Bug#1016137: marked as done (glibc: several binary packages Suggests: libnss-nis package which has been removed from Debian)
Your message dated Mon, 8 Aug 2022 12:42:08 +0200 with message-id and subject line Re: Bug#1016137: glibc: several binary packages Suggests: libnss-nis package which has been removed from Debian has caused the Debian Bug report #1016137, regarding glibc: several binary packages Suggests: libnss-nis package which has been removed from Debian to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1016137: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016137 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Source: glibc Version: 2.33-7 Severity: minor X-Debbugs-Cc: awmcdan...@google.com Dear Maintainer, The binary packages libc6, libc6.1, libc0.3, and libc0.1 have the package libnss-nis on their Suggests: line. libnss-nis was removed from Debian testing in June - https://tracker.debian.org/pkg/libnss-nis -- System Information: Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.17.11-1rodete2-amd64 (SMP w/36 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/bash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled --- End Message --- --- Begin Message --- On 2022-07-27 16:45, Andrew McDaniel wrote: > Source: glibc > Version: 2.33-7 > Severity: minor > X-Debbugs-Cc: awmcdan...@google.com > > Dear Maintainer, > > The binary packages libc6, libc6.1, libc0.3, and libc0.1 have the package > libnss-nis on their Suggests: line. libnss-nis was removed from Debian > testing in June - https://tracker.debian.org/pkg/libnss-nis libnss-nis is back in testing, closing the bug. Regards Aurelien -- Aurelien Jarno GPG: 4096R/1DDD8C9B aurel...@aurel32.net http://www.aurel32.net--- End Message ---
[Git][glibc-team/glibc][sid] 2 commits: debian/control.in/libc: provides libc-dev as versioned.
Aurelien Jarno pushed to branch sid at GNU Libc Maintainers / glibc Commits: 7bf928c6 by Aurelien Jarno at 2022-08-08T12:36:11+02:00 debian/control.in/libc: provides libc-dev as versioned. - - - - - 8a526046 by Aurelien Jarno at 2022-08-08T12:55:45+02:00 debian/control.in/libc: Add breaks in libc6-dev against catch (<= 1.12.2-0.1). See: #993515. - - - - - 3 changed files: - debian/changelog - debian/control - debian/control.in/libc View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/compare/6ade97b3183d98a0bcd7461f904a68abfcd355d4...8a526046f2959f24122b0813fbe238ef6b960869 -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/compare/6ade97b3183d98a0bcd7461f904a68abfcd355d4...8a526046f2959f24122b0813fbe238ef6b960869 You're receiving this email because of your account on salsa.debian.org.
[Git][glibc-team/glibc][sid] debian/rules.d/debhelper.mk: Do not exclude libc.so and ld.so from...
Aurelien Jarno pushed to branch sid at GNU Libc Maintainers / glibc Commits: 388935e0 by Aurelien Jarno at 2022-08-08T14:31:18+02:00 debian/rules.d/debhelper.mk: Do not exclude libc.so and ld.so from dh_fixperms, explicitly change the permissions afterwards. Closes: #1010233. - - - - - 2 changed files: - debian/changelog - debian/rules.d/debhelper.mk View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/388935e0d5705176b63c02ee2fd01f0bba438501 -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/388935e0d5705176b63c02ee2fd01f0bba438501 You're receiving this email because of your account on salsa.debian.org.
Processed: Bug#1010233 marked as pending in glibc
Processing control commands: > tag -1 pending Bug #1010233 [src:glibc] glibc: reproducible builds: different file permissions on ld.so.conf* and others Added tag(s) pending. -- 1010233: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010233 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
[Git][glibc-team/glibc][sid] debian/control.in/libc: temporary remove the breaks against heimdal-multidev...
Aurelien Jarno pushed to branch sid at GNU Libc Maintainers / glibc Commits: 1ab5703a by Aurelien Jarno at 2022-08-08T14:33:22+02:00 debian/control.in/libc: temporary remove the breaks against heimdal-multidev to break the build-dependency loop between heimdal and openldap. - - - - - 3 changed files: - debian/changelog - debian/control - debian/control.in/libc View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/1ab5703acb736a5d8cfc24ee010bc9249c27bf6c -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/1ab5703acb736a5d8cfc24ee010bc9249c27bf6c You're receiving this email because of your account on salsa.debian.org.
[Git][glibc-team/glibc][sid] debian/testsuite-xfail-debian.mk: Update hurd-i386 xfails
Samuel Thibault pushed to branch sid at GNU Libc Maintainers / glibc Commits: 45c7222c by Samuel Thibault at 2022-08-08T14:46:04+02:00 debian/testsuite-xfail-debian.mk: Update hurd-i386 xfails - - - - - 2 changed files: - debian/changelog - debian/testsuite-xfail-debian.mk View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/45c7222c2594bf6f2f7ecad710a3b2a1ebf3777c -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/45c7222c2594bf6f2f7ecad710a3b2a1ebf3777c You're receiving this email because of your account on salsa.debian.org.
[Git][glibc-team/glibc][sid] debian/debhelper.in/libc-udeb.install: ship the dynamic linker in libc6-udeb.
Aurelien Jarno pushed to branch sid at GNU Libc Maintainers / glibc Commits: 253a7fa7 by Aurelien Jarno at 2022-08-08T15:23:37+02:00 debian/debhelper.in/libc-udeb.install: ship the dynamic linker in libc6-udeb. - - - - - 2 changed files: - debian/changelog - debian/debhelper.in/libc-udeb.install View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/253a7fa7586d6c5b49e296eb46dbff4faeb49cf4 -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/253a7fa7586d6c5b49e296eb46dbff4faeb49cf4 You're receiving this email because of your account on salsa.debian.org.
[Git][glibc-team/glibc][sid] releasing package glibc version 2.34-2
Aurelien Jarno pushed to branch sid at GNU Libc Maintainers / glibc Commits: c82ef5bb by Aurelien Jarno at 2022-08-08T15:24:04+02:00 releasing package glibc version 2.34-2 - - - - - 1 changed file: - debian/changelog View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/c82ef5bbb4c85595cdc0a8c3ba1b97699193faeb -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/c82ef5bbb4c85595cdc0a8c3ba1b97699193faeb You're receiving this email because of your account on salsa.debian.org.
[Git][glibc-team/glibc] Pushed new tag debian/2.34-2
Aurelien Jarno pushed new tag debian/2.34-2 at GNU Libc Maintainers / glibc -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/tree/debian/2.34-2 You're receiving this email because of your account on salsa.debian.org.
Processing of glibc_2.34-2_source.changes
glibc_2.34-2_source.changes uploaded successfully to localhost along with the files: glibc_2.34-2.dsc glibc_2.34-2.debian.tar.xz glibc_2.34-2_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org)
Bug#1010233: marked as done (glibc: reproducible builds: different file permissions on ld.so.conf* and others)
Your message dated Mon, 08 Aug 2022 13:51:05 +
with message-id
and subject line Bug#1010233: fixed in glibc 2.34-2
has caused the Debian Bug report #1010233,
regarding glibc: reproducible builds: different file permissions on ld.so.conf*
and others
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1010233: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010233
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: glibc
Severity: normal
Tags: patch
User: reproducible-bui...@lists.alioth.debian.org
Usertags: umask
X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
Changes in the experimental packaging cause the umask of the build user
to affect the permissions of numerous files that are excluded from the
dh_fixperms call:
https://tests.reproducible-builds.org/debian/rb-pkg/experimental/arm64/diffoscope-results/glibc.html
glibc-source_2.34-0experimental4_all.deb
-rw-r--r--···0·root ... ./usr/src/glibc/debian/local/etc/ld.so.conf
-rw-r--r--···0·root ...
./usr/src/glibc/debian/patches/any/local-ldconfig-ignore-ld.so.diff
vs.
-rw-rw-r--···0·root ... ./usr/src/glibc/debian/local/etc/ld.so.conf
-rw-rw-r--···0·root ...
./usr/src/glibc/debian/patches/any/local-ldconfig-ignore-ld.so.diff
libc-bin_2.34-0experimental4_arm64.deb
-rw-r--r--···0·root·(0)·root·(0)···34·2019-07-29·09:56:57.00·./etc/ld.so.conf
drwxr-xr-x···0·root·(0)·root·(0)0·2019-07-29·09:56:57.00·./etc/ld.so.conf.d/
-rw-r--r--···0·root·(0)·root·(0)···44·2019-07-29·09:56:57.00·./etc/ld.so.conf.d/libc.conf
vs.
-rw-rw-r--···0·root·(0)·root·(0)···34·2019-07-29·09:56:57.00·./etc/ld.so.conf
drwxrwxr-x···0·root·(0)·root·(0)0·2019-07-29·09:56:57.00·./etc/ld.so.conf.d/
-rw-rw-r--···0·root·(0)·root·(0)···44·2019-07-29·09:56:57.00·./etc/ld.so.conf.d/libc.conf
The attached patch fixes this by removing some exclusions from
dh_fixperms calls and explicitly marking the desired files as
executable.
The patch does appear to have some side-effects setting various library
files as executable that were not previously:
-rw-r--r-- root/root /lib32/libBrokenLocale.so.1
vs.
-rwxr-xr-x root/root /lib32/libBrokenLocale.so.1
Weather this is desireable or undesireable I'm not sure... further
adjustments could be made to fix this either way, of course.
With this patch applied, glibc should become reproducible on
tests.reproducible-builds.org again!
Thanks for maintaining glibc!
live well,
vagrant
From fec02c8f2ce43f4987899e842119f7a1bb2e16c0 Mon Sep 17 00:00:00 2001
From: Vagrant Cascadian
Date: Tue, 26 Apr 2022 18:48:16 +
Subject: [PATCH] debian/rules.d/debhelper.mk: Fix permissions on libc.so* and
ld.so* without excluding from dh_fixperms.
The dh_fixperms exclude was overly broad, catching /etc/ld.so.conf*
and other files, resulting in different permissions when built with
different umask.
https://tests.reproducible-builds.org/debian/issues/unstable/different_due_to_umask_issue.html
---
debian/rules.d/debhelper.mk | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/debian/rules.d/debhelper.mk b/debian/rules.d/debhelper.mk
index 3762ff85d..1ef90a834 100644
--- a/debian/rules.d/debhelper.mk
+++ b/debian/rules.d/debhelper.mk
@@ -52,11 +52,14 @@ endif
dh_compress -p$(curpass)
# Keep the setuid on pt_chown (non-Linux only).
- # libc.so prints useful version information when executed.
- dh_fixperms -p$(curpass) -Xpt_chown -Xlibc.so. -Xld.so
+ dh_fixperms -p$(curpass) -Xpt_chown
# Use this instead of -X to dh_fixperms so that we can use
# an unescaped regular expression. ld.so must be executable;
+ find debian/$(curpass) -type f -name ld.so -exec chmod a+x '{}' ';'
find debian/$(curpass) -type f -regex '.*/ld.*\.so\.[0-9]' -exec chmod a+x '{}' ';'
+ # libc.so prints useful version information when executed.
+ find debian/$(curpass) -type f -name libc.so -exec chmod a+x '{}' ';'
+ find debian/$(curpass) -type f -regex '.*/libc.*\.so\.[0-9]' -exec chmod a+x '{}' ';'
dh_makeshlibs -Xgconv/ -p$(curpass) -V "$(call xx,shlib_dep)"
# Add relevant udeb: lines in shlibs files
sh ./debian/shlibs-add-udebs $(curpass)
--
2.36.0
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: glibc
Source-Version: 2.34-2
Done: Aurelien Jarno
We believe that the bug you reported is fixed in the latest version of
glibc, which is due to be installed in the Debian FTP archive
glibc_2.34-2_source.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 08 Aug 2022 15:24:00 +0200 Source: glibc Architecture: source Version: 2.34-2 Distribution: unstable Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 1010233 Changes: glibc (2.34-2) unstable; urgency=medium . [ Aurelien Jarno ] * debian/patches/git-updates.diff: update from upstream stable branch. * debian/control.in/libc: provides libc-dev as versioned. * debian/control.in/libc: Add breaks in libc6-dev against catch (<= 1.12.2-0.1). See: #993515. * debian/rules.d/debhelper.mk: Do not exclude libc.so and ld.so from dh_fixperms, explicitly change the permissions afterwards. Closes: #1010233. * debian/control.in/libc: temporary remove the breaks against heimdal-multidev to break the build-dependency loop between heimdal and openldap. * debian/debhelper.in/libc-udeb.install: ship the dynamic linker in libc6-udeb. . [ Samuel Thibault ] * debian/testsuite-xfail-debian.mk: Update hurd-i386 xfails. Checksums-Sha1: c65bf9c71866ac17d7d42470828e62ab78e1349d 9673 glibc_2.34-2.dsc 3356fe8acdeb44ec930699d26b56a58282029f87 995120 glibc_2.34-2.debian.tar.xz ff6297083d353f45fc4a869dfdcc29d0005697df 9470 glibc_2.34-2_source.buildinfo Checksums-Sha256: e3afc547d31fe91cc0d4845f9d5ebdfe3fee26e0020e4780b957578c8eaf8c42 9673 glibc_2.34-2.dsc 8643c40d033c1146182e2895e5a86ae516bd6dc339846f85ea9bf035b968f02d 995120 glibc_2.34-2.debian.tar.xz f37c2940800fc69ed52c3c82ae6f16aa9753728c5598663537febd72c643ac3c 9470 glibc_2.34-2_source.buildinfo Files: 8b29f2b38a849f07b62c392ca0868110 9673 libs required glibc_2.34-2.dsc ce43c61363a01e6383cd45b5a64f48ba 995120 libs required glibc_2.34-2.debian.tar.xz 6e74c6ee13a872a901b46402d37edd68 9470 libs required glibc_2.34-2_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmLxEHEACgkQE4jA+Jno M2tJRg/+OdFzSWrNn7IxYh5NNmApsmx9iAJmwNzYmJDqe+42LjJKUUNCqrDSW6kg waApYaRD6MLJZtSLi+h0I0bSeMiMTus6tOYL+LEOGQUaH2RV8gmxzWUOEcH1wRQ8 lM7U4IKUaiJlBMt3wjMnx2Kla0gGDFeC+5CHGWrfr+iC3S7VTmdFinG3OwpRyjeB GBigLARdssFpqnv2TC+/gC2JgxJ4TMP+iuEoFRo0qdbFppgCHoCvenroUnN+O8xz eSch9/wx3cHWn6+hJd4OtTr0XNOEzOdQk99x4lGXmNgEC9PSmnJ7WGFW6v4NnXfV cpZsWHeTOzD6C3PwtltVhLFYSUlEV3MJVg8JkJVCkB+1YvHDsGlSDqIkSehRG55a F6f1oOw2lSEVaYmlU1NTkyUjpq6t1rqU6bwAO6Noqou48FRei8/se3+Y0Ha8MI5C lFxQTrUNJRraJfqPQr4nWzKrcrEDiZVYnNMe7snS/DZwmrTG8OwTqPeH8oPKzqVD TfIX2NHCbwzM8zBrpUS8CiXAH8B0pbjNuD3NagRZN3jopu/tCcppE23UQx4l6toz 1vdKu3ZJmT59e2qRHqs9HMjLe3MmAJE5JSW1l1qxBj9j7XlwgkU0Bx7h//iXd8Ru vqcmFfX/S4x8eZLU5AUMvXU1wjeiC+z/K+a2w0RoS6N7IPARL40= =tS27 -END PGP SIGNATURE- Thank you for your contribution to Debian.
