registry team mailing list archive
-
registry team
-
Mailing list archive
-
Message #31524
[Bug 615953] Re: busybox sed core dump
This bug was fixed in the package eglibc - 2.12.1-0ubuntu11
---------------
eglibc (2.12.1-0ubuntu11) natty; urgency=low
* Update to the eglibc 2.12 branch (r12365).
- Fix alignment of AVX safe area on x86_64, issue #12113. LP: #662511.
- Fix issue #12159, x86-64 strchr propagation of search byte into all bytes
of SSE register. (LP: #615953)
- any/cvs-audit-suid.diff, any/cvs-getlogin_r-error-handling-1.patch,
any/cvs-getlogin_r-error-handling-2.patch, any/cvs-issue12092.diff,
any/cvs-getlogin_r-error-handling-3.patch, any/cvs-issue12113.diff,
any/cvs-issue11968.diff: Remove, merged upstream.
- any/cvs-dst-expansion-fix.diff, any/submitted-etc-resolv.conf.diff,
locale/locale-print-LANGUAGE.diff: Updated.
* Sort changelog entries with bzr-builddeb's merge_changelog to help merging
with Debian; update Debian changelog entries to their latest version, and
drop Debian changelog entries which aren't in the unstable changelog; this
keeps the diff between Debian unstable's changelog and Ubuntu's changelog
minimal (only Ubuntu entries) and makes it easier to review new Debian
changes.
* Copy binutils [mips mipsel] build-dep to minimize delta with Debian's
build-deps.
* Drop Vcs-Bzr; this package is now maintained in lp:ubuntu/eglibc.
* Drop version in texinfo build-dep; this is satisfied even in dapper.
* Move belocs-locales-bin conflicts around to lower the diff with Debian's
control.
* Copy Debian's libc6-dev-i386 Conflicts with libc6-i386 (<= 2.9-18) for
some older upgrades; this seems to apply to Ubuntu as well, and reduces
the delta with Debian just a bit. libc6-dev-i386 is not a commonly
installed package, and this is satisfied in lucid and later anyway, so it
shouldn't make upgrades harder, except if people use backports.
* Drop debian/control.in/libc0.1, libc0.3, libc6, and libc6.1 (these are
automatically generated) after confirming that generating them results in
the same data.
* Drop debian/debhelper.in/glibc-doc.docs; ChangeLog* is already listed in
debian/debhelper.in/glibc-doc.install.
* Drop debian/debhelper.in/libc-alt-dev.postinst as it only helps powerpc
upgrades from dapper versions which aren't supported on powerpc anymore.
* debian/debhelper.in/libc.postinst: drop inconsistent quotes around 2.12.
* debian/local/manpages/gencat.1, iconvconfig.8, mtrace.1: revert differing
RCS timestamps.
* debian/patches/series: drop reference to changelog version with respect to
local-ipv6-lookup.diff as the reference is bogus.
* Drop debian/patches/alpha/submitted-getsysstats.diff,
submitted-includes.diff, submitted-lowlevellock.diff,
submitted-procfs_h.diff; these should have been dropped in earlier merges
as they are not applied anymore and were dropped from Debian.
* Drop commented-out hppa/* lines from patches/series to be consistent with
how other arches were handled.
* debian/sysdeps/amd64.mk: symlink ld-linux with the same rune as Debian.
* Drop changes to debian/sysdeps/hurd.mk; Ubuntu doesn't build for Hurd.
* Remove debian/wrapper/objcopy; was dropped in Debian already.
* Add debian/ubuntu-changes trying to document all Debian -> Ubuntu
changes, albeit some remain obscure.
* Merge Debian 2.11.2-3.
- Drop new sparc/hurd/kfreebsd etc. patches from series.
- Replace any/submitted-etc-resolv.conf.diff by upstream version
patches/any/cvs-etc-resolv.conf.diff.
- Remaining changes are listed in debian/ubuntu-changes.
- Prefix "Embedded" to binary packages' short descriptions;
Debian #587586.
- debian/control.in/libc: conflicts with prelink (<< 0.0.20090925) as
earlier versions corrupts libc 2.11+ libraries; Debian #593966.
- Look for apache2.2-common instead of apache2-common in nsscheck;
Debian #586527.
- Always try to restart init when needed, and ignore the possible errors;
Debian #588922, #590175.
- Add localedata/locale-tt_RU.diff from upstream to fix the name of the
tt_RU.UTF-8@iqtelif locale; Debian #588478.
- Update Galician debconf translation, by Jorge Barreiro; Debian #592807.
* debian/control.in/opt, debian/control: Use ${binary:Version} instead of
${Source-Version} for sparc flavors.
* Merge Debian 2.11.2-4.
- Drop new patches/hurd-i386/submitted-sched_param.diff from series.
- Remove manpages now provided by manpages-dev; Debian #595194);
LP: #669361.
* Merge Debian 2.11.2-5.
- Replace any/cvs-etc-resolv.conf.diff with previous version
any/submitted-etc-resolv.conf.diff; Debian #595269.
- Update any/cvs-sunrpc-license.diff from upstream.
* Merge Debian 2.11.2-6.
- Update Arabic debconf translation, by Ossama Khayat; Debian #596161.
- update-locale: if LANGUAGE is not compatible with the selected default
locale, emit a warning and disable it instead of failing;
Debian #596695.
- Add armhf support; Debian #596804.
- any/submitted-resolv.conf-thread.diff: new patch to correctly reload
resolv.conf for all threads; Debian #596499.
* Merge Debian 2.11.2-7.
- Update Portuguese debconf translation, by Pedro Ribeiro; Debian #597348.
- Don't add any/submitted-origin.diff as we have
any/dst-expansion-fix.diff already.
- Add any/cvs-audit-suid.diff to only load SUID audit objects in SUID
binaries. Fix CVE-2010-3847. Debian #600667.
- Update Catalan debconf translation, by Jordi Mallach; Debian #601085.
- Update Vietnamese debconf translation, by Clytie Siddall;
Debian #601531.
- Add arm/local-sigaction.diff to match sigaction with SA_RESTORER
behaviour with other architectures; Debian #595403.
[ Matthias Klose ]
* any/cvs-at-pagesize.diff: Don't assume AT_PAGESIZE is always available.
LP: #672352.
* Remove po/header.pot file. LP: #670678.
* On ARM, use the atomic builtins provided by GCC (Ken Werner). LP: #643171.
* Build using GCC-4.5.
[ Kees Cook ]
* Rearrange recent security patches:
- disable-ld_audit.diff:
- should live in patches/ubuntu for now.
- updated comments to include CVE-2010-3856.
- any/dst-expansion-fix.diff renamed to any/cvs-dst-expansion-fix.diff.
- series updated to move upstream fixes out of Ubuntu-specific section.
-- Matthias Klose <doko@xxxxxxxxxx> Tue, 21 Dec 2010 20:35:36 +0100
** Changed in: eglibc (Ubuntu)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3847
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3856
--
You received this bug notification because you are a member of Registry
Administrators, which is the registrant for Fedora.
https://bugs.launchpad.net/bugs/615953
Title:
busybox sed core dump