: Suppress pedantic warning caused by statement expression
 +  [21265] x86-64: Use fxsave/xsave/xsavec in _dl_runtime_resolve
 +  [21780] posix: Set p{read,write}v2 to return ENOTSUP
@@ -1263,6 +1278,8 @@ index 8295f20c0a..f04b3ed4e8 100644
 +  [22325] glibc: Memory leak in glob with GLOB_TILDE (CVE-2017-15671)
 +  [22375] malloc returns pointer from tcache instead of NULL (CVE-2017-17426)
 +  [22627] $ORIGIN in $LD_LIBRARY_PATH is substituted twice
++  [22679] getcwd(3) can succeed without returning an absolute path
++(CVE-2018-101)
 +
  Version 2.26
  
@@ -1828,6 +1845,91 @@ index 2b2632c7ba..b2135893e8 100644
  libc_hidden_proto (__inet6_scopeid_pton)
  
  
+diff --git a/io/Makefile b/io/Makefile
+index 2f26bf56db..f0bdc838bb 100644
+--- a/io/Makefile
 b/io/Makefile
+@@ -70,7 +70,7 @@ tests:= test-utime test-stat test-stat2 
test-lfs tst-getcwd \
+  tst-symlinkat tst-linkat tst-readlinkat tst-mkdirat \
+  tst-mknodat tst-mkfifoat tst-ttyname_r bug-ftw5 \
+  tst-posix_fallocate tst-posix_fallocate64 \
+- tst-fts tst-fts-lfs tst-open-tmpfile
++ tst-fts tst-fts-lfs tst-open-tmpfile tst-getcwd-abspath
+ 
+ ifeq ($(run-built-tests),yes)
+ tests-special += $(objpfx)ftwtest.out
+diff --git a/io/tst-getcwd-abspath.c

Bug#887078: libc6: Amarok get SIGSEGV at start

2018-01-13 Thread Alex Dănilă

Package: libc6
Version: 2.26.9000+20180108.401311cf-0experimental0
Severity: important

Dear Maintainer,

Upgrading libc6 to Experimental makes Amarok no longer start. No other programs 
I have tried are affected.

It gets SIGSEGV with stacks that are pretty hard to understand in gdb:
$ gdb amarok
(gdb) set args --nofork 
(gdb) r
Starting program: /usr/bin/amarok --nofork
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
QDBusConnection: session D-Bus connection created before QCoreApplication. 
Application may misbehave.

Program received signal SIGSEGV, Segmentation fault.
0x7fffdc60 in ?? ()
(gdb) where
#0  0x7fffdc60 in  ()
#1  0x in  ()

Downgrading libc6 to Unstable makes Amarok work again.


*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
 ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (900, 'testing'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.14.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

[glibc] branch sid updated (52e1594 -> c22afdd)

[glibc] 01/01: Fix previous commit

[glibc] branch sid updated (82a8885 -> 52e1594)

Processed: Bug#743618 marked as pending

Processed: Bug#870257 marked as pending

Processed: Bug#820826 marked as pending

Processed: Bug#702962 marked as pending

Processed: Bug#784015 marked as pending

[glibc] 01/01: debian/control.in/*: add conflicts to only allow to install one set of multilib packages simultaneously. Closes: #702962, #743618, #784015, #820826, #870257.

Re: Bug#882158: stretch-pu: package glibc/2.24-11+deb9u2

[glibc] branch sid updated (96e8c35 -> 82a8885)

Processed: Bug#887001 marked as pending

[glibc] 01/01: debian/patches/git-updates.diff: update from upstream stable branch:

Bug#887078: libc6: Amarok get SIGSEGV at start

14 matches

Site Navigation

Mail list logo

Footer information