Bug#969926: glibc: Parsing of /etc/gshadow can return bad pointers causing segfaults in applications
* Aurelien Jarno:
>> > Is it possible to commit those patches to the upstream 2.28 branch? If
>> > so, I guess we can simply pull the branch in the Debian package, fixing
>> > many other security bugs at the same time.
>>
>> I'm concerned about the GLIBC_PRIVATE internal ABI change, it causes
>> issues if the update is applied without a reboot:
>>
>> glibc: After upgrade, before reboot, systemd services using USER= do
>> not start (caused by fix for bug 1871397)
>> <https://bugzilla.redhat.com/show_bug.cgi?id=1927040>
>
> That issue looks problematic for Debian, we usually do not require a
> (immediate) reboot after applying a security upgrade.
I submitted a merge request that should work around it, using the
patch from CentOS 8 (and eventually Red Hat Enterprise Linux, of
course):
<https://salsa.debian.org/glibc-team/glibc/-/merge_requests/2>
Please let me know what you think. The new glibc seems to work okay
in general.
Reply to: