Package "glibc"
Name: |
glibc
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- GNU C Library: Documentation
- GNU C Library: Binaries
- GNU C Library: Development binaries
- GNU C Library: Shared libraries
|
Latest version: |
2.27-3ubuntu1.4 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
main |
Links
Other versions of "glibc" in Bionic
Packages in group
Deleted packages are displayed in grey.
Changelog
glibc (2.27-3ubuntu1.4) bionic; urgency=medium
[ Balint Reczey ]
* tests: XFAIL new tst-support_descriptors on armel, too.
The armhf build builds for armel, too, thus this fixes the armhf autopkgtest.
(LP: #1895920)
[ Adam Conrad ]
* debian/patches/arm/unsubmitted-ldso-abi-check.diff: Fix rtld segv in dl_open()
introduced via merge with upstream at 2.28 and when backporting upstream's
2.27/master changes. (LP: #1821677)
-- Balint Reczey <email address hidden> Mon, 07 Dec 2020 17:38:09 +0100
|
Source diff to previous version |
1895920 |
glibc 2.27-3ubuntu1.3 ADT test failure with linux Bionic armhf |
1821677 |
dl_open segment fault in ubuntu18.10 glibc2.28 |
|
glibc (2.27-3ubuntu1.3) bionic; urgency=medium
[ Balint Reczey ]
* debian/gbp.conf: Add initial configuration
* debian/control.in/main: Add Vcs-* pointing to Ubuntu packaging repository
* arm64: Enable searching shared libraries in atomics/ on LSE HW
* Ship arm64 variant with LSE support in libc6-lse (LP: #1885012)
* Run tests of libc6-lse on HW supporting LSE
* debian/patches/git-updates.diff: update from upstream stable branch
- pthread_cond_broadcast: Fix waiters-after-spinning case
- Fix SSe2-based memmove corrupting memory (CVE-2017-18269)
- Fix strstr() performance regression on Haswell processors
- Support Japanese new era "令和 (Reiwa)"
- io: Remove copy_file_range emulation
(LP: #1851263, #1858203, #1838327, #1797335, #1756209, #1853193)
* XFAIL stdlib/tst-getrandom (LP: #1891403)
* debian/testsuite-xfail-debian.mk: XFAIL new tst-support_descriptors
[ Thadeu Lima de Souza Cascardo ]
* tests: Make preadwritev2 invalid flags tests unsupported (LP: #1770480)
[ Andreas Hasenack ]
* branch-pthread_rwlock_trywrlock-hang-23844.patch:
nptl: Fix pthread_rwlock_try*lock stalls (Bug 23844) (LP: #1864864)
-- Balint Reczey <email address hidden> Wed, 02 Sep 2020 11:18:37 +0200
|
Source diff to previous version |
1885012 |
Provide libc6-lse binary package optimized for Large System Extensions (LSE) |
1851263 |
Ubuntu 18.04.3 LTS bump Glibc 2.27 to the latest stable |
1891403 |
glibc tst-getrandom test needs more entropy causing test failures |
1770480 |
preadv2 test does not consider new flag from linux 4.16 |
1864864 |
[SRU] pthread_rwlock_trywrlock results in hang |
CVE-2017-18269 |
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2. |
|
glibc (2.27-3ubuntu1.2) bionic-security; urgency=medium
* SECURITY UPDATE: integer overflow in realpath
- debian/patches/any/CVE-2018-11236.patch: fix path length overflow in
realpath in stdlib/Makefile, stdlib/canonicalize.c,
stdlib/test-bz22786.c.
- CVE-2018-11236
* SECURITY UPDATE: buffer overflow in __mempcpy_avx512_no_vzeroupper
- debian/patches/any/CVE-2018-11237-1.patch: don't write beyond
destination in string/test-mempcpy.c,
sysdeps/x86_64/multiarch/memmove-avx512-no-vzeroupper.S.
- debian/patches/any/CVE-2018-11237-2.patch: add a test case in
string/test-memcpy.c.
- CVE-2018-11237
* SECURITY UPDATE: if_nametoindex() does not close descriptor
- debian/patches/any/CVE-2018-19591.patch: fix descriptor for overlong
name in sysdeps/unix/sysv/linux/if_index.c.
- CVE-2018-19591
* SECURITY UPDATE: heap over-read via regular-expression match
- debian/patches/any/CVE-2019-9169.patch: fix read overrun in
posix/regexec.c.
- CVE-2019-9169
* SECURITY UPDATE: ASLR bypass
- debian/patches/any/CVE-2019-19126.patch: check __libc_enable_secure
before honoring LD_PREFER_MAP_32BIT_EXEC in
sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h.
- CVE-2019-19126
* SECURITY UPDATE: out-of-bounds write on PowerPC
- debian/patches/any/CVE-2020-1751.patch: fix array overflow in
backtrace on PowerPC in debug/tst-backtrace5.c,
sysdeps/powerpc/powerpc32/backtrace.c,
sysdeps/powerpc/powerpc64/backtrace.c.
- CVE-2020-1751
* SECURITY UPDATE: use-after-free via tilde expansion
- debian/patches/any/CVE-2020-1752.patch: fix use-after-free in glob
when expanding ~user in posix/glob.c.
- CVE-2020-1752
* SECURITY UPDATE: stack overflow via 80-bit long double function
- debian/patches/any/CVE-2020-10029-1.patch: avoid ldbl-96 stack
corruption from range reduction of pseudo-zero in
sysdeps/ieee754/ldbl-96/Makefile,
sysdeps/ieee754/ldbl-96/e_rem_pio2l.c,
sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c.
- debian/patches/any/CVE-2020-10029-2.patch: use stack protector only
if available in sysdeps/ieee754/ldbl-96/Makefile.
- CVE-2020-10029
-- Marc Deslauriers <email address hidden> Thu, 04 Jun 2020 13:25:26 -0400
|
CVE-2018-11236 |
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath functi |
CVE-2018-11237 |
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the targ |
CVE-2018-19591 |
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socke |
CVE-2019-9169 |
In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_node in posix/regexec.c has a heap-based buffer over-read via an attempted case- |
CVE-2019-19126 |
On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31 fails to ignore the LD_PREFER_MAP_32BIT_EXEC environment variable during progra |
CVE-2020-1751 |
An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function |
CVE-2020-1752 |
A use-after-free vulnerability introduced in glibc upstream version 2.14 was found in the way the tilde expansion was carried out. Directory paths co |
CVE-2020-10029 |
The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double func |
|
About
-
Send Feedback to @ubuntu_updates