Bug#681563: unblock: eglibc/2.13-34
retitle 681563 unblock: eglibc/2.13-35
thanks
On Mon, Jul 23, 2012 at 07:30:50AM -0600, Christian PERRIER wrote:
> Quoting Cyril Brulebois (kibi@debian.org):
> > Aurelien Jarno <aurel32@debian.org> (14/07/2012):
> > > I guess it means the unblock is granted, just waited for d-i beta 1.
> > > Does it mean we can already upload eglibc/2.13-35, and that only the
> > > changes between 2.13-34 and 2.13-35 would be considered for the freeze
> > > exception?
> >
> > We would normally review the whole testing against sid diff for manual
> > unblocks; but I'll probably review both diffs (to -34 and from -34)
> > separately, so feel free to go ahead with an unblock.
>
> Aurélien uploaded -35 two days ago.
You are probably living on a planet rotating twice as fast than mine ;-)
> (and it has a debconf translation which explains why I send this mail..:-))
And I was waiting for the package to be built everywhere before
bothering the release team.
As discussed earlier, I have uploaded eglibc 2.13-35, with minimal
changes compare to 2.13-34. You'll find the diff below, but here are
some more comments:
- it fixes one RC bug
- it fixes two security issues, as requested by the security team
- it updates one translation
- it fixes one manpage
- it fixes ld.so cache flags for MIPS N64, and disable it for armhf as
already announced on the debian-arm and debian-release mailing-lists.
Once d-i beta1 is released, would it be possible to unblock it? Thanks
in advance.
Cheers,
Aurelien
diff -u eglibc-2.13/debian/changelog eglibc-2.13/debian/changelog
--- eglibc-2.13/debian/changelog
+++ eglibc-2.13/debian/changelog
@@ -1,3 +1,22 @@
+eglibc (2.13-35) unstable; urgency=low
+
+ [ Aurelien Jarno ]
+ * patches/arm/unsubmitted-ldconfig-cache-abi.diff: disable, as it will
+ conflict with upstream x32 support.
+ * Update Czech debconf translation, by Miroslav Kure. Closes: #681708.
+ * local/manpages/ld.so.8: fix LD_VERBOSE description after manpage
+ rework. Closes: #681688.
+ * patches/any/cvs-vfprintf-positional.diff: new patch from upstream to
+ fix a stack corruption in vfprintf with positional parameters
+ (CVE-2012-3404). patches/any/cvs-vfprintf-many-format-strings.diff: new
+ patch from upstream to fix a FORTIFY_SOURCE format string protection
+ bypass (CVE-2012-3405). Closes: #681473.
+
+ [ Petr Salinger ]
+ * fixup kfreebsd/local-use-thr-primitives.diff. Closes: #681113.
+
+ -- Aurelien Jarno <aurel32@debian.org> Sun, 22 Jul 2012 17:36:20 +0200
+
eglibc (2.13-34) unstable; urgency=low
[ Aurelien Jarno ]
diff -u eglibc-2.13/debian/patches/series eglibc-2.13/debian/patches/series
--- eglibc-2.13/debian/patches/series
+++ eglibc-2.13/debian/patches/series
@@ -92,7 +92,7 @@
arm/local-sigaction.diff
arm/submitted-armhf-triplet.diff
arm/cvs-clone-cantunwind.diff
-arm/unsubmitted-ldconfig-cache-abi.diff
+#arm/unsubmitted-ldconfig-cache-abi.diff
arm/unsubmitted-ldso-abi-check.diff
arm/cvs-syscall-mcount.diff
arm/cvs-ucontext.diff
@@ -363,0 +364,2 @@
+any/cvs-vfprintf-positional.diff
+any/cvs-vfprintf-many-format-strings.diff
diff -u eglibc-2.13/debian/patches/arm/unsubmitted-ldconfig-cache-abi.diff eglibc-2.13/debian/patches/arm/unsubmitted-ldconfig-cache-abi.diff
--- eglibc-2.13/debian/patches/arm/unsubmitted-ldconfig-cache-abi.diff
+++ eglibc-2.13/debian/patches/arm/unsubmitted-ldconfig-cache-abi.diff
@@ -7,10 +7,11 @@
--- a/elf/cache.c
+++ b/elf/cache.c
-@@ -91,6 +91,8 @@
+@@ -91,6 +91,9 @@
break;
case FLAG_MIPS64_LIBN64:
fputs (",64bit", stdout);
++ break;
+ case FLAG_ARM_HFABI:
+ fputs (",hard-float", stdout);
case 0:
diff -u eglibc-2.13/debian/patches/kfreebsd/local-use-thr-primitives.diff eglibc-2.13/debian/patches/kfreebsd/local-use-thr-primitives.diff
--- eglibc-2.13/debian/patches/kfreebsd/local-use-thr-primitives.diff
+++ eglibc-2.13/debian/patches/kfreebsd/local-use-thr-primitives.diff
@@ -616,7 +616,7 @@
#endif
/* Since all threads have been asynchronously terminated
(possibly holding locks), free cannot be used any more.
-@@ -1128,9 +1135,11 @@
+@@ -1128,11 +1135,19 @@
children, so that timings for main thread account for all threads. */
if (self == __pthread_main_thread) {
#ifdef USE_TLS
@@ -629,8 +629,16 @@
+#error TLS required
#endif
}
++ else
++ {
++ __thr_kill(__manager_thread->p_ktid, __pthread_sig_cancel);
++ __thr_exit(&(self->p_ktid));
++ /* should not return */
++ }
_exit(__pthread_exit_code);
-@@ -1170,6 +1179,7 @@
+ }
+ if (__builtin_expect (THREAD_GETMEM(self, p_canceled), 0)
+@@ -1170,6 +1185,7 @@
void __pthread_reset_main_thread(void)
{
@@ -638,7 +646,7 @@
pthread_descr self = thread_self();
if (__pthread_manager_request != -1) {
-@@ -1183,7 +1193,8 @@
+@@ -1183,7 +1199,8 @@
}
/* Update the pid of the main thread */
@@ -648,7 +656,7 @@
/* Make the forked thread the main thread */
__pthread_main_thread = self;
THREAD_SETMEM(self, p_nextlive, self);
-@@ -1289,7 +1300,7 @@
+@@ -1289,7 +1306,7 @@
void __pthread_restart_old(pthread_descr th)
{
if (pthread_atomic_increment(&th->p_resume_count) == -1)
@@ -657,7 +665,7 @@
}
void __pthread_suspend_old(pthread_descr self)
-@@ -1383,7 +1394,7 @@
+@@ -1384,7 +1401,7 @@
memory so the woken thread will have a consistent view. Complementary
read barriers are present to the suspend functions. */
WRITE_MEMORY_BARRIER();
diff -u eglibc-2.13/debian/local/manpages/ld.so.8 eglibc-2.13/debian/local/manpages/ld.so.8
--- eglibc-2.13/debian/local/manpages/ld.so.8
+++ eglibc-2.13/debian/local/manpages/ld.so.8
@@ -217,6 +217,8 @@
.B LD_VERBOSE
If set to non-empty string, output symbol versioning information
about the program if querying information about the program (ie. either
+.B LD_TRACE_LOADED_OBJECTS
+has been set, or --list or --verify options have been given to the dynamic linker).
.TP
.B LD_WARN
If set to non-empty string, warn about unresolved symbols.
diff -u eglibc-2.13/debian/po/cs.po eglibc-2.13/debian/po/cs.po
--- eglibc-2.13/debian/po/cs.po
+++ eglibc-2.13/debian/po/cs.po
@@ -16,7 +16,7 @@
"Project-Id-Version: glibc\n"
"Report-Msgid-Bugs-To: eglibc@packages.debian.org\n"
"POT-Creation-Date: 2011-10-30 11:52-0700\n"
-"PO-Revision-Date: 2009-06-27 09:58+0200\n"
+"PO-Revision-Date: 2012-07-15 20:40+0200\n"
"Last-Translator: Miroslav Kure <kurem@debian.cz>\n"
"Language-Team: Czech <debian-l10n-czech@lists.debian.org>\n"
"Language: cs\n"
@@ -221,7 +221,7 @@
#. Description
#: ../debhelper.in/libc.templates:5001
msgid "Restart services during package upgrades without asking?"
-msgstr ""
+msgstr "Restartovat služby při aktualizaci balíku bez ptaní?"
#. Type: boolean
#. Description
@@ -237,0 +238,6 @@
+"V systému jsou nainstalovány služby, které je nutno při aktualizaci "
+"určitých knihoven (libpam, libc nebo libssl) restartovat. Během restartu "
+"služeb jsou tyto po nějakou dobu nedostupné. Abychom předešli nechtěné "
+"nedostupnosti, je při každé aktualizaci nabídnut seznam služeb, které se "
+"mají restartovat. Povolíte-li tuto možnost, budou se všechny potřebné "
+"služby restartovat při aktualizaci knihoven automaticky bez ptaní."
\ Pas de fin de ligne à la fin du fichier
only in patch2:
unchanged:
--- eglibc-2.13.orig/debian/patches/any/cvs-vfprintf-many-format-strings.diff
+++ eglibc-2.13/debian/patches/any/cvs-vfprintf-many-format-strings.diff
@@ -0,0 +1,41 @@
+2011-12-17 Ulrich Drepper <drepper@gmail.com>
+
+ [BZ #13446]
+ * stdio-common/vfprintf.c (vfprintf): Fix extension of specs array.
+
+diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c
+index 753a5ac..952886b 100644
+--- a/stdio-common/vfprintf.c
++++ b/stdio-common/vfprintf.c
+@@ -1640,9 +1640,9 @@ do_positional:
+ /* Array with information about the needed arguments. This has to
+ be dynamically extensible. */
+ size_t nspecs = 0;
+- size_t nspecs_max = 32; /* A more or less arbitrary start value. */
+- struct printf_spec *specs
+- = alloca (nspecs_max * sizeof (struct printf_spec));
++ /* A more or less arbitrary start value. */
++ size_t nspecs_size = 32 * sizeof (struct printf_spec);
++ struct printf_spec *specs = alloca (nspecs_size);
+
+ /* The number of arguments the format string requests. This will
+ determine the size of the array needed to store the argument
+@@ -1679,15 +1679,14 @@ do_positional:
+
+ for (f = lead_str_end; *f != L_('\0'); f = specs[nspecs++].next_fmt)
+ {
+- if (nspecs >= nspecs_max)
++ if (nspecs * sizeof (*specs) >= nspecs_size)
+ {
+ /* Extend the array of format specifiers. */
+ struct printf_spec *old = specs;
+- specs = extend_alloca (specs, nspecs_max,
+- 2 * nspecs_max * sizeof (*specs));
++ specs = extend_alloca (specs, nspecs_size, 2 * nspecs_size);
+
+ /* Copy the old array's elements to the new space. */
+- memmove (specs, old, nspecs * sizeof (struct printf_spec));
++ memmove (specs, old, nspecs * sizeof (*specs));
+ }
+
+ /* Parse the format specifier. */
only in patch2:
unchanged:
--- eglibc-2.13.orig/debian/patches/any/cvs-vfprintf-positional.diff
+++ eglibc-2.13/debian/patches/any/cvs-vfprintf-positional.diff
@@ -0,0 +1,20 @@
+2011-01-27 Petr Baudis <pasky@suse.cz>
+ Ulrich Drepper <drepper@gmail.com>
+
+ * stdio-common/vfprintf.c (vfprintf): Pass correct newlen
+ to extend_alloca().
+
+diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c
+index fc370e8..cfa4c30 100644
+--- a/stdio-common/vfprintf.c
++++ b/stdio-common/vfprintf.c
+@@ -1682,7 +1682,8 @@ do_positional:
+ {
+ /* Extend the array of format specifiers. */
+ struct printf_spec *old = specs;
+- specs = extend_alloca (specs, nspecs_max, 2 * nspecs_max);
++ specs = extend_alloca (specs, nspecs_max,
++ 2 * nspecs_max * sizeof (*specs));
+
+ /* Copy the old array's elements to the new space. */
+ memmove (specs, old, nspecs * sizeof (struct printf_spec));
--
Aurelien Jarno GPG: 1024D/F1BCDB73
aurelien@aurel32.net http://www.aurel32.net
Reply to: