[Bug 1851263] Re: Ubuntu 18.04.3 LTS bump Glibc 2.27 to the latest stable

Florian Weimer fw at deneb.enyo.de
Wed Nov 6 19:13:23 UTC 2019 

I think what Romain is asking is to rebase along release/2.27/master,
and not a different upstream version. If you don't do that, you have to
evaluate each upstream commit individually for backporting.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to glibc in Ubuntu.
https://bugs.launchpad.net/bugs/1851263

Title:
  Ubuntu 18.04.3 LTS bump Glibc 2.27 to the latest stable

Status in glibc package in Ubuntu:
  New

Bug description:
  Hi,

  I updated from ubuntu 14.04 to 18.04 and installed a custom (old)
  application.

  When starting the application it stop immediately with this error message:
  "glibc detected an invalid stdio handle"

  This error message was added by commit [1] "libio: Implement vtable
  verification [BZ #20191]" to fix a security issue [2].

  I tested with several Linux distribution (so different libc version)
  and the application is working fine with Fedora 30 (Glibc 2.29).

  There is an interesting patch [3] from Glibc 2.28 which was backported
  to Glibc 2.27 [4] "libio: Disable vtable validation in case of
  interposition [BZ #23313]"

  But Ubuntu 18.04 is still using an old Glibc 2.27 version (from 02-2018).
  Here is the Glibc version used in 18.04:
  $ dpkg -s libc6
  [...]
  Version: 2.27-3ubuntu1

  Looking at the changelog, ubuntu updated Glibc 2.27 the 16 Apr 2018
  but there is a lot of fix from upstream Glibc 2.27 stable branch. The
  one I'm looking for was merged the 07-2018.

  It would be great if Ubuntu 18.04 can update Glibc to the latest
  stable version.

  Best regards,
  Romain

  [1] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=db3476aff19b75c4fdefbe65fcd5f0a90588ba51
  [2] https://dhavalkapil.com/blogs/FILE-Structure-Exploitation
  [3] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c402355dfa7807b8e0adb27c009135a7e2b9f1b0
  [4] https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=3bb748257405e94e13de76573a4e9da1cfd961d0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1851263/+subscriptions

More information about the foundations-bugs mailing list