eglibc_2.11.3-4+deb6u2_amd64.changes ACCEPTED into squeeze-lts

[Debian FTP Masters]

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 23 Nov 2014 19:03:02 +0100
Source: eglibc
Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd 
libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev 
libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev 
libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev 
libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 
libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 
libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 
libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 
libc0.1-dev-i386 libc6-sparcv9b libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 
libc0.3-xen libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb
Architecture: source all amd64
Version: 2.11.3-4+deb6u2
Distribution: squeeze-lts
Urgency: medium
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Changed-By: Thorsten Alteholz <deb...@alteholz.de>
Description: 
 eglibc-source - Embedded GNU C Library: sources
 glibc-doc  - Embedded GNU C Library: Documentation
 libc-bin   - Embedded GNU C Library: Binaries
 libc-dev-bin - Embedded GNU C Library: Development binaries
 libc0.1    - Embedded GNU C Library: Shared libraries
 libc0.1-dbg - Embedded GNU C Library: detached debugging symbols
 libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files
 libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for 
AMD64
 libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64
 libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
 libc0.1-pic - Embedded GNU C Library: PIC archive library
 libc0.1-prof - Embedded GNU C Library: Profiling Libraries
 libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
 libc0.3    - Embedded GNU C Library: Shared libraries
 libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
 libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files
 libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
 libc0.3-pic - Embedded GNU C Library: PIC archive library
 libc0.3-prof - Embedded GNU C Library: Profiling Libraries
 libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
 libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version]
 libc6      - Embedded GNU C Library: Shared libraries
 libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64
 libc6-dbg  - Embedded GNU C Library: detached debugging symbols
 libc6-dev  - Embedded GNU C Library: Development Libraries and Header Files
 libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64
 libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64
 libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for 
MIPS64
 libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for 
MIPS64
 libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development 
libraries for p
 libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for 
PowerPC64
 libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM 
zSeri
 libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for 
UltraSPAR
 libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64
 libc6-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
 libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64
 libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64
 libc6-pic  - Embedded GNU C Library: PIC archive library
 libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for 
ppc64
 libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64
 libc6-prof - Embedded GNU C Library: Profiling Libraries
 libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries
 libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC
 libc6-sparcv9b - Embedded GNU C Library: Shared libraries [v9b optimized]
 libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
 libc6-xen  - Embedded GNU C Library: Shared libraries [Xen version]
 libc6.1    - Embedded GNU C Library: Shared libraries
 libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized)
 libc6.1-dbg - Embedded GNU C Library: detached debugging symbols
 libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files
 libc6.1-pic - Embedded GNU C Library: PIC archive library
 libc6.1-prof - Embedded GNU C Library: Profiling Libraries
 libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
 libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb)
 libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb)
 locales    - Embedded GNU C Library: National Language (locale) data [support]
 locales-all - Embedded GNU C Library: Precompiled locale data
 nscd       - Embedded GNU C Library: Name Service Cache Daemon
Changes: 
 eglibc (2.11.3-4+deb6u2) squeeze-lts; urgency=medium
 .
   * Non-maintainer upload by the Squeeze LTS Team.
   * CVE-2012-6656:
     Fix validation check when converting from ibm930 to utf.
     When converting IBM930 code with iconv(), if IBM930 code which
     includes invalid multibyte character "0xffff" is specified, then
     iconv() segfaults.
   * CVE-2014-6040:
     Crashes on invalid input in IBM gconv modules [BZ #17325]
     These changes are based on the fix for BZ #14134 in commit
     6e230d11837f3ae7b375ea69d7905f0d18eb79e5.
   * CVE-2014-7817:
     The function wordexp() fails to properly handle the WRDE_NOCMD
     flag when processing arithmetic inputs in the form of "$((... ``))"
     where "..." can be anything valid. The backticks in the arithmetic
     epxression are evaluated by in a shell even if WRDE_NOCMD forbade
     command substitution. This allows an attacker to attempt to pass
     dangerous commands via constructs of the above form, and bypass
     the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
     in exec_comm(), the only place that can execute a shell. All other
     checks for WRDE_NOCMD are superfluous and removed.
Checksums-Sha1: 
 e3a65ffc9a6ac73bb2bbda968909e29c23729d6f 3398 eglibc_2.11.3-4+deb6u2.dsc
 946ce1056c3b8a4f6cc908a6a7f8600dcc81216b 22677499 eglibc_2.11.3.orig.tar.gz
 38f9032321cd4ba24132da4ebf5c225a342a0a5d 925660 eglibc_2.11.3-4+deb6u2.diff.gz
 b9f00db441d457c8e29c23f381517742596a0541 1852740 
glibc-doc_2.11.3-4+deb6u2_all.deb
 2bd4f679783d80f941b6557ad0bd0592f94d0a6e 11052794 
eglibc-source_2.11.3-4+deb6u2_all.deb
 7fb4c1d1159e9522019c7772b0bf1d64335181f5 4756850 
locales_2.11.3-4+deb6u2_all.deb
 22178364d97349a132bf8da3ad705ca3c58db7bb 4267216 
libc6_2.11.3-4+deb6u2_amd64.deb
 e384f5bf1af6af06f8deb54aa3010dba13588471 2588748 
libc6-dev_2.11.3-4+deb6u2_amd64.deb
 e53376889838e4860a72613942e1fbea1ed1e50a 2036110 
libc6-prof_2.11.3-4+deb6u2_amd64.deb
 31599e95a032a610e15d15cef57d4b49f5dc630a 1548750 
libc6-pic_2.11.3-4+deb6u2_amd64.deb
 dfa2c9db3beeb856c87494b4cbe3c4c7258741c9 750600 
libc-bin_2.11.3-4+deb6u2_amd64.deb
 a4cf8b498e779a35dba64212cad6f026f48ff027 210970 
libc-dev-bin_2.11.3-4+deb6u2_amd64.deb
 95ca3df12b868b342f9768680a609dd0adf1cbbb 3686424 
locales-all_2.11.3-4+deb6u2_amd64.deb
 7e8c4af8108961aa2baf9f1dafada65608d0f076 3804390 
libc6-i386_2.11.3-4+deb6u2_amd64.deb
 b6b8652c71ca800df37a94eaf29e6ad434cb0d10 1527380 
libc6-dev-i386_2.11.3-4+deb6u2_amd64.deb
 85d28435be61e8bd7417d49979a804f1bfbd1de4 198972 nscd_2.11.3-4+deb6u2_amd64.deb
 7b2b5a4a4cf48f97b9befde06c5e71cc20441a15 10387362 
libc6-dbg_2.11.3-4+deb6u2_amd64.deb
 300b229a1a85db5ab067b515b7a2592a25469dfa 1152118 
libc6-udeb_2.11.3-4+deb6u2_amd64.udeb
 85355f74333ef852a3818d9bbfdef48877a91a1b 11114 
libnss-dns-udeb_2.11.3-4+deb6u2_amd64.udeb
 ea6c0b4bfd5aeecefb792f05d121b0d12c0e9696 20146 
libnss-files-udeb_2.11.3-4+deb6u2_amd64.udeb
Checksums-Sha256: 
 19b515a020213c444a91076607c4bce9ce6e9310a7fd297df95cd8aaf6eb4c32 3398 
eglibc_2.11.3-4+deb6u2.dsc
 86468e94516b84c586b0f5c78c5b2361474698a7619f465091b1a61f0ae134af 22677499 
eglibc_2.11.3.orig.tar.gz
 70042152f5b262b8524aa8abeda4c9249b7c6a46a4e800ac80f427dafda8f5ab 925660 
eglibc_2.11.3-4+deb6u2.diff.gz
 e87e247b1efbe035597a97824564b71177cd12f0efbbb83378222e8623f5b102 1852740 
glibc-doc_2.11.3-4+deb6u2_all.deb
 6884f46a5affe42ccd1e26621f1f3953c79fc4b401cef60ed1b6075c3d69f457 11052794 
