Package "locales"

  glibc (2.35-0ubuntu3.7) jammy-security; urgency=medium

  * SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT
    - debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes when
      writing escape sequence in iconvdata/Makefile,
      iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c.
    - CVE-2024-2961

 -- Marc Deslauriers <email address hidden> Tue, 16 Apr 2024 09:40:36 -0400

  glibc (2.35-0ubuntu3.6) jammy-security; urgency=medium

  * SECURITY REGRESSION: incorrect processing of address family with nscd
    (LP: #2047155)
    - debian/patches/lp2047155/lp2047155-refactor-bits-for-readability.patch:
      split out line processing for 'label', 'precedence' and 'scopev4' into
      separate functions (gaiconf_inet).
    - debian/patches/lp2047155/lp2047155-avoid-if-to-else-jump.patch: clean up
      another antipattern where code flows from an if condition to its else
      counterpart with a goto (gai_init).
    - debian/patches/lp2047155/lp2047155-refactor-code-for-readability.patch:
      refactor the code and make it easier to follow by removing the confusing
      close_retry goto jump (getaddrinfo).
    - debian/patches/lp2047155/
      lp2047155-get-nscd-addresses-fix-subscript-typos.patch: fix the
      subscript on air->family, which was accidentally set to 'count' when it
      should have remained as 'i' (get_nscd_addresses).
    - CVE-2023-4806

 -- Camila Camargo de Matos <email address hidden> Tue, 02 Jan 2024 10:22:42 -0300

  glibc (2.35-0ubuntu3.5) jammy-security; urgency=medium

  * SECURITY UPDATE: use-after-free through getcanonname_r plugin call
    - debian/patches/any/CVE-2023-4806-pre1.patch: sort tests and
      tests-container and put one test per line (nss).
    - debian/patches/any/CVE-2023-4806-pre2.patch: simplify canon name
      resolution (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre3.patch: fix leak with AI_ALL
      (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre4.patch: simplify service resolution
      (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre5.patch: make numeric lookup a
      separate routine (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre6.patch: split simple gethostbyname
      into its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre7.patch: split nscd lookup code into
      its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre8.patch: separate nss lookup loop
      into its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre9.patch: make gethosts into a
      function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre10.patch: split loopback lookup into
      its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre11.patch: split result generation
      into its own function (gaih_inet).
    - debian/patches/any/CVE-2023-4806-pre12.patch: return EAI_MEMORY on
      allocation failure (gethosts).
    - debian/patches/any/CVE-2023-4806.patch: copy h_name over and free it at
      the end (getaddrinfo).
    - CVE-2023-4806
  * SECURITY UPDATE: use-after-free in gaih_inet function
    - debian/patches/any/CVE-2023-4813.patch: simplify allocations and fix
      merge and continue actions.
    - CVE-2023-4813
  * SECURITY UPDATE: memory leak in getaddrinfo
    - debian/patches/any/CVE-2023-5156.patch: fix leak in getaddrinfo
      introduced by the fix for CVE-2023-4806.
    - CVE-2023-5156

 -- Camila Camargo de Matos <email address hidden> Wed, 22 Nov 2023 10:18:45 -0300

  glibc (2.35-0ubuntu3.4) jammy-security; urgency=medium

  * SECURITY UPDATE: privilege escalation in ld.so
    - debian/patches/any/CVE-2023-4911.patch: terminate immediately if end
      of input is reached in elf/dl-tunables.c.
    - CVE-2023-4911

 -- Marc Deslauriers <email address hidden> Mon, 25 Sep 2023 10:45:50 -0400