Univention Bugzilla – Full Text Bug Listing |
Summary: | glibc: Multiple issues (4.3) | ||
---|---|---|---|
Product: | UCS | Reporter: | Philipp Hahn <hahn> |
Component: | Security updates | Assignee: | Philipp Hahn <hahn> |
Status: | CLOSED FIXED | QA Contact: | Arvid Requate <requate> |
Severity: | normal | ||
Priority: | P3 | CC: | requate |
Version: | UCS 4.3 | ||
Target Milestone: | UCS 4.3-0-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 3.7 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) |
Description
Philipp Hahn
2018-03-13 16:38:10 CET
[4.3-0] 604e7c60f7 Bug #46617: glibc_2.24-11+deb9u3 --- mirror/ftp/4.3/unmaintained/4.3-0/source/glibc_2.24-11+deb9u1.dsc +++ apt/ucs_4.3-0-errata4.3-0/source/glibc_2.24-11+deb9u3.dsc @@ -1,3 +1,45 @@ +2.24-11+deb9u3 [Sun, 14 Jan 2018 11:39:44 +0100] Aurelien Jarno <aurel32@debian.org>: + + [ Aurelien Jarno ] + * debian/rules.d/debhelper.mk: install the libc-otherbuild postinst and + postrm in the libc6-i686 transitional package, to make sure + /etc/ld.so.nohwcap is correctly removed after an upgrade. Closes: + #883394. + +2.24-11+deb9u2 [Fri, 01 Dec 2017 21:09:18 +0100] Aurelien Jarno <aurel32@debian.org>: + + [ Aurelien Jarno ] + * debian/control.in/x32: Add a gcc-multilib Recommends for libc6-dev-x32. + * debian/patches/git-updates.diff: update from upstream stable branch: + - debian/patches/any/submitted-perl-inc.diff: drop, merged upstream. + - debian/patches/any/cvs-remove-pid-tid-cache-clone.diff: drop, merged + upstream. + - debian/patches/any/local-CVE-2017-1000366-rtld-LD_LIBRARY_PATH.diff: + drop, merged upstream. + - debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff: drop, + merged upstream. + - debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff: drop, + merged upstream. + - debian/patches/any/cvs-vectorized-strcspn-guards.diff: drop, merged + upstream. + - debian/patches/any/cvs-hwcap-AT_SECURE.diff: drop, merged upstream. + - Avoid use-after-free read access in clntudp_call (CVE-2017-12133). + Closes: #870648. + - Fix compatibility with Intel C++ __regcall calling convention. Closes: + #881850. + - Fix a buffer overrun in rpcgen. + - Fix strlen on null pointer in nss_nisplus. + - Fix invalid cast in group merging affecting ppc64 and s390x. + - Define collation for Malayalam chillu characters. + - Correct collation of U+0D36 and U+0D37 Malayalam characters. + * debian/script.in/nohwcap.sh: always check for all optimized packages + as multiarch allows one to install foreign architectures. Closes: + #882272. + + [ Santiago Vila ] + * debian/debhelper.in/libc-bin.postinst: do not update /etc/nsswitch.conf + when its content already matches the default. Closes: #865144. + 2.24-11+deb9u1 [Thu, 15 Jun 2017 21:17:14 +0200] Aurelien Jarno <aurel32@debian.org>: * debian/patches/any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff, * No UCS specific patches * Comparison to previously shipped version ok * Binary package update Ok * Advisory Ok |