eglibc-source_2.11.3-4+deb6u2_all.deb
 c745681d4d5df9aaa768e6545dce412fc6de614316b27753bcbc946665b3a1ae 4756850 
locales_2.11.3-4+deb6u2_all.deb
 382b0724f578cbd1cca0a050eb80c9952e157b07c972668a3ff6556665569577 4267216 
libc6_2.11.3-4+deb6u2_amd64.deb
 6503387c21e98eff1873f7f61c26aaf65a12c6524d3db06789c0e0e26eec314a 2588748 
libc6-dev_2.11.3-4+deb6u2_amd64.deb
 d2b4ec0f3d82131296fbe3c698fbfdcad2e65adf6fad556b3c1a6aa9c316d0d6 2036110 
libc6-prof_2.11.3-4+deb6u2_amd64.deb
 44fe9602f28cb24bcab5d8e49e0307ad5f227598ecf155f1ce80a15936862020 1548750 
libc6-pic_2.11.3-4+deb6u2_amd64.deb
 5c4efd876e52cf3bb0ba34ef66ae9ab6c92b6fe7bdbc444b90967ee857e02506 750600 
libc-bin_2.11.3-4+deb6u2_amd64.deb
 8b05051fc2c473041885686d4e393407ff4819787431375e319be1033a3c2c91 210970 
libc-dev-bin_2.11.3-4+deb6u2_amd64.deb
 d46d7a66a0d35fb992581b1ee0bbd7dd56ed6f276bcaa549dbb240facf598554 3686424 
locales-all_2.11.3-4+deb6u2_amd64.deb
 715a284b9fd9a98cdf15630c395cc026cbfe429421d38ae09c5b2d1cf250ac35 3804390 
libc6-i386_2.11.3-4+deb6u2_amd64.deb
 ab8026920f5cfbe31848810b75409196710dfec56d2efa980517d74accf85efb 1527380 
libc6-dev-i386_2.11.3-4+deb6u2_amd64.deb
 54d092d515475256d009d728bb42221f5a39f59a9fb714dd4ffb6876bf1babe3 198972 
nscd_2.11.3-4+deb6u2_amd64.deb
 18bb27990f31140721cc379c62a94e62f4c74ab0d2cea20c043d9401f72d0200 10387362 
libc6-dbg_2.11.3-4+deb6u2_amd64.deb
 b6eac610bb1652decefb804d2eb89fd0545bfcf4458f23efa49f88025894e5da 1152118 
libc6-udeb_2.11.3-4+deb6u2_amd64.udeb
 4d2cdd85ff5bbb1e136f159855048f8599d2a7e64d4463f6d20b5d0e98a93fbd 11114 
libnss-dns-udeb_2.11.3-4+deb6u2_amd64.udeb
 72c9835be88c44dee866b62ef2815e73a39f65a61e8504836d54795849843903 20146 
libnss-files-udeb_2.11.3-4+deb6u2_amd64.udeb
Files: 
 4719d6fac698acc38b307690e18bd1b6 3398 libs required eglibc_2.11.3-4+deb6u2.dsc
 dd8e9ddf5a3d62209d2ef113888d0899 22677499 libs required 
eglibc_2.11.3.orig.tar.gz
 bdd308ea209b7a71668941eac4e4af32 925660 libs required 
eglibc_2.11.3-4+deb6u2.diff.gz
 c6b8d36a3ec265ca363f46b0b5c02d7e 1852740 doc optional 
glibc-doc_2.11.3-4+deb6u2_all.deb
 bc06506814c59af1375262d6ad94f354 11052794 devel optional 
eglibc-source_2.11.3-4+deb6u2_all.deb
 21b19e3e1aba02134255485036c61d11 4756850 localization standard 
locales_2.11.3-4+deb6u2_all.deb
 5a72e463f373314f5b3864c09cf757e0 4267216 libs required 
libc6_2.11.3-4+deb6u2_amd64.deb
 aa5e0d985970618c255f187ea63324d2 2588748 libdevel optional 
libc6-dev_2.11.3-4+deb6u2_amd64.deb
 8b8484ebe2e43d8882271d86ac751944 2036110 libdevel extra 
libc6-prof_2.11.3-4+deb6u2_amd64.deb
 232c28fcc01f2be336973819be0a1e7a 1548750 libdevel optional 
libc6-pic_2.11.3-4+deb6u2_amd64.deb
 afcb31f82ab3e49acd6f70eb0be51907 750600 libs required 
libc-bin_2.11.3-4+deb6u2_amd64.deb
 ce5ce424471e4c2cef11277be9bc5675 210970 libdevel optional 
libc-dev-bin_2.11.3-4+deb6u2_amd64.deb
 2b6141092e4f86280dff4b59ba2c3740 3686424 localization extra 
locales-all_2.11.3-4+deb6u2_amd64.deb
 925d877a4d7719ad91a3dba40de348bb 3804390 libs optional 
libc6-i386_2.11.3-4+deb6u2_amd64.deb
 98772c0ea638d20c9c56600f77cf868b 1527380 libdevel optional 
libc6-dev-i386_2.11.3-4+deb6u2_amd64.deb
 13badb38298696b64cd080c62e6775e5 198972 admin optional 
nscd_2.11.3-4+deb6u2_amd64.deb
 c6e6787ce6e6542db44adfaefca9711a 10387362 debug extra 
libc6-dbg_2.11.3-4+deb6u2_amd64.deb
 644480f24b3a67bf852b52e580d05982 1152118 debian-installer extra 
libc6-udeb_2.11.3-4+deb6u2_amd64.udeb
 7c91d857aa6d92999146a97805c4af8e 11114 debian-installer extra 
libnss-dns-udeb_2.11.3-4+deb6u2_amd64.udeb
 f1bee76204cc0b03920d7e13b9aa80de 20146 debian-installer extra 
libnss-files-udeb_2.11.3-4+deb6u2_amd64.udeb
Package-Type: udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJUdeauXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHGgoP/R2kqxnK5FFA2yTyxeJYiUwG
ad/NyHVFv3eNscaU67Kf4+uqQwZfr+mut0M2wmNWdrh8FPPCrMp7rnoZ/N69lcjU
pB9EN8b4IIjesNxmgLQeyQIlvg7g+hPOOmAbJIFupjBDNHeKzSLezCQI+L3gc103
SRKe7cY3WmwyA/PFPnd0wrgNCobXJ+x8OgevgWOTBlbIfbd7iFrsAoS3xomnI9Hp
igjrTr2VJ1uuvI1tqK5TUAb+R/7k8nDKFsVM169w0ly24fmcYlQhtfQKoeVokRgA
2Bh2qqHnISsXGh6Sp0hDt7zMSwp0lBOhPL0Pt7ezB96YAMR/EfAskSGhdtMdpMv2
rktZ0OVKVx4S9B/zeVB9m7DKWOqEIBjBIHgDbAlS/e7rbfFlbuBG9vNQn97aKGAQ
5UZmmhqRwP0/djTQ4aBloPIV6mOaQLD0SFePt8Rkc/Rh21b+gcG5Ixe6ryDuIdz+
nx9j1Qwn8Dd0p0rqIoXZEsG/tGF9abYIzsN2HbyDUqzxbSByjnL6LqR6Fo4pY8Vt
zSrU6sS0ZLB6pHI4+mPpXCNkfVTvE+YOENsh8NbKvfRH14DDzgnqXuQisl5r1iST
6GSnROsY7Ca0pffefl9GxF+9Qgava6GjQV2PfMYf7HtkiOyvBXxh2LL+C8RTYqlq
1rlShgwfpaleU3mtj7yc
=y9vp
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/e1xumqi-0008pr...@franck.debian.org