Adding [email protected] in the loop at it has an udeb package. On 2026-03-01 21:14, Aurelien Jarno wrote: > Package: release.debian.org > Severity: normal > Tags: trixie > X-Debbugs-Cc: [email protected] > Control: affects -1 + src:glibc > User: [email protected] > Usertags: pu > > [ Reason ] > The upstream stable branch received many fixes since the latest trixie > point release, and this update pulls them into the debian package. > > This includes most notably 3 security fixes, fixes for SVE math and > AdvSIMD functions and SME handling on arm64, fixes for AVX2/AVX512 > wmemset and Intel Nova and Wildcat processors support on amd64, and > fixes for POWER10 optimized rawmemchr and strcmp/strncmp functions on > ppc64el. > > [ Impact ] > In case the update isn't approved, systems will be left with a few > issues, including 3 security ones, and the differences with upstream > will increase. > > [ Tests ] > Most of the changes come with additional upstream tests, and the > testsuite has been improved with new tests and fixes. > > I also did manual test upgrading glibc with this version on an arm64 and > on a amd64 host. They rebooted fine and are still running fine. > > [ Risks ] > I believe the risks are low. While the number of changes is high than > usual, all of them have been in testing for more than a month, and some > of them even longer, and we haven't received any issue reports related > to them. > > [ Checklist ] > [x] *all* changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [x] attach debdiff against the package in (old)stable > [x] the issue is verified as fixed in unstable > > [ Changes ] > All the changes either come from the upstream stable branch, or are a > revert of these upstream changed and are summarized. Let me give a few > additional comments for some of them: > > - Fix a null pointer dereference in <ctype.h> macros in multithreaded > programs with multiple libc.so. > > => These are the corresponding bug in the upstream bugzilla: > https://sourceware.org/bugzilla/show_bug.cgi?id=19341 > https://sourceware.org/bugzilla/show_bug.cgi?id=32483 > > > - Fix a null pointer dereference in symbol lookup when the symbol version > hash value is zero. > > => This is the corresponding bug in the upstream bugzilla: > https://sourceware.org/bugzilla/show_bug.cgi?id=29190 > > > - Preserve vector registers in the i386 TLS slow path. > - Add GLIBC_ABI_GNU2_TLS and GLIBC_ABI_GNU_TLS symbol versions and i386. > - Add GLIBC_ABI_GNU2_TLS and GLIBC_ABI_DT_X86_64_PLT symbol versions on > amd64. > > => This is the tricky part of this new trixie-pu version and requires > some detailed explanations. It has been found that __tls_get_addr() > can corrupt the vector registers (XMM, YMM, ZMM) on i386. > Unfortunately the fix requires an ABI change with the linker. See: > https://sourceware.org/bugzilla/show_bug.cgi?id=32996 > > The GLIBC_ABI_GNU_TLS symbol version is therefore used to > 1) inform binutils that it can use the fixed ABI > 2) ensure that binaries built with the fixed ABI are only executed > with a glibc that supports this ABI. This makes possible to backport > the fix to older glibc version instead of requiring a newer glibc. > > The binutils version in Trixie doesn't use this symbol version, but > it could be that the fix get backported at some point (for instance > the change has been backported in the binutils upstream 2.45 branch) > or a binutils backport could be done. > > To add further complexity the dpkg-shlibdeps version in Trixie is not > able to handle symbol versions not associated with any symbol (see > #1122107), which causes issues like #1122038. > > Therefore the chosen approach is to keep the fix, but revert the > symbol version addition. This is the purpose of the patch > local-revert-i386-add-GLIBC_ABI_GNU_TLS-version.diff. > > > - Fix NSS group merge not reacting to ERANGE during merge. > > => This is the corresponding bug in the upstream bugzilla: > https://sourceware.org/bugzilla/show_bug.cgi?id=33361 > > > - Fix typo in wmemset ifunc selector that caused AVX2/AVX512 paths to be > skipped. > > => This is the corresponding bug in the upstream bugzilla: > https://sourceware.org/bugzilla/show_bug.cgi?id=33542 > > > - Fix incorrect return values and improve special case handling in arm64 > SVE pow/powf and tanpi/tanpif implementations. > > => These are the corresponding bug in the upstream bugzilla: > https://sourceware.org/bugzilla/show_bug.cgi?id=33299 > https://sourceware.org/bugzilla/show_bug.cgi?id=33642 > > > - Fix conform tests on arm64 when the toolchain does not default to > -mbranch-protection=standard. > > => This is the corresponding bug in the upstream bugzilla: > https://sourceware.org/bugzilla/show_bug.cgi?id=33601 > > > - Fix POWER optimized rawmemchr function on ppc64el. > > => This is the corresponding bug in the upstream bugzilla: > https://sourceware.org/bugzilla/show_bug.cgi?id=33091 > > - Optimize trylock for high cache contention workloads. > > => This is the corresponding bug in the upstream bugzilla: > https://sourceware.org/bugzilla/show_bug.cgi?id=33704 > > > * Revert addition of symbol versions used as ABI flags, as the > dpkg-shlibdeps version in trixie is not able to handle them (see > #1122107): > - local-revert-x86-64-add-GLIBC_ABI_DT_X86_64_PLT-version.diff > - local-revert-x86-64-add-GLIBC_ABI_GNU2_TLS-version.diff > - local-revert-i386-add-GLIBC_ABI_GNU2_TLS-version.diff > - local-revert-i386-add-GLIBC_ABI_GNU_TLS-version.diff > > => The same way as for the i386 TLS fix, ABI flags got backported in > the upstream tree for features and fixes which have already been > fixed. As dpkg-shlibdeps doesn't supported that, they are reverted by > the above patches.
-- Aurelien Jarno GPG: 4096R/1DDD8C9B [email protected] http://aurel32.net
