Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Dear release team, The glibc package in version 2.28-9 currently in sid mostly updates the git-updates.diff patch to the latest upstream stable branch: - Fix security issue CVE-2019-9169. - Support for the new Reiwa era to the ja_JP which seems to be something quite important for Japanese people. - Support for vector instructions related hwcap on s390x to allow one to provide shared libraries (not) tuned for the corresponding platforms. - Fix for a riscv specific issue in a file which is not used on other architectures, so with no risk for them. - Fix for memusagestat's Makefile related code, which has no impact on the generated code. In addition to that it includes a fix for a bug in dlopen introduced by an arm patch, but affecting all architectures. I believe that all the above changes are suitable for buster. If you agree, could you please unblock package glibc: unblock glibc/2.28-9 Thanks, Aurelien -- System Information: Debian Release: buster/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-4-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
diff --git a/debian/changelog b/debian/changelog index 24a46054..711bb67a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,18 @@ +glibc (2.28-9) unstable; urgency=medium + + [ Aurelien Jarno ] + * debian/patches/git-updates.diff: update from upstream stable branch: + - Fix heap-based buffer over-read in regular-expression matching + (CVE-2019-9169). Closes: #924612. + - Add entry for the new Japanese era to the ja_JP locale. Closes: + #927914. + + [ Adam Conrad ] + * debian/patches/arm/unsubmitted-ldso-abi-check.diff: Fix rtld segv in + dl_open() introduced via merge with upstream at 2.28 (LP: #1821677) + + -- Aurelien Jarno <aure...@debian.org> Thu, 25 Apr 2019 21:12:03 +0200 + glibc (2.28-8) unstable; urgency=medium [ Aurelien Jarno ] diff --git a/debian/patches/arm/unsubmitted-ldso-abi-check.diff b/debian/patches/arm/unsubmitted-ldso-abi-check.diff index 6c78c674..8a7cab12 100644 --- a/debian/patches/arm/unsubmitted-ldso-abi-check.diff +++ b/debian/patches/arm/unsubmitted-ldso-abi-check.diff @@ -222,10 +222,10 @@ if (ph->p_type == PT_NOTE && ph->p_filesz >= 32 && ph->p_align >= 4) { ElfW(Addr) size = ph->p_filesz; -@@ -1751,6 +1955,21 @@ +@@ -1751,6 +1955,20 @@ + + break; } - free (abi_note_malloced); - } + if (-1 != fd) + { + int error = arch_specific_checks(fd, name, ehdr); @@ -239,8 +239,7 @@ + goto call_lose; + } + } -+ -+ } ++ } + free (abi_note_malloced); + } - return fd; - } diff --git a/debian/patches/git-updates.diff b/debian/patches/git-updates.diff index 50d4962c..a6722cc9 100644 --- a/debian/patches/git-updates.diff +++ b/debian/patches/git-updates.diff @@ -1,10 +1,44 @@ GIT update of https://sourceware.org/git/glibc.git/release/2.28/master from glibc-2.28 diff --git a/ChangeLog b/ChangeLog -index 08b42bd2f5..42fe0aeb1e 100644 +index 08b42bd2f5..609d5c1b19 100644 --- a/ChangeLog +++ b/ChangeLog -@@ -1,3 +1,784 @@ +@@ -1,3 +1,818 @@ ++2019-04-24 Mike Frysinger <vap...@gentoo.org> ++ ++ [BZ #18465] ++ * malloc/Makefile (others): Add memusagestat. ++ ($(objpfx)memusagestat): Delete rule. ++ (LDLIBS-memusagestat): New variable. ++ ++2019-04-03 TAMUKI Shoichi <tam...@linet.gr.jp> ++ ++ [BZ #22964] ++ * localedata/locales/ja_JP (LC_TIME): Add entry for the new Japanese ++ era. ++ ++2019-03-21 Stefan Liebler <s...@linux.ibm.com> ++ ++ * sysdeps/s390/dl-procinfo.h (HWCAP_IMPORTANT): ++ Add HWCAP_S390_VX and HWCAP_S390_VXE. ++ ++2019-01-31 Paul Eggert <egg...@cs.ucla.edu> ++ ++ CVE-2019-9169 ++ regex: fix read overrun [BZ #24114] ++ Problem found by AddressSanitizer, reported by Hongxu Chen in: ++ https://debbugs.gnu.org/34140 ++ * posix/regexec.c (proceed_next_node): ++ Do not read past end of input buffer. ++ ++2018-11-07 Andreas Schwab <sch...