Исходное сообщение
"Выпуск Debian 8.8" Отправлено Аноним, 13-Май-17 13:33
> Вот хоть-бы раз glibc обновляли за восемь обновлений! glibc (2.19-18+deb8u9) stable; urgency=medium   * Remove patches/any/cvs-resolv-internal-qtype.diff, it breaks the     libnss/libnss-dns ABI.  Reopens: #796106. -- Aurelien Jarno <aurel32@debian.org>  Thu, 27 Apr 2017 23:00:02 +0200 glibc (2.19-18+deb8u8) stable; urgency=medium   [ Aurelien Jarno ]   * Update from upstream stable branch:     - Fix PowerPC sqrt inaccuracy.  Closes: #855606.   * patches/any/cvs-resolv-internal-qtype.diff: patch from upstream to fix a     NULL pointer dereference in libresolv when receiving a T_UNSPEC internal     QTYPE (CVE-2015-5180).  Closes: #796106. -- Aurelien Jarno <aurel32@debian.org>  Mon, 24 Apr 2017 06:41:38 +0200 glibc (2.19-18+deb8u7) stable; urgency=medium   [ Aurelien Jarno ]   * Update from upstream stable branch:     - Do not unconditionally use the fsqrt instruction on 64-bit PowerPC       CPUs.  Closes: #843904.   * debian/patches/any/cvs-hesiod-resolver.diff: patch from upstream to     fix a regression introduced by cvs-resolv-ipv6-nameservers.diff in     hesiod.  Closes: #821358.   * debian/sysdeps/{amd64,i386,x32}.mk: disable lock elision (aka Intel TSX)     on x86 architectures. This causes programs (wrongly) unlocking an already     unlocked mutex to abort. More importantly most of the other distributions     decided to disable it, so we don't want to be the only distribution left     testing this code path. -- Aurelien Jarno <aurel32@debian.org>  Thu, 24 Nov 2016 23:48:11 +0100 glibc (2.19-18+deb8u6) stable; urgency=medium   * Update from upstream stable branch:     - Fix backtrace hang on armel/armhf, possibly causing a minor       denial-of-service vulnerability (CVE-2016-6323).  Closes: #834752.     - Fix open and openat functions with O_TMPFILE.  Closes: #832521.     - Drop debian/patches/any/cvs-ld_pointer_guard.diff (merged upstream).     - Drop debian/patches/any/cvs-mangle-tls_dtor_list.diff (merged upstream).     - Drop debian/patches/any/cvs-strxfrm-buffer-overflows.diff (merged       upstream).   * debian/patches/any/submitted-resolv-ipv6-nameservers.diff: replace by     patch cvs-resolv-ipv6-nameservers.diff taken from upstream. This fixes     mtr on systems using only IPv6 nameservers.  Closes: #818281. -- Aurelien Jarno <aurel32@debian.org>  Sat, 03 Sep 2016 22:39:43 +0200 glibc (2.19-18+deb8u5) stable; urgency=medium   [ Aurelien Jarno ]   * Update from upstream stable branch:     - Drop debian/patches/any/local-CVE-2015-7547.diff.     - Refresh debian/patches/any/cvs-resolv-first-query-failure.diff.     - Fix assertion failure with unconnectable name server addresses.       (regression introduced by CVE-2015-7547).  Closes: #816669.     - Fix *context functions on s390x.     - Fix a buffer overflow in the glob function (CVE-2016-1234).     - Fix a stack overflow in nss_dns_getnetbyname_r (CVE-2016-3075).     - Fix a stack overflow in getaddrinfo function (CVE-2016-3706).     - Fix a stack overflow in Sun RPC clntudp_call() (CVE-2016-4429). -- Aurelien Jarno <aurel32@debian.org>  Wed, 13 Jul 2016 00:03:52 +0200 glibc (2.19-18+deb8u4) stable; urgency=medium   [ Aurelien Jarno ]   * Update from upstream stable branch:       - Fixes bug18240 failing with a timeout on machines with a lot of swap.   * patches/any/cvs-grantpt-pty-owner.diff: new patch from upstream to     improve granpt when /dev/pts is not mounted with the correct options.   * rules.d/debhelper.mk: only install pt_chown when built.   * sysdeps/linux.mk: don't build pt_chown (CVE-2013-2207). Closes: #717544. -- Aurelien Jarno <aurel32@debian.org>  Sat, 27 Feb 2016 23:17:33 +0100 glibc (2.19-18+deb8u3) stable-security; urgency=medium   [ Aurelien Jarno ]   * Update from upstream stable branch:     - Fix segmentation fault caused by passing out-of-range data to strftime()       (CVE-2015-8776).  Closes: #812445.     - Fix an integer overflow in hcreate() and hcreate_r() (CVE-2015-8778).       Closes: #812441.     - Fix multiple unbounded stack allocations in catopen() (CVE-2015-8779).       Closes: #812455.   * patches/any/local-CVE-2015-7547.diff: new patch to fix glibc getaddrinfo     stack-based buffer overflow (CVE-2015-7547). -- Aurelien Jarno <aurel32@debian.org>  Thu, 11 Feb 2016 23:31:28 +0100 glibc (2.19-18+deb8u2) stable; urgency=medium   [ Aurelien Jarno ]   * Update from upstream stable branch:     - Fix getaddrinfo sometimes returning uninitialized data with nscd.       Closes: #798515.     - Fix data corruption while reading the NSS files database       (CVE-2015-5277).  Closes: #799966.     - Fix buffer overflow (read past end of buffer) in internal_fnmatch.     - Fix  _IO_wstr_overflow integer overflow.     - Fix unexpected closing of nss_files databases after lookups,       causing denial of service (CVE-2014-8121).  Closes: #779587.     - Fix NSCD netgroup cache.  Closes: #800523.   * patches/any/cvs-ld_pointer_guard.diff: new patch from upstream to     unconditionally disable LD_POINTER_GUARD.  Closes: #798316, #801691.   * patches/any/cvs-mangle-tls_dtor_list.diff: new patch from upstream to     mangle function pointers in tls_dtor_list.  Closes: #802256.   * patches/any/cvs-strxfrm-buffer-overflows.diff: new patch from upstream     to fix memory allocations issues that can lead to buffer overflows on     the stack.  Closes: #803927.   [ Henrique de Moraes Holschuh ]   * Replace patches/amd64/local-blacklist-on-TSX-Haswell.diff by     local-blacklist-for-Intel-TSX.diff also blacklisting some Broadwell     models.  Closes: #800574. -- Aurelien Jarno <aurel32@debian.org>  Mon, 28 Dec 2015 21:39:40 +0100 glibc (2.19-18+deb8u1) stable; urgency=medium   [ Aurelien Jarno ]   * Update from upstream stable branch:     - Fix pthread_mutex_trylock with lock elision.  Closes: #759197,       #788999.     - Fix gprof entry point on ppc64el.  Closes: #794222.     - Fix a buffer overflow in getanswer_r (CVE-2015-1781).       Closes: #796105. -- Aurelien Jarno <aurel32@debian.org>  Sat, 29 Aug 2015 10:56:31 +0200