[ubuntu/focal-security] glibc 2.31-0ubuntu9.14 (Accepted)

Camila Camargo de Matos camila.camargodematos at canonical.com
Thu Dec 7 15:48:22 UTC 2023 

glibc (2.31-0ubuntu9.14) focal-security; urgency=medium

  * SECURITY UPDATE: use-after-free through getcanonname_r plugin call
    - debian/patches/any/CVE-2023-4806.patch: copy h_name over and free it at
      the end (getaddrinfo).
    - CVE-2023-4806
  * SECURITY UPDATE: use-after-free in gaih_inet function
    - debian/patches/any/CVE-2023-4813.patch: simplify allocations and fix
      merge and continue actions.
    - CVE-2023-4813
  * debian/testsuite-xfail-debian.mk: add tst-nss-gai-actions and
    tst-nss-gai-hv2-canonname to xfails (container tests).

glibc (2.31-0ubuntu9.12) focal; urgency=medium

  * Drop SVE memcpy implementation due to kernel-related performance
    regression

glibc (2.31-0ubuntu9.11) focal; urgency=medium

  * Drop memcmp arm64 SIMD optimization patch due to performance regression
    on Raspberry Pi 3+ and 4

glibc (2.31-0ubuntu9.10) focal; urgency=medium

  [ Andrei Gherzan ]
  * d/p/lp1910312: Backport upstream fix for SEM_STAT_ANY (LP: #1910312)

  [ Simon Chopin ]
  * d/p/lp1999551/*: backport mem{cmp,cpy} optimizations for arm64 (LP: #1999551)
  * d/p/lp2001932/*: fix segfault in AVX2 strncmp (LP: #2001932)
  * d/p/lp2001975/*: fix overflow in AVX2 wcsncmp (LP: #2001975)

glibc (2.31-0ubuntu9.9) focal; urgency=medium

  * Disable testsuite on riscv64. It is failing maths tests intermittently in
    ways that cannot be a glibc regression and is disabled in later series
    anyway.

glibc (2.31-0ubuntu9.8) focal; urgency=medium

  * Update for 20.04. (LP: #1951033)

  [ Balint Reczey ]
  * Cherry-pick upstream patch to fix building with -moutline-atomics
  * Prevent rare deadlock in pthread_cond_signal (LP: #1899800)

  [ Matthias Klose ]
  * Revert: Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
    Enables debugging ld.so related issues. (LP: #1918035)
  * Don't strip ld.so on armhf. (LP: #1927192)

  [ Gunnar Hjalmarsson ]
  * d/local/usr_sbin/update-locale: improve sanity checks. (LP: #1892825)

  [ Heitor Alves de Siqueira ]
  * d/p/u/git-lp1928508-reversing-calculation-of-__x86_shared_non_temporal.patch:
    - Fix memcpy() performance regression on x86 AMD systems (LP: #1928508)

  [ Aurelien Jarno ]
  * debian/debhelper.in/libc.preinst: drop the check for kernel release
    > 255 now that glibc and preinstall script are fixed. (LP: #1962225)

  [ Michael Hudson-Doyle ]
  * libc6 on arm64 is now built with -moutline-atomics so libc6-lse can now be
    an empty package that is safe to remove. (LP: #1912652)
  * d/patches/u/aarch64-memcpy-improvements.patch: Backport memcpy
    improvements. (LP: #1951032)
  * Add test-float64x-yn to xfails on riscv64.

Date: 2023-12-04 16:43:10.169993+00:00
Changed-By: Camila Camargo de Matos <camila.camargodematos at canonical.com>
https://launchpad.net/ubuntu/+source/glibc/2.31-0ubuntu9.14
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list