@suse.de> ++ ++ [BZ #23864] ++ * sysdeps/unix/sysv/linux/riscv/kernel-features.h ++ (__ASSUME_SET_ROBUST_LIST) [__LINUX_KERNEL_VERSION < 0x041400]: ++ Undef. ++ +2018-09-21 Adhemerval Zanella <adhemerval.zane...@linaro.org> + + * NEWS: Add note about new TLE support on powerpc64le. @@ -807,15 +841,19 @@ index 608ffe648c..f5e81bdf5d 100644 # We might want to compile with some stack-protection flag. ifneq ($(stack-protector),) diff --git a/NEWS b/NEWS -index 154ab22d7c..60b15116d6 100644 +index 154ab22d7c..e8030d499a 100644 --- a/NEWS +++ b/NEWS -@@ -5,6 +5,77 @@ See the end for copying conditions. +@@ -5,6 +5,87 @@ See the end for copying conditions. Please send GNU C library bug reports via <https://sourceware.org/bugzilla/> using `glibc' in the "product" field. +Version 2.28.1 + ++Major new features: ++ ++* The entry for the new Japanese era has been added for ja_JP locale. ++ +Deprecated and removed features, and other changes affecting compatibility: + +* For powercp64le ABI, Transactional Lock Elision is now enabled iff kernel @@ -829,6 +867,7 @@ index 154ab22d7c..60b15116d6 100644 + +The following bugs are resolved with this release: + ++ [18465] memusagestat: use local glibc when linking + [19444] build failures with -O1 due to -Wmaybe-uninitialized + [20018] getaddrinfo should reject IP addresses with trailing characters + [20209] localedata: Spelling mistake for Sunday in Greenlandic kl_GL @@ -848,6 +887,7 @@ index 154ab22d7c..60b15116d6 100644 + [23717] Fix stack overflow in stdlib/tst-setcontext9 + [23821] si_band in siginfo_t has wrong type long int on sparc64 + [23822] ia64 static libm.a is missing exp2f, log2f and powf symbols ++ [23864] libc: [riscv] missing kernel-features.h undefines + [23844] pthread_rwlock_trywrlock results in hang + [23927] Linux if_nametoindex() does not close descriptor (CVE-2018-19591) + [23972] __old_getdents64 uses wrong d_off value on overflow @@ -884,11 +924,15 @@ index 154ab22d7c..60b15116d6 100644 + CVE-2016-10739: The getaddrinfo function could successfully parse IPv4 + addresses with arbitrary trailing characters, potentially leading to data + or command injection issues in applications. ++ ++ CVE-2019-9169: Attempted case-insensitive regular-expression match ++ via proceed_next_node in posix/regexec.c leads to heap-based buffer ++ over-read. Reported by Hongxu Chen. + Version 2.28 Major new features: -@@ -422,6 +493,8 @@ The following bugs are resolved with this release: +@@ -422,6 +503,8 @@ The following bugs are resolved with this release: [23459] libc: COMMON_CPUID_INDEX_80000001 isn't populated for Intel processors [23467] dynamic-link: x86/CET: A property note parser bug @@ -1282,6 +1326,21 @@ index 9322ef68da..63f5227760 100644 +#define TIMEOUT 100 #define PREPARE prepare #include <support/test-driver.c> +diff --git a/localedata/locales/ja_JP b/localedata/locales/ja_JP +index 1fd2fee44b..30190b6248 100644 +--- a/localedata/locales/ja_JP ++++ b/localedata/locales/ja_JP +@@ -14946,7 +14946,9 @@ am_pm "<U5348><U524D>";"<U5348><U5F8C>" + + t_fmt_ampm "%p%I<U6642>%M<U5206>%S<U79D2>" + +-era "+:2:1990//01//01:+*:<U5E73><U6210>:%EC%Ey<U5E74>";/ ++era "+:2:2020//01//01:+*:<U4EE4><U548C>:%EC%Ey<U5E74>";/ ++ "+:1:2019//05//01:2019//12//31:<U4EE4><U548C>:%EC<U5143><U5E74>";/ ++ "+:2:1990//01//01:2019//04//30:<U5E73><U6210>:%EC%Ey<U5E74>";/ + "+:1:1989//01//08:1989//12//31:<U5E73><U6210>:%EC<U5143><U5E74>";/ + "+:2:1927//01//01:1989//01//07:<U662D><U548C>:%EC%Ey<U5E74>";/ + "+:1:1926//12//25:1926//12//31:<U662D><U548C>:%EC<U5143><U5E74>";/ diff --git a/localedata/locales/kl_GL b/localedata/locales/kl_GL index 5ab14a31aa..5723ce7dcf 100644 --- a/localedata/locales/kl_GL @@ -1301,7 +1360,7 @@ index 5ab14a31aa..5723ce7dcf 100644 "marlunngorneq";/ "pingasunngorneq";/ diff --git a/malloc/Makefile b/malloc/Makefile -index 7d54bad866..388cf7e9ee 100644 +index 7d54bad866..228a1279a5 100644 --- a/malloc/Makefile +++ b/malloc/Makefile @@ -38,6 +38,7 @@ tests := mallocbug tst-malloc tst-valloc tst-calloc tst-obstack \ @@ -1312,6 +1371,24 @@ index 7d54bad866..388cf7e9ee 100644 tests-static := \ tst-interpose-static-nothread \ +@@ -130,6 +131,7 @@ ifneq ($(cross-compiling),yes) + # If the gd library is available we build the `memusagestat' program. + ifneq ($(LIBGD),no) + others: $(objpfx)memusage ++others += memusagestat + install-bin = memusagestat + install-bin-script += memusage + generated += memusagestat memusage +@@ -153,8 +155,7 @@ cpp-srcs-left := $(memusagestat-modules) + lib := memusagestat + include $(patsubst %,$(..)libof-iterator.mk,$(cpp-srcs-left)) + +-$(objpfx)memusagestat: $(memusagestat-modules:%=$(objpfx)%.o) +- $(LINK.o) -o $@ $^ $(libgd-LDFLAGS) -lgd -lpng -lz -lm ++LDLIBS-memusagestat = $(libgd-LDFLAGS) -lgd -lpng -lz -lm + + ifeq ($(run-built-tests),yes) + ifeq (yes,$(build-shared)) diff --git a/malloc/malloc.c b/malloc/malloc.c index e247c77b7d..27cf6137c2 100644 --- a/malloc/malloc.c @@ -4299,6 +4376,23 @@ index 7f0083b918..b10588f1cc 100644 { wchar_t wcu = __towupper (wc); if (wcu != wc) +diff --git a/posix/regexec.c b/posix/regexec.c +index 73644c2341..06b8487c3e 100644 +--- a/posix/regexec.c ++++ b/posix/regexec.c +@@ -1289,8 +1289,10 @@ proceed_next_node (const re_match_context_t *mctx, Idx nregs, regmatch_t *regs, + else if (naccepted) + { + char *buf = (char *) re_string_get_buffer (&mctx->input); +- if (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx, +- naccepted) != 0) ++ if (mctx->input.valid_len - *pidx < naccepted ++ || (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx, ++ naccepted) ++ != 0)) + return -1; + } + } diff --git a/posix/tst-regcomp-truncated.c b/posix/tst-regcomp-truncated.c new file mode 100644 index 0000000000..a4a1581bbc @@ -7940,6 +8034,20 @@ index d8ba7ba427..ecb24f0a9b 100644 } #endif /* dl-irel.h */ +diff --git a/sysdeps/s390/dl-procinfo.h b/sysdeps/s390/dl-procinfo.h +index b0383bfb4c..f71d64c3ab 100644 +--- a/sysdeps/s390/dl-procinfo.h ++++ b/sysdeps/s390/dl-procinfo.h +@@ -57,7 +57,8 @@ enum + }; + + #define HWCAP_IMPORTANT (HWCAP_S390_ZARCH | HWCAP_S390_LDISP \ +- | HWCAP_S390_EIMM | HWCAP_S390_DFP) ++ | HWCAP_S390_EIMM | HWCAP_S390_DFP \ ++ | HWCAP_S390_VX | HWCAP_S390_VXE) + + /* We cannot provide a general printing function. */ + #define _dl_procinfo(type, word) -1 diff --git a/sysdeps/sparc/sparc32/dl-irel.h b/sysdeps/sparc/sparc32/dl-irel.h index ffca36864f..cf47cda834 100644 --- a/sysdeps/sparc/sparc32/dl-irel.h @@ -8561,6 +8669,19 @@ index d612ef4c6c..0b2042620b 100644 typedef int (*func_type) (void *, void *, unsigned long int); +diff --git a/sysdeps/unix/sysv/linux/riscv/kernel-features.h b/sysdeps/unix/sysv/linux/riscv/kernel-features.h +index 37f4d99a92..d21c824624 100644 +--- a/sysdeps/unix/sysv/linux/riscv/kernel-features.h ++++ b/sysdeps/unix/sysv/linux/riscv/kernel-features.h +@@ -21,3 +21,8 @@ + + #undef __ASSUME_CLONE_DEFAULT + #define __ASSUME_CLONE_BACKWARDS 1 ++ ++/* No support for PI mutexes or robust futexes before 4.20. */ ++#if __LINUX_KERNEL_VERSION < 0x041400 ++# undef __ASSUME_SET_ROBUST_LIST ++#endif diff --git a/sysdeps/unix/sysv/linux/s390/force-elision.h b/sysdeps/unix/sysv/linux/s390/force-elision.h index d8a1b9972f..71f32367dd 100644 --- a/sysdeps/unix/sysv/linux/s390/force-elision.h