Bug#1016868: libc6-udeb: dangling ld-linux symlink
Package: libc6-udeb
Version: 2.34-1
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: debian-b...@lists.debian.org
Hi,
Checking fil's report regarding runtime issues related to libc6-udeb,
which I thought to be a major version mismatch (d-i built against
unstable from a few hours ago = 2.33, but running against current
unstable = 2.34), I ended up with a fresh build that doesn't boot:
failure to execute /init.
Smallest bisection ever:
- Building d-i against testing's udebs fixes it.
- There are only a handful of differences… picking one “at random”.
- Building d-i against testing's udebs except libc6-udeb from unstable
generates the problem.
To get the booting issue out of the way, I've verified that I was able
to start busybox from the build tree after a netboot build against
testing's udebs, using this:
cd build/tmp/netboot/tree
sudo chroot . /bin/busybox sh
That's not the case after a build against unstable's udebs. Of course,
strace cannot report much:
chroot(".") = 0
chdir("/") = 0
execve("bin/busybox", […]) = -1 ENOENT (No such file or
directory)
Looking at the contents of the udebs before/after, a number of files and
symlinks are different, and there's one missing piece:
- before:
./lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 -> ld-2.33.so
./lib64/ld-linux-x86-64.so.2 -> /lib/x86_64-linux-gnu/ld-2.33.so
- after:
./lib64/ld-linux-x86-64.so.2 -> /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
Thanks to Aurélien for investigating at the same time as I did, and for
the upcoming fix!
Cheers,
--
Cyril Brulebois (k...@debian.org)
[Git][glibc-team/glibc][sid] 2 commits: debian/rules.d/debhelper.mk: make libc.so and ld.so executable also for...
Aurelien Jarno pushed to branch sid at GNU Libc Maintainers / glibc Commits: 5a55ada4 by Aurelien Jarno at 2022-08-08T19:37:40+02:00 debian/rules.d/debhelper.mk: make libc.so and ld.so executable also for libc6-udeb. Closes: #1016868. - - - - - 29b889ba by Aurelien Jarno at 2022-08-08T19:38:37+02:00 releasing package glibc version 2.34-3 - - - - - 2 changed files: - debian/changelog - debian/rules.d/debhelper.mk View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/compare/c82ef5bbb4c85595cdc0a8c3ba1b97699193faeb...29b889bac8c91dc91d7a36385d3b7804ef498551 -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/compare/c82ef5bbb4c85595cdc0a8c3ba1b97699193faeb...29b889bac8c91dc91d7a36385d3b7804ef498551 You're receiving this email because of your account on salsa.debian.org.
[Git][glibc-team/glibc] Pushed new tag debian/2.34-3
Aurelien Jarno pushed new tag debian/2.34-3 at GNU Libc Maintainers / glibc -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/tree/debian/2.34-3 You're receiving this email because of your account on salsa.debian.org.
Processed: Bug#1016868 marked as pending in glibc
Processing control commands: > tag -1 pending Bug #1016868 [libc6-udeb] libc6-udeb: dangling ld-linux symlink Added tag(s) pending. -- 1016868: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016868 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1016868: marked as done (libc6-udeb: dangling ld-linux symlink)
Your message dated Mon, 08 Aug 2022 17:50:16 +
with message-id
and subject line Bug#1016868: fixed in glibc 2.34-3
has caused the Debian Bug report #1016868,
regarding libc6-udeb: dangling ld-linux symlink
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1016868: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016868
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: libc6-udeb
Version: 2.34-1
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: debian-b...@lists.debian.org
Hi,
Checking fil's report regarding runtime issues related to libc6-udeb,
which I thought to be a major version mismatch (d-i built against
unstable from a few hours ago = 2.33, but running against current
unstable = 2.34), I ended up with a fresh build that doesn't boot:
failure to execute /init.
Smallest bisection ever:
- Building d-i against testing's udebs fixes it.
- There are only a handful of differences… picking one “at random”.
- Building d-i against testing's udebs except libc6-udeb from unstable
generates the problem.
To get the booting issue out of the way, I've verified that I was able
to start busybox from the build tree after a netboot build against
testing's udebs, using this:
cd build/tmp/netboot/tree
sudo chroot . /bin/busybox sh
That's not the case after a build against unstable's udebs. Of course,
strace cannot report much:
chroot(".") = 0
chdir("/") = 0
execve("bin/busybox", […]) = -1 ENOENT (No such file or
directory)
Looking at the contents of the udebs before/after, a number of files and
symlinks are different, and there's one missing piece:
- before:
./lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 -> ld-2.33.so
./lib64/ld-linux-x86-64.so.2 -> /lib/x86_64-linux-gnu/ld-2.33.so
- after:
./lib64/ld-linux-x86-64.so.2 -> /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2
Thanks to Aurélien for investigating at the same time as I did, and for
the upcoming fix!
Cheers,
--
Cyril Brulebois (k...@debian.org)
Processing of glibc_2.34-3_source.changes
glibc_2.34-3_source.changes uploaded successfully to localhost along with the files: glibc_2.34-3.dsc glibc_2.34-3.debian.tar.xz glibc_2.34-3_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org)
glibc_2.34-3_source.changes ACCEPTED into unstable
Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Format: 1.8 Date: Mon, 08 Aug 2022 19:38:30 +0200 Source: glibc Architecture: source Version: 2.34-3 Distribution: unstable Urgency: medium Maintainer: GNU Libc Maintainers Changed-By: Aurelien Jarno Closes: 1016868 Changes: glibc (2.34-3) unstable; urgency=medium . [ Aurelien Jarno ] * debian/rules.d/debhelper.mk: make libc.so and ld.so executable also for libc6-udeb. Closes: #1016868. Checksums-Sha1: 487f8f11b6ab852eee443df91c549c3b28eb78cc 9673 glibc_2.34-3.dsc cef261ad7254d5675572abb6e40da4414631072d 995252 glibc_2.34-3.debian.tar.xz b9601ede3b326d76b40c0dd7bc240b8efee661ae 9470 glibc_2.34-3_source.buildinfo Checksums-Sha256: 6e6641424381d7593124f2ffb5b2a19bbcc24ecbcbdba59731980935318195c2 9673 glibc_2.34-3.dsc 464eb5482bfe62d66a4529937a7fdb08fecebf5d822aa9dd063b6c34c7aca761 995252 glibc_2.34-3.debian.tar.xz d1a473fae60b69ceec0dee793d3ef0d04ada5ac008a27bfca2d53f81ce26b374 9470 glibc_2.34-3_source.buildinfo Files: 6e394d7f296129260d25aa2855fddbc3 9673 libs required glibc_2.34-3.dsc 5c591bbd62153095285ed590b743dee0 995252 libs required glibc_2.34-3.debian.tar.xz c2a0207d97622bac9c702adecda3e294 9470 libs required glibc_2.34-3_source.buildinfo -BEGIN PGP SIGNATURE- iQIzBAEBCgAdFiEEUryGlb40+QrX1Ay4E4jA+JnoM2sFAmLxSqAACgkQE4jA+Jno M2u5MA/+LmgpiD1M22kNbnD/7t2SlRKKuRYMtCfgXp1zFUBM+w9dC/6G6aAamJqI 1QA0emfEqc1I0jJzVQeOH/tUzNfNHT+H0zME58uvGXtl9OoAn8SVIDJbJxiDQzb6 3MIcXywpBB40ssgzUNwoOzRCVuwOGETm76fqbS+u9WrHDmAE4zmzfMCArWLF3nJv 3Jgb8gYfdk0bW4Fsk73xupvxQKtbNnki+qOsDRxQdmIuLldOUj7XpIyQO8BCjQBc PxIC0z/Ij/gzZoVmaH6TFiTChOA6Hxa+I6PdC3Xypp3RyheHHR6ewYUK55dfc27G Q0VrVFzH5oAQoDiUO+8WWxGfzbFtyq8g7pdDt75oCSjxkvccaojTdThh6BVuNkUN EKvZi3U4q4Iq2899iZsOUwV7/smkavtOKzl65OBJU5mKSPAkFvwohv8LKnp154if aTs+GJXUliQpe4K8RRX3OXjry9rnegmAu69YvAKm4K+59vD9x4AbPS1+CAr4uiJO qo+s5jVBE0l1C+p6saiKxifswbGeY72Qt7DprF/qspLeEYutIFTd/ptAEFn9+X1j hTSAwOhdssYsPTK4vyGzjUYGpu0LM8tD/L49oRDgXMxOlCepuF1K33Eufd2mi6lC PFJrVRllnH/mNm4bXlPSF5AMw2VSsaMyJacs6oVfCnQH7eO4MRc= =dUF5 -END PGP SIGNATURE- Thank you for your contribution to Debian.
[Git][glibc-team/glibc][sid] tst-canon-bz26341 is actually fixed in glibc 2.35
Samuel Thibault pushed to branch sid at GNU Libc Maintainers / glibc Commits: 6bd7c054 by Samuel Thibault at 2022-08-08T21:28:53+02:00 tst-canon-bz26341 is actually fixed in glibc 2.35 - - - - - 1 changed file: - debian/testsuite-xfail-debian.mk View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/6bd7c054cb724cee83b01de32ac73c0a1944f548 -- View it on GitLab: https://salsa.debian.org/glibc-team/glibc/-/commit/6bd7c054cb724cee83b01de32ac73c0a1944f548 You're receiving this email because of your account on salsa.debian.org.
Bug#1016884: heimdal: FTBFS with glibc >= 2.34
Source: heimdal Version: 1.6~rc2+dfsg-9+deb8u1 Severity: serious Justification: FTBFS Hello, Now that glibc provides a closefrom function, heimdal doesn't build its own rk_closefrom function any more, and thus the libroken18-heimdal.symbols check complains: - rk_closefrom@HEIMDAL_ROKEN_1.0 1.4.0+git20110226 +#MISSING: 7.7.0+dfsg-4+b1# rk_closefrom@HEIMDAL_ROKEN_1.0 1.4.0+git20110226 Samuel -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'stable-security'), (500, 'stable-debug'), (500, 'proposed-updates-debug'), (500, 'proposed-updates'), (500, 'oldstable-proposed-updates-debug'), (500, 'oldstable-proposed-updates'), (500, 'oldoldstable'), (500, 'buildd-unstable'), (500, 'unstable'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, arm64 Kernel: Linux 5.19.0 (SMP w/8 CPU threads; PREEMPT) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled -- Samuel --- Pour une évaluation indépendante, transparente et rigoureuse ! Je soutiens la Commission d'Évaluation de l'Inria.
Bug#1016886: CVE-2020-1752: 'glob' use-after-free bug
Package: libc6
Version: 2.28-10+deb10u1
Severity: normal
Tags: patch
The CVE-2020-1752 was reported to glibc bugzilla[1].
CVE-2020-1752 description from NVD.
A use-after-free vulnerability introduced in glibc upstream version 2.14 was
found in the way the tilde expansion was carried out. Directory paths
containing an initial tilde followed by a valid username were affected by this
issue. A local attacker could exploit this flaw by creating a specially crafted
path that, when processed by the glob function, would potentially lead to
arbitrary code execution. This was fixed in version 2.32.
This CVE has been fixed in release/2.28/master branch[2] about two years ago
but there is no new upstream release for 2.28 series yet.
I ported upstream patch to 2.28-10+deb10u1.
1. https://sourceware.org/bugzilla/show_bug.cgi?id=25414
2.
https://sourceware.org/git/?p=glibc.git;a=patch;h=21344a3d62a29406fddeec069ee4eb3c341369f9
*** submitted-Fix-use-after-free-in-glob-when-expanding-user-bug.diff
Index: glibc-2.28/NEWS
===
--- glibc-2.28.orig/NEWS
+++ glibc-2.28/NEWS
@@ -69,6 +69,7 @@ The following bugs are resolved with thi
[24228] old x86 applications that use legacy libio crash on exit
[24476] dlfcn: Guard __dlerror_main_freeres with __libc_once_get (once)
[24744] io: Remove the copy_file_range emulation.
+ [25414] 'glob' use-after-free bug (CVE-2020-1752)
Security related changes:
@@ -97,6 +98,10 @@ Security related changes:
CVE-2019-9169: Attempted case-insensitive regular-expression match
via proceed_next_node in posix/regexec.c leads to heap-based buffer
over-read. Reported by Hongxu Chen.
+
+ CVE-2020-1752: A use-after-free vulnerability in the glob function when
+ expanding ~user has been fixed.
+
Version 2.28
Index: glibc-2.28/posix/glob.c
===
--- glibc-2.28.orig/posix/glob.c
+++ glibc-2.28/posix/glob.c
@@ -827,31 +827,32 @@ __glob (const char *pattern, int flags,
{
size_t home_len = strlen (p->pw_dir);
size_t rest_len = end_name == NULL ? 0 : strlen (end_name);
- char *d;
+ char *d, *newp;
+ bool use_alloca = glob_use_alloca (alloca_used,
+ home_len + rest_len + 1);
- if (__glibc_unlikely (malloc_dirname))
- free (dirname);
- malloc_dirname = 0;
-
- if (glob_use_alloca (alloca_used, home_len + rest_len + 1))
- dirname = alloca_account (home_len + rest_len + 1,
- alloca_used);
+ if (use_alloca)
+ newp = alloca_account (home_len + rest_len + 1, alloca_used);
else
{
- dirname = malloc (home_len + rest_len + 1);
- if (dirname == NULL)
+ newp = malloc (home_len + rest_len + 1);
+ if (newp == NULL)
{
scratch_buffer_free (&pwtmpbuf);
retval = GLOB_NOSPACE;
goto out;
}
- malloc_dirname = 1;
}
- d = mempcpy (dirname, p->pw_dir, home_len);
+ d = mempcpy (newp, p->pw_dir, home_len);
if (end_name != NULL)
d = mempcpy (d, end_name, rest_len);
*d = '\0';
+ if (__glibc_unlikely (malloc_dirname))
+ free (dirname);
+ dirname = newp;
+ malloc_dirname = !use_alloca;
+
dirlen = home_len + rest_len;
dirname_modified = 1;
}
-- System Information:
Debian Release: 10.12
APT prefers oldstable-updates
APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-21-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages libc6 depends on:
ii libgcc1 1:8.3.0-6
Versions of packages libc6 recommends:
ii libidn2-0 2.0.5-1+deb10u1
Versions of packages libc6 suggests:
ii debconf [debconf-2.0] 1.5.71+deb10u1
pn glibc-doc
ii libc-l10n 2.28-10+deb10u1
ii locales2.28-10+deb10u1
-- debconf information:
libraries/restart-without-asking: false
glibc/restart-services:
glibc/restart-failed:
glibc/kernel-not-supported:
glibc/kernel-too-old:
glibc/upgrade: true
glibc/disable-screensaver:
