[Git][glibc-team/glibc][bullseye] 7 commits: debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.patch: Fix out-of-bound...

Tue, 23 Jul 2024 14:21:51 -0700 


Aurelien Jarno pushed to branch bullseye at GNU Libc Maintainers / glibc


Commits:
4287f06c by Aurelien Jarno at 2024-04-19T22:00:14+02:00
debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.patch: Fix out-of-bound 
writes when writing escape sequence in iconv ISO-2022-CN-EXT module 
(CVE-2024-2961).  Closes: #1069191.

- - - - -
6ad1212b by Aurelien Jarno at 2024-04-19T22:40:42+02:00
releasing package glibc version 2.31-13+deb11u9

- - - - -
08dcff14 by Aurelien Jarno at 2024-04-30T23:22:04+02:00
debian/patches/local-CVE-2024-33599-nscd.patch: Fix a stack-based buffer 
overflow in nscd netgroup cache (CVE-2024-33599).

- - - - -
b2d2f5f6 by Aurelien Jarno at 2024-04-30T23:22:51+02:00
debian/patches/local-CVE-2024-33600-nscd.patch: Fix a null pointer dereferences 
in nscd after failed netgroup cache insertion (CVE-2024-33600).

- - - - -
7344d1e3 by Aurelien Jarno at 2024-04-30T23:23:28+02:00
debian/patches/any/local-CVE-2024-33601-33602-nscd.patch: Fix a DoS in nscd in 
case of memory allocation failure (CVE-2024-33601) and a memory corruption in 
nscd when the underlying NSS callback function does not use the buffer space to 
store all strings (CVE-2024-33602).

- - - - -
b716d81b by Aurelien Jarno at 2024-04-30T23:57:25+02:00
releasing package glibc version 2.31-13+deb11u10

- - - - -
24531223 by Aurelien Jarno at 2024-07-23T23:21:11+02:00
debian/patches/git-updates.diff: update from upstream stable branch:

* debian/patches/git-updates.diff: update from upstream stable branch:
  - debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.patch: upstreamed.
  - debian/patches/any/local-CVE-2024-33599-nscd.patch: upstreamed.
  - debian/patches/any/local-CVE-2024-33600-nscd.patch: upstreamed.
  - debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: upstreamed.
  - Fixes ffsll() performance issue depending on code alignment.
  - Performance improvements for memcpy() on arm64.
  - Fixes y2038 regression in nscd following CVE-2024-33601 and
    CVE-2024-33602 fix.
  - Fix compatibility with make 4.4.
  - Fixes build with --enable-hardcoded-path-in-tests with newer linkers.

- - - - -


2 changed files:

- debian/changelog
- debian/patches/git-updates.diff


View it on GitLab: 
https://salsa.debian.org/glibc-team/glibc/-/compare/0b339949abdb41aa805b7ab1e137ce07f9cfa175...24531223e314de1d6e7af78ea5ee4fe711c521fc

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/glibc-team/glibc/-/compare/0b339949abdb41aa805b7ab1e137ce07f9cfa175...24531223e314de1d6e7af78ea5ee4fe711c521fc
You're receiving this email because of your account on salsa.debian.org.

Reply via email to