-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 05 Mar 2015 20:09:21 +0000 Source: eglibc Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-sparcv9b libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb Architecture: all source Version: 2.11.3-4+deb6u5 Distribution: squeeze-lts Urgency: medium Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org> Changed-By: Ben Hutchings <ben@decadent.org.uk> Description: eglibc-source - Embedded GNU C Library: sources glibc-doc - Embedded GNU C Library: Documentation libc0.1-dbg - Embedded GNU C Library: detached debugging symbols libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for AMD64 libc0.1 - Embedded GNU C Library: Shared libraries libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64 libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc0.1-pic - Embedded GNU C Library: PIC archive library libc0.1-prof - Embedded GNU C Library: Profiling Libraries libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc0.3-dbg - Embedded GNU C Library: detached debugging symbols libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files libc0.3 - Embedded GNU C Library: Shared libraries libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc0.3-pic - Embedded GNU C Library: PIC archive library libc0.3-prof - Embedded GNU C Library: Profiling Libraries libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version] libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized) libc6.1-dbg - Embedded GNU C Library: detached debugging symbols libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files libc6.1 - Embedded GNU C Library: Shared libraries libc6.1-pic - Embedded GNU C Library: PIC archive library libc6.1-prof - Embedded GNU C Library: Profiling Libraries libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64 libc6-dbg - Embedded GNU C Library: detached debugging symbols libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64 libc6-dev - Embedded GNU C Library: Development Libraries and Header Files libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64 libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for MIPS64 libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for MIPS64 libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development libraries for p libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for PowerPC64 libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM zSeri libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for UltraSPAR libc6 - Embedded GNU C Library: Shared libraries libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64 libc6-i686 - Embedded GNU C Library: Shared libraries [i686 optimized] libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64 libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64 libc6-pic - Embedded GNU C Library: PIC archive library libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for ppc64 libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64 libc6-prof - Embedded GNU C Library: Profiling Libraries libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC libc6-sparcv9b - Embedded GNU C Library: Shared libraries [v9b optimized] libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb) libc6-xen - Embedded GNU C Library: Shared libraries [Xen version] libc-bin - Embedded GNU C Library: Binaries libc-dev-bin - Embedded GNU C Library: Development binaries libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb) libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb) locales-all - Embedded GNU C Library: Precompiled locale data locales - Embedded GNU C Library: National Language (locale) data [support] nscd - Embedded GNU C Library: Name Service Cache Daemon Changes: eglibc (2.11.3-4+deb6u5) squeeze-lts; urgency=medium . * Non-maintainer upload by the Squeeze LTS team * debian/patches/any/cvs-vfprintf-many-format-strings.diff: patch from upstream to fix a FORTIFY_SOURCE format string protection bypass (CVE-2012-3405) * debian/patches/any/cvs-strtod-overflow.diff: patch from upstream to fix an integer/buffer overflow in strtod() (CVE-2012-3480) * debian/patches/any/cvs-CVE-2012-44xx.diff: backport overflow fixes in strcoll (CVE-2012-4412, CVE-2012-4424) * debian/patches/any/cvs-CVE-2013-0242.diff: backport buffer overrun fix in regexp matcher (CVE-2013-0242) * debian/patches/any/cvs-CVE-2013-1914.diff: backport stack overflow fixes in getaddrinfo() (CVE-2013-1914) * debian/patches/any/cvs-CVE-2013-4237.diff: backport buffer overwrite fix in readdir_r for file systems returning file names longer than NAME_MAX characters (CVE-2013-4237) * debian/patches/any/cvs-CVE-2013-4332.diff: backport integer overflow fixes in pvalloc, valloc, posix_memalign, memalign and aligned_alloc functions (CVE-2013-4332) * debian/patches/any/cvs-CVE-2013-4458.diff: backport stack (frame) overflow fixes in getaddrinfo() when called with AF_INET6 (CVE-2013-4458) * debian/patches/any/cvs-CVE-2013-4788.diff: backport patch to fix PTR_MANGLE ineffectivity for statically linked binaries (CVE-2013-4788). *** Note that static binaries need to be recompiled to take advantage of the fix *** * debian/patches/any/cvs-resolv-reuse-fd.diff: upstream patch to fix invalid file descriptor reuse while sending DNS query (CVE-2013-7423) * debian/patches/any/cvs-CVE-2013-4357.diff: upstream patch to fix stack overflow issues (CVE-2013-4357) * debian/patches/any/cvs-vfscanf.diff: upstream patch to fix segfault in sscanf for large decimal input string * debian/patches/any/cvs-wscanf.diff: upstream patch to fix a heap buffer overflow in wscanf (CVE-2015-1472, CVE-2015-1473) * debian/patches/any/cvs-vfprintf.diff: upstream patch to fix a stack overflow in vfprintf (CVE-2012-3406) * debian/patches/any/cvs-posix_spawn_file_actions_addopen.diff: upstream patch to fix a vulnerability in posix_spawn_file_actions_addopen (CVE-2014-4043) * debian/patches/any/cvs-getaddrinfo-idn.diff: upstream patch to fix an invalid-free when using getaddrinfo with IDN (CVE-2013-7424) * debian/patches/all/cvs-increase-nptl-test-case-buffer-size.patch: Increase nptl test case buffer size so we really block on current Linux kernels Checksums-Sha1: cce96f6a9f1078eee66b621cfaab1259e1c07fd4 3260 eglibc_2.11.3-4+deb6u5.dsc cd7fba09dbc65c203910f1646a572de7c3c51e34 979886 eglibc_2.11.3-4+deb6u5.diff.gz c282c630632980a739178fe36c3029079ceae7ea 1853792 glibc-doc_2.11.3-4+deb6u5_all.deb 3551f4881044b32d2c254e6b8f8805f427fb5155 11285198 eglibc-source_2.11.3-4+deb6u5_all.deb 0b12a984b625e079fc02e591295b606e4acd3736 4755022 locales_2.11.3-4+deb6u5_all.deb Checksums-Sha256: 7b7cd9af89a47fb16c9b0d0d40a67adad63d1a4a184426c0536172dfb357442c 3260 eglibc_2.11.3-4+deb6u5.dsc 9e856dbde6fca04649c385a0b3d591df6fb6e9452cc3c57bb4ec72281cfcd56d 979886 eglibc_2.11.3-4+deb6u5.diff.gz 54c804814ead03216be8333854e33878814cfb0ca25fb5273b01bfed341bdeff 1853792 glibc-doc_2.11.3-4+deb6u5_all.deb 6b4a6004b17417a3eea55df275dab85bf47d5516a95c75a1eed639a0491ddd78 11285198 eglibc-source_2.11.3-4+deb6u5_all.deb f1d031a5872e3d1586b4fb9b5e4968382685a54fc996ba85859f3ded1295285b 4755022 locales_2.11.3-4+deb6u5_all.deb Files: a09b96a63baab59ccb8f7e1984453b80 3260 libs required eglibc_2.11.3-4+deb6u5.dsc 07718bce4aacb0066db4afeaa1a1c3f7 979886 libs required eglibc_2.11.3-4+deb6u5.diff.gz 436e3c67ef1ab940cb77ce6067b3266c 1853792 doc optional glibc-doc_2.11.3-4+deb6u5_all.deb b698803623373d1bcd8a5843e0bd776a 11285198 devel optional eglibc-source_2.11.3-4+deb6u5_all.deb 98d9b2f215e1b423caed06e9aadae158 4755022 localization standard locales_2.11.3-4+deb6u5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBVPkXeOe/yOyVhhEJAQqMCBAAy5HUdB+tarSTaC1jzkipBLI1D9IGTuIU Dpp3DYD1zhv4Z5ZK2BfPm3T9bvCCksJuNhpVBvGigrziFSKB1Us+zdVvpF5dMUu7 A8KHVZwQNv+3LvE1tK5eOPNT9P3eMGjeCEOwlZPOfAPYnSDazECCBkvpn/kl0cco RBTEbpL3KmUYvHhK4z6Dl9jFEUY+ak/eb+/mUrNs8/OF8my70MiCgSuj32ZjYBVI 63bYVmcMxCYcgBmVpusD86h2rGR4yni3Js8AQ/QYOWqsecqpdzhvbXcjmeBrBShU 0D9qoGeFGM0Mco0GdfegJLC07fR8caITtXp4oVq65/8z3k9q8n5O0pSGw+zMcuQ0 z+IMB6ilHsQJh2o8Vs1/iTstM03kDpX9b8BA0x4NwKDhM+TvEEl9bDgMwaN0CYmy Ud1M0zrnJn30+U+g9DLxFHCWvhC8Fvm1s1tfWd5dt0Q2o6Xc9ft0QQnmQ3Hv+2S3 Hi4AWtAGEVEJF33LW4XrFbOCeV4NTizvDNNt7jXLyNHKDLJlrkmffcf1EcTksU/5 s/okgSH1ZJrSXIGLUvjEfhWHiEsprpKl1VAhy1i/JOXmdcMmnr0zdi3JfJQBTqen WrmWWaR5aZPgiocQmHfME504O/0HEYae3mTFBudhuysIR/DnC/tEyZbPSos/e01Q Kc8RWQd1BGU= =/3KI -----END PGP SIGNATURE-----