-
3ee63d1c
by Aurelien Jarno at 2024-04-19T18:33:08+02:00
debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: Fix out-of-bound writes when writing escape sequence in iconv ISO-2022-CN-EXT module (CVE-2024-2961). Closes: #1069191.
-
20fa9ac6
by Aurelien Jarno at 2024-04-19T18:34:28+02:00
releasing package glibc version 2.36-9+deb12u6
-
df18fa3b
by Aurelien Jarno at 2024-04-30T21:36:35+02:00
debian/patches/local-CVE-2024-33599-nscd.diff: Fix a stack-based buffer overflow in nscd netgroup cache (CVE-2024-33599).
-
7250dfd1
by Aurelien Jarno at 2024-04-30T21:45:47+02:00
debian/patches/local-CVE-2024-33600-nscd.diff: Fix a null pointer dereferences in nscd after failed netgroup cache insertion (CVE-2024-33600).
-
83f48ffd
by Aurelien Jarno at 2024-04-30T21:45:47+02:00
debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: Fix a DoS in nscd in case of memory allocation failure (CVE-2024-33601) and a memory corruption in nscd when the underlying NSS callback function does not use the buffer space to store all strings (CVE-2024-33602).
-
99e5fc90
by Aurelien Jarno at 2024-04-30T23:07:38+02:00
releasing package glibc version 2.36-9+deb12u7
-
65086b4d
by Aurelien Jarno at 2024-04-30T23:13:50+02:00
releasing package glibc version 2.36-9+deb12u7
-
e0351e4b
by Aurelien Jarno at 2024-07-22T22:14:12+02:00
debian/patches/git-updates.diff: update from upstream stable branch:
* debian/patches/git-updates.diff: update from upstream stable branch:
- debian/patches/kfreebsd/submitted-auxv.diff: refreshed.
- debian/patches/any/local-CVE-2024-2961-iso-2022-cn-ext.diff: upstreamed.
- debian/patches/any/local-CVE-2024-33599-nscd.diff: upstreamed.
- debian/patches/any/local-CVE-2024-33600-nscd.diff: upstreamed.
- debian/patches/any/local-CVE-2024-33601-33602-nscd.diff: upstreamed.
- Fixes ffsll() performance issue depending on code alignment.
- Fixes memmove/memset on sparc32.
- Fixes pthread_cancel on sparc32.
- Fixes a possible crash in _dl_start_user on arm32.
- Fixes poor malloc/free performance due to lock contentions between
threads when using core pinning.
- Uses 64-bit time_t in testsuite on 32-bit systems.
- Fixes rseq support when built against newer kernel headers.
- Performance improvements for string functions on arm64.
- Disables arm64 SVE functions on kernel <= 6.2.0 due to performance
issues.
- Fixes ld.so crash on powerpc64* when built with GCC 14.
- Fixes ld.so crash on amd64 when built with APX enabled.
- Fixes __WORDSIZE definition on sparc32 with sparcv9.
- Fixes getutxent() on 32-bit architecture with _TIME_BITS=64.
- Fixes y2038 regression in nscd following CVE-2024-33601 and
CVE-2024-33602 fix.
- Fixes build with --enable-hardcoded-path-in-tests with newer linkers.
- Fixes crash in wcsncmp() in z13/vector-optimized s390 implementation.
- Fixes rseq extension mechanism.
- Fixes misc/tst-preadvwritev2 and misc/tst-preadvwritev64v2 with kernel
6.9+.
- Fixes freeing uninitialized memory in libc_freeres_fn(). Closes:
#1073916.