Processed: bug 681888 is forwarded to https://sourceware.org/bugzilla/show_bug.cgi?id=16617
Processing commands for cont...@bugs.debian.org:
forwarded 681888 https://sourceware.org/bugzilla/show_bug.cgi?id=16617
Bug #681888 {Done: Aurelien Jarno aure...@debian.org} [src:glibc]
CVE-2012-3406: glibc formatted printing vulnerabilities
Set Bug forwarded-to-address to
'https://sourceware.org/bugzilla/show_bug.cgi?id=16617'.
thanks
Stopping processing here.
Please contact me if you need assistance.
--
681888: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681888
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
https://lists.debian.org/handler.s.c.142505741627017.transcr...@bugs.debian.org
Bug#779294: /usr/bin/python: /lib/i386-linux-gnu/libc.so.6: version `GLIBC_2.15' not found (required by /usr/bin/python)
Control: reassign -1 apt,python2.7,libc6 Control: tags -1 jessie [putting the apt maintainers into the loop, perhaps they can tell us why this is happening] On 2015-02-26 18:33, Matthias Klose wrote: On 02/26/2015 06:01 PM, Andreas Beckmann wrote: during a test with piuparts I noticed a failure to upgrade from 'wheezy'. I'm not exactly sure which package to blame. This happened on i386, I cannot reproduce it on amd64. The package being tested was lsb-desktop, but it can probably show up elsewhere as well. From the attached log (scroll to the bottom...): (Reading database ... 18847 files and directories currently installed.) Preparing to replace libpython2.7 2.7.3-6+deb7u2 (using .../libpython2.7_2.7.8-11_i386.deb) ... Unpacking replacement libpython2.7:i386 ... Preparing to replace python2.7 2.7.3-6+deb7u2 (using .../python2.7_2.7.8-11_i386.deb) ... Unpacking replacement python2.7 ... Preparing to replace python2.7-minimal 2.7.3-6+deb7u2 (using .../python2.7-minimal_2.7.8-11_i386.deb) ... Unpacking replacement python2.7-minimal ... dpkg: warning: unable to delete old directory '/etc/python2.7': Directory not empty Selecting previously unselected package libpython2.7-minimal:i386. Unpacking libpython2.7-minimal:i386 (from .../libpython2.7-minimal_2.7.8-11_i386.deb) ... Preparing to replace debconf 1.5.49 (using .../debconf_1.5.55_all.deb) ... /usr/bin/python: /lib/i386-linux-gnu/libc.so.6: version `GLIBC_2.15' not found (required by /usr/bin/python) dpkg: warning: subprocess old pre-removal script returned error exit status 1 dpkg: trying script from the new package instead ... /usr/bin/python: /lib/i386-linux-gnu/libc.so.6: version `GLIBC_2.15' not found (required by /usr/bin/python) dpkg: error processing /var/cache/apt/archives/debconf_1.5.55_all.deb (--unpack): subprocess new pre-removal script returned error exit status 1 /usr/bin/python: /lib/i386-linux-gnu/libc.so.6: version `GLIBC_2.15' not found (required by /usr/bin/python) dpkg: error while cleaning up: subprocess installed post-installation script returned error exit status 1 Processing triggers for man-db ... Errors were encountered while processing: /var/cache/apt/archives/debconf_1.5.55_all.deb This looks a bit like python was unpacked before the new glibc. debconf calls pycompile (and python). It looks like this kind of thing can happen with any binary which needs the new glibc, and in this case it hits python. -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54f0c2c6.9070...@debian.org
Processed: Re: Bug#779294: /usr/bin/python: /lib/i386-linux-gnu/libc.so.6: version `GLIBC_2.15' not found (required by /usr/bin/python)
Processing control commands: reassign -1 apt,python2.7,libc6 Bug #779294 [python2.7,libc6] /usr/bin/python: /lib/i386-linux-gnu/libc.so.6: version `GLIBC_2.15' not found (required by /usr/bin/python) Bug reassigned from package 'python2.7,libc6' to 'apt,python2.7,libc6'. No longer marked as found in versions 2.7.8-11. Ignoring request to alter fixed versions of bug #779294 to the same values previously set tags -1 jessie Bug #779294 [apt,python2.7,libc6] /usr/bin/python: /lib/i386-linux-gnu/libc.so.6: version `GLIBC_2.15' not found (required by /usr/bin/python) Added tag(s) jessie. -- 779294: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=779294 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/handler.s.b779294.14250646505960.transcr...@bugs.debian.org
Re: squeeze update of eglibc?
On Mon, 2015-02-23 at 11:54 +0100, Raphael Hertzog wrote: Hello dear maintainer(s), the Debian LTS team would like to fix the security issues which are currently open in the Squeeze version of your package: https://security-tracker.debian.org/tracker/source-package/eglibc Would you like to take care of this yourself? If yes, please follow the workflow we have defined here: http://wiki.debian.org/LTS/Development [...] I've now claimed this, but as there are many issues and (e)glibc is a complex package I would be quite happy to hand over to the regular maintainers, or to share the work via a public repository. Ben. -- Ben Hutchings It is easier to write an incorrect program than to understand a correct one. signature.asc Description: This is a digitally signed message part
Bug#779392: libc6: regexec.c:1401: pop_fail_stack: Assertion `num = 0' failed
Package: libc6
Version: 2.19-15
Tags: security
Usertags: afl
The attached test program, which compiles an invalid regexp and then
tries to match a string against it, triggers an assertion:
$ make CFLAGS=-Wall pop_fail_stack
cc -Wallpop_fail_stack.c -o pop_fail_stack
$ ./pop_fail_stack
pop_fail_stack: regexec.c:1401: pop_fail_stack: Assertion `num = 0' failed.
Aborted
This bug was found using American fuzzy lop:
http://lcamtuf.coredump.cx/afl/
(available in Debian experimental)
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'experimental')
Architecture: i386 (x86_64)
Foreign Architectures: amd64
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages libc6 depends on:
ii libgcc1 1:5-20150226-1
Versions of packages libc6 recommends:
ii libc6-i686 2.19-15
Versions of packages libc6 suggests:
ii debconf [debconf-2.0] 1.5.55
ii glibc-doc 2.19-15
ii locales2.19-15
--
Jakub Wilk
#include assert.h
#include regex.h
#include stdio.h
int main(int argc, char **argv)
{
int rc;
regex_t preg;
regmatch_t pmatch[2];
rc = regcomp(preg, ()*)|\\1)*, REG_EXTENDED);
assert(rc == 0);
regexec(preg, , 2, pmatch, 0);
regfree(preg);
return 0;
}
