klibc (2.0.10-4ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: improper pointer arithmetic
- debian/patches/CVE-2016-9840.patch: remove offset pointer optimization
in usr/klibc/zlib/inftrees.c.
- CVE-2016-9840
* SECURITY UPDATE: improper pointer arithmetic
- debian/patches/CVE-2016-9841.patch: remove offset pointer optimization
in usr/klibc/zlib/inffast.c.
- CVE-2016-9841
* SECURITY UPDATE: memory corruption during compression
- debian/patches/CVE-2018-25032.patch: addresses a bug that can crash
deflate on rare inputs when using Z_FIXED.
- CVE-2018-25032
* SECURITY UPDATE: heap-based buffer over-read
- debian/patches/CVE-2022-37434-1.patch: adds an extra condition to check
if state->head->extra_max is greater than len before copying, and moves
the len assignment to be placed before the check in
usr/klibc/zlib/inflate.c.
- debian/patches/CVE-2022-37434-2.patch: in the previous patch, the
placement of the len assignment was causing issues so it was moved
within the conditional check.
- CVE-2022-37434
-- Ian Constantin <ian.constantin@canonical.com> Sat, 13 Apr 2024 12:34:04 +0300
klibc (2.0.10-4) unstable; urgency=medium
* d/control, d/rules: Remove ccache from $PATH instead of Build-Conflicting
* d/salsa-ci.yml: Add CI configuration for salsa.debian.org
* d/tests: Add klcc smoke test
* Fix header installation from out-of-tree build (Closes: #1004465)
-- Ben Hutchings <benh@debian.org> Mon, 31 Jan 2022 00:28:16 +0100
klibc (2.0.10-3) unstable; urgency=medium
* ia64: Fix out-of-tree build
-- Ben Hutchings <benh@debian.org> Sat, 01 Jan 2022 16:55:44 +0100
klibc (2.0.10-2) unstable; urgency=medium
* Use KCFLAGS to pass options to Kbuild, rather than CFLAGS and LDFLAGS
(fixes FTBFS on several architectures)
-- Ben Hutchings <benh@debian.org> Fri, 31 Dec 2021 15:05:03 +0100
klibc (2.0.10-1) unstable; urgency=medium
* New upstream version:
- Build fixes for Clang (Closes: #787063):
- Kbuild: Fix include path for Clang builds
- sparc64: Remove redundant/unsupported compiler option -mptr64
- s390: mmap: Change inline assembly to work with Clang
* debian/rules: Pass through $(CC), $(CC_FOR_BUILD), and $(LD) to ease
building with alternate toolchain
* debian/rules: Build under debian/build
* debian/rules: Put test output under debian/build
* Fix warnings from dh_missing:
- debian/not-installed: Note duplicate klibc-<hash>.so as not installed
- debian/libklibc-dev.manpages: Install klcc.1 from debian/tmp
* debian/*.{install,manpages}: Delete redundant debian/tmp/ prefixes
* libklibc-dev: Add generated perl dependency for klcc
* debian/*.lintian-overrides: Delete obsolete overrides
* debian/libklibc.lintian-overrides: Override
arch-dependent-file-not-in-arch-specific-directory
* Kbuild: Use provided CFLAGS, LDFLAGS
* debian/rules: Use -f{debug,macro}-prefix-map to keep build dir out of
binaries
-- Ben Hutchings <benh@debian.org> Thu, 30 Dec 2021 21:54:47 +0100
klibc (2.0.9-1) unstable; urgency=medium
* New upstream version
* armhf: Update compiler options for gcc 11 (Closes: #996906)
* sig{set,long}jmp: do not ignore sigsetjmp's second argument
(Closes: #988027)
* Fix implementation of utimes
-- Ben Hutchings <benh@debian.org> Mon, 27 Dec 2021 00:17:05 +0100
klibc (2.0.8-6.1) unstable; urgency=medium
* Non-maintainer upload.
* {set,long}jmp [s390x]: save/restore the correct FPU registers
(f8‥f15 not f1/f3/f5/f7) (Closes: #943425)
-- Thorsten Glaser <tg@mirbsd.de> Thu, 27 May 2021 00:12:10 +0200
klibc (2.0.8-6) unstable; urgency=medium
* Upload to unstable
* malloc: Set errno on failure
* malloc: Fail if requested size > PTRDIFF_MAX (CVE-2021-31873)
* calloc: Fail if multiplication overflows (CVE-2021-31870)
* cpio: Fix possible integer overflow on 32-bit systems (CVE-2021-31872)
* cpio: Fix possible crash on 64-bit systems (CVE-2021-31871)
-- Ben Hutchings <benh@debian.org> Fri, 30 Apr 2021 03:05:23 +0200
klibc (2.0.8-5) experimental; urgency=medium
* alpha: Fix definitions of _NSIG and struct sigaction
* ia64: Fix definition of struct sigaction
-- Ben Hutchings <benh@debian.org> Fri, 28 Aug 2020 17:41:47 +0100
klibc (2.0.8-4) experimental; urgency=medium
* signal: Note another reason to define _KLIBC_NEEDS_SA_RESTORER
* signal: Add sysconfig setting to force SA_SIGINFO on
* s390: Force SA_SIGINFO on and use rt_sigreturn
* alpha: Force SA_SIGINFO on
* sparc: Force SA_SIGINFO on
-- Ben Hutchings <benh@debian.org> Tue, 25 Aug 2020 01:49:14 +0100
# For older changelog entries, run 'apt-get changelog libklibc'
Generated by dwww version 1.14 on Sat Feb 1 04:38:27 CET 2025.