New Debian glibc 2.36-9+deb12u13 fixes: This update addresses the following issues: * glibc: buffer overflow in the GNU C Library's assert() (CVE-2025-0395) 2.36-9+deb12u13 (Mon, 25 Aug 2025 21:11:05 +0200) * debian/patches/git-updates.diff: update from upstream stable branch: - Fix error reporting (false negatives) in SGID tests - Fix double-free after allocation failure in regcomp (GLIBC-SA-2025-0005 / CVE-2025-8058).. 2.36-9+deb12u12 (Mon, 02 Jun 2025 22:53:56 +0200) * d/p/local-revert-aarch64-use-prefer_sve_ifuncs-for-sve-memset.diff: revert upstream commit "AArch64: Use prefer_sve_ifuncs for SVE memset" as upstream commit "AArch64: Check kernel version for SVE ifuncs" has been reverted in 2.36-9+deb12u9. 2.36-9+deb12u11 (Thu, 29 May 2025 11:41:11 +0200) * debian/patches/git-updates.diff: update from upstream stable branch: - Fixed incorrect LD_LIBRARY_PATH search in dlopen for static setuid binaries (GLIBC-SA-2025-0002 / CVE-2025-4802). - Improve memory layout of structures in exp/exp10/expf functions. - Add an SVE implementation of memset on aarch64. - Improve generic implementation of memset on aarch64.
--- mirror/ftp/pool/main/g/glibc/glibc_2.36-9+deb12u10.dsc +++ apt/ucs_5.2-0-errata5.2-3/source/glibc_2.36-9+deb12u13.dsc @@ -1,3 +1,26 @@ +2.36-9+deb12u13 [Mon, 25 Aug 2025 21:11:05 +0200] Aurelien Jarno <aurel32@debian.org>: + + * debian/patches/git-updates.diff: update from upstream stable branch: + - Fix error reporting (false negatives) in SGID tests + - Fix double-free after allocation failure in regcomp (GLIBC-SA-2025-0005 + / CVE-2025-8058). Closes: #1109803. + +2.36-9+deb12u12 [Mon, 02 Jun 2025 22:53:56 +0200] Aurelien Jarno <aurel32@debian.org>: + + * d/p/local-revert-aarch64-use-prefer_sve_ifuncs-for-sve-memset.diff: revert + upstream commit "AArch64: Use prefer_sve_ifuncs for SVE memset" as + upstream commit "AArch64: Check kernel version for SVE ifuncs" has been + reverted in 2.36-9+deb12u9. + +2.36-9+deb12u11 [Thu, 29 May 2025 11:41:11 +0200] Aurelien Jarno <aurel32@debian.org>: + + * debian/patches/git-updates.diff: update from upstream stable branch: + - Fixed incorrect LD_LIBRARY_PATH search in dlopen for static setuid + binaries (GLIBC-SA-2025-0002 / CVE-2025-4802). + - Improve memory layout of structures in exp/exp10/expf functions. + - Add an SVE implementation of memset on aarch64. + - Improve generic implementation of memset on aarch64. + 2.36-9+deb12u10 [Thu, 06 Mar 2025 23:46:53 +0100] Aurelien Jarno <aurel32@debian.org>: * debian/patches/git-updates.diff: update from upstream stable branch: <http://piuparts.knut.univention.de/5.2-3/#7353791987588093147>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.2-3] cb44027399 chore(postgresql-15): update advisory doc/errata/staging/glibc.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) [5.2-3] 6d716a442f Bug #58622: glibc 2.36-9+deb12u13 doc/errata/staging/glibc.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.2x192>