[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#969926: glibc: Parsing of /etc/gshadow can return bad pointers causing segfaults in applications



* Aurelien Jarno:

>> > Is it possible to commit those patches to the upstream 2.28 branch? If
>> > so, I guess we can simply pull the branch in the Debian package, fixing
>> > many other security bugs at the same time.
>> 
>> I'm concerned about the GLIBC_PRIVATE internal ABI change, it causes
>> issues if the update is applied without a reboot:
>> 
>>   glibc: After upgrade, before reboot, systemd services using USER= do
>>   not start (caused by fix for bug 1871397)
>>   <https://bugzilla.redhat.com/show_bug.cgi?id=1927040>
>
> That issue looks problematic for Debian, we usually do not require a
> (immediate) reboot after applying a security upgrade.

I submitted a merge request that should work around it, using the
patch from CentOS 8 (and eventually Red Hat Enterprise Linux, of
course):

  <https://salsa.debian.org/glibc-team/glibc/-/merge_requests/2>

Please let me know what you think.  The new glibc seems to work okay
in general.


Reply to: