Your message dated Sun, 28 May 2017 21:04:15 +0000 with message-id <e1df5mf-0000jt...@fasolo.debian.org> and subject line Bug#862950: fixed in glibc 2.24-11 has caused the Debian Bug report #862950, regarding Backport malloc hardening to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 862950: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862950 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: glibc Severity: important Please see this blog posting from Chris Evans: https://scarybeastsecurity.blogspot.com/2017/05/further-hardening-glibc-malloc-against.html Upstream fix is here: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=17f487b7afa7cd6c316040f3e6c86dc96b2eec30 Could we backport this to stretch? (And to a jessie point update after it has settled a bit in testing/sid?) Cheers, Moritz
--- End Message ---
--- Begin Message ---Source: glibc Source-Version: 2.24-11 We believe that the bug you reported is fixed in the latest version of glibc, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 862...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno <aure...@debian.org> (supplier of updated glibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 28 May 2017 19:29:33 +0200 Source: glibc Binary: libc-bin libc-dev-bin libc-l10n glibc-doc glibc-source locales locales-all nscd multiarch-support libc6 libc6-dev libc6-dbg libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc libc6-dev-sparc libc6-sparc64 libc6-dev-sparc64 libc6-s390 libc6-dev-s390 libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mips32 libc6-dev-mips32 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-x32 libc6-dev-x32 libc6-xen libc0.3-xen libc6.1-alphaev67 libc0.1-i686 libc0.3-i686 libc6-i686 Architecture: source Version: 2.24-11 Distribution: unstable Urgency: medium Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org> Changed-By: Aurelien Jarno <aure...@debian.org> Description: glibc-doc - GNU C Library: Documentation glibc-source - GNU C Library: sources libc-bin - GNU C Library: Binaries libc-dev-bin - GNU C Library: Development binaries libc-l10n - GNU C Library: localization files libc0.1 - GNU C Library: Shared libraries libc0.1-dbg - GNU C Library: detached debugging symbols libc0.1-dev - GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - GNU C Library: 32bit development libraries for AMD64 libc0.1-i386 - GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - transitional dummy package libc0.1-pic - GNU C Library: PIC archive library libc0.1-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3 - GNU C Library: Shared libraries libc0.3-dbg - GNU C Library: detached debugging symbols libc0.3-dev - GNU C Library: Development Libraries and Header Files libc0.3-i686 - transitional dummy package libc0.3-pic - GNU C Library: PIC archive library libc0.3-udeb - GNU C Library: Shared libraries - udeb (udeb) libc0.3-xen - GNU C Library: Shared libraries [Xen version] libc6 - GNU C Library: Shared libraries libc6-amd64 - GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - GNU C Library: detached debugging symbols libc6-dev - GNU C Library: Development Libraries and Header Files libc6-dev-amd64 - GNU C Library: 64bit Development Libraries for AMD64 libc6-dev-i386 - GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips32 - GNU C Library: o32 Development Libraries for MIPS libc6-dev-mips64 - GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - GNU C Library: 32bit powerpc development libraries for ppc64 libc6-dev-ppc64 - GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390 - GNU C Library: 32bit Development Libraries for IBM zSeries libc6-dev-sparc - GNU C Library: 32bit Development Libraries for SPARC libc6-dev-sparc64 - GNU C Library: 64bit Development Libraries for UltraSPARC libc6-dev-x32 - GNU C Library: X32 ABI Development Libraries for AMD64 libc6-i386 - GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - transitional dummy package libc6-mips32 - GNU C Library: o32 Shared libraries for MIPS libc6-mips64 - GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - GNU C Library: PIC archive library libc6-powerpc - GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - GNU C Library: 64bit Shared libraries for PowerPC64 libc6-s390 - GNU C Library: 32bit Shared libraries for IBM zSeries libc6-sparc - GNU C Library: 32bit Shared libraries for SPARC libc6-sparc64 - GNU C Library: 64bit Shared libraries for UltraSPARC libc6-udeb - GNU C Library: Shared libraries - udeb (udeb) libc6-x32 - GNU C Library: X32 ABI Shared libraries for AMD64 libc6-xen - GNU C Library: Shared libraries [Xen version] libc6.1 - GNU C Library: Shared libraries libc6.1-alphaev67 - GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - GNU C Library: detached debugging symbols libc6.1-dev - GNU C Library: Development Libraries and Header Files libc6.1-pic - GNU C Library: PIC archive library libc6.1-udeb - GNU C Library: Shared libraries - udeb (udeb) locales - GNU C Library: National Language (locale) data [support] locales-all - GNU C Library: Precompiled locale data multiarch-support - Transitional package to ensure multiarch compatibility nscd - GNU C Library: Name Service Cache Daemon Closes: 862950 Changes: glibc (2.24-11) unstable; urgency=medium . [ Aurelien Jarno ] * debian/patches/git-updates.diff: update from upstream stable branch: - Improve memcpy/memset performance on Skylake server. * debian/patches/any/cvs-malloc-hardening.diff: patch backported from upstream to further harden glibc malloc metadata against 1-byte overflows. Closes: #862950. Checksums-Sha1: 8afdb5a3d785665d84b0ea51a1c9a5b95bb1bf7b 8355 glibc_2.24-11.dsc 6ceac60cb8f01c625bbe71dbdffa7e3f10b882db 988788 glibc_2.24-11.debian.tar.xz 4e9e5ebe356727643fcbdb86306a5f2f23a04308 7062 glibc_2.24-11_source.buildinfo Checksums-Sha256: 1760695661f1ce5eeb8c0a605c3ef8770352c3b4e085c22e26b8cda7b24efd85 8355 glibc_2.24-11.dsc 1d02a0c87461d00a72606dbb858503cc855cbc5d1184d55acea57780f3d97d30 988788 glibc_2.24-11.debian.tar.xz e46f8a65c80bcbca2b85c9295cf576ea9a4da1a1be8fee4488c7d2bd599b5121 7062 glibc_2.24-11_source.buildinfo Files: 213bf4209fd146296c99e9606c57db39 8355 libs required glibc_2.24-11.dsc 7aeeca666b5c4b8db766390586dd46a4 988788 libs required glibc_2.24-11.debian.tar.xz 2981f82572e63cc79c91b5222d149446 7062 libs required glibc_2.24-11_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEd0YmQqnvlP0Pdxltupx4Bh3djJsFAlkrNqEACgkQupx4Bh3d jJtYURAAokuWvwBmZ+3lMMCYciH9FZWTrEYRIpNdFqbtefKfMNrVEBOdpW2KIbsE sy+0Rfm08uGJ7eZ/Vl18Nx3Rt8SwnmoRrGm7xfKsZP0bUI6UgyYy/EjE9iKvQobt 2VleJlzSTdaBB9rBLsdikc3yYRo2A+ugt+g/xyVmJYxIMkj6pcI/Tu6S+pDZenF8 Irlxfa35HiipBBX2O4gC5o7PAuDXHs1xNyruNMAtOQLDcjdgMsDNx1VSKkVJTRIH /qNjEprShF63cZVhfvA414LtOCSRSvVlRH0uxWdnKieAqY6UpF4jAFl2ErOkWfgP xLEwGKKhCkU/I2fbpLilIkzFzDJkiW0l1bKQnhoggANFDCIP1GWJ4wtfYufN4m/N DSapjLtVC3QxzaExVS6UcgMBTyeRJOKHBhQnoq3gh7XxScsbOzkXQxkgKvmHIbLh 6m/8fdnm7ArFhLnHYGs9NzuRFjdkgthG/x/BqpI+dOhirhqBrRaqFmBO+xniIbki oqjWRTY5W3xIhVShyjRPy+TPqDzgQTjSj6TlXPxvTf3IP/PRexFB1j4eBpQWmsUK RYTvxkCvixCwMPYzbqu+6guoKZRm4W8KsbyLmmE3qZFB1Hdil8rodfSREtOcnwts lCIEkQJDrL2O19OwnJ/L5EdkZIDDs7Su1eW54RKEWcafp56R0tc= =SqnP -----END PGP SIGNATURE-----
--- End Message ---
