Accepted eglibc 2.11.3-4+deb6u2 (source all amd64) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 23 Nov 2014 19:03:02 +0100
Source: eglibc
Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-sparcv9b libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb
Architecture: source all amd64
Version: 2.11.3-4+deb6u2
Distribution: squeeze-lts
Urgency: medium
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
eglibc-source - Embedded GNU C Library: sources
glibc-doc - Embedded GNU C Library: Documentation
libc-bin - Embedded GNU C Library: Binaries
libc-dev-bin - Embedded GNU C Library: Development binaries
libc0.1 - Embedded GNU C Library: Shared libraries
libc0.1-dbg - Embedded GNU C Library: detached debugging symbols
libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files
libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for AMD64
libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64
libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc0.1-pic - Embedded GNU C Library: PIC archive library
libc0.1-prof - Embedded GNU C Library: Profiling Libraries
libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc0.3 - Embedded GNU C Library: Shared libraries
libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files
libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc0.3-pic - Embedded GNU C Library: PIC archive library
libc0.3-prof - Embedded GNU C Library: Profiling Libraries
libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version]
libc6 - Embedded GNU C Library: Shared libraries
libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64
libc6-dbg - Embedded GNU C Library: detached debugging symbols
libc6-dev - Embedded GNU C Library: Development Libraries and Header Files
libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64
libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64
libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for MIPS64
libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for MIPS64
libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development libraries for p
libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for PowerPC64
libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM zSeri
libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for UltraSPAR
libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64
libc6-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64
libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64
libc6-pic - Embedded GNU C Library: PIC archive library
libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for ppc64
libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64
libc6-prof - Embedded GNU C Library: Profiling Libraries
libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries
libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC
libc6-sparcv9b - Embedded GNU C Library: Shared libraries [v9b optimized]
libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc6-xen - Embedded GNU C Library: Shared libraries [Xen version]
libc6.1 - Embedded GNU C Library: Shared libraries
libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized)
libc6.1-dbg - Embedded GNU C Library: detached debugging symbols
libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files
libc6.1-pic - Embedded GNU C Library: PIC archive library
libc6.1-prof - Embedded GNU C Library: Profiling Libraries
libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb)
libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb)
locales - Embedded GNU C Library: National Language (locale) data [support]
locales-all - Embedded GNU C Library: Precompiled locale data
nscd - Embedded GNU C Library: Name Service Cache Daemon
Changes:
eglibc (2.11.3-4+deb6u2) squeeze-lts; urgency=medium
.
* Non-maintainer upload by the Squeeze LTS Team.
* CVE-2012-6656:
Fix validation check when converting from ibm930 to utf.
When converting IBM930 code with iconv(), if IBM930 code which
includes invalid multibyte character "0xffff" is specified, then
iconv() segfaults.
* CVE-2014-6040:
Crashes on invalid input in IBM gconv modules [BZ #17325]
These changes are based on the fix for BZ #14134 in commit
6e230d11837f3ae7b375ea69d7905f0d18eb79e5.
* CVE-2014-7817:
The function wordexp() fails to properly handle the WRDE_NOCMD
flag when processing arithmetic inputs in the form of "$((... ``))"
where "..." can be anything valid. The backticks in the arithmetic
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
command substitution. This allows an attacker to attempt to pass
dangerous commands via constructs of the above form, and bypass
the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
in exec_comm(), the only place that can execute a shell. All other
checks for WRDE_NOCMD are superfluous and removed.
Checksums-Sha1:
e3a65ffc9a6ac73bb2bbda968909e29c23729d6f 3398 eglibc_2.11.3-4+deb6u2.dsc
946ce1056c3b8a4f6cc908a6a7f8600dcc81216b 22677499 eglibc_2.11.3.orig.tar.gz
38f9032321cd4ba24132da4ebf5c225a342a0a5d 925660 eglibc_2.11.3-4+deb6u2.diff.gz
b9f00db441d457c8e29c23f381517742596a0541 1852740 glibc-doc_2.11.3-4+deb6u2_all.deb
2bd4f679783d80f941b6557ad0bd0592f94d0a6e 11052794 eglibc-source_2.11.3-4+deb6u2_all.deb
7fb4c1d1159e9522019c7772b0bf1d64335181f5 4756850 locales_2.11.3-4+deb6u2_all.deb
22178364d97349a132bf8da3ad705ca3c58db7bb 4267216 libc6_2.11.3-4+deb6u2_amd64.deb
e384f5bf1af6af06f8deb54aa3010dba13588471 2588748 libc6-dev_2.11.3-4+deb6u2_amd64.deb
e53376889838e4860a72613942e1fbea1ed1e50a 2036110 libc6-prof_2.11.3-4+deb6u2_amd64.deb
31599e95a032a610e15d15cef57d4b49f5dc630a 1548750 libc6-pic_2.11.3-4+deb6u2_amd64.deb
dfa2c9db3beeb856c87494b4cbe3c4c7258741c9 750600 libc-bin_2.11.3-4+deb6u2_amd64.deb
a4cf8b498e779a35dba64212cad6f026f48ff027 210970 libc-dev-bin_2.11.3-4+deb6u2_amd64.deb
95ca3df12b868b342f9768680a609dd0adf1cbbb 3686424 locales-all_2.11.3-4+deb6u2_amd64.deb
7e8c4af8108961aa2baf9f1dafada65608d0f076 3804390 libc6-i386_2.11.3-4+deb6u2_amd64.deb
b6b8652c71ca800df37a94eaf29e6ad434cb0d10 1527380 libc6-dev-i386_2.11.3-4+deb6u2_amd64.deb
85d28435be61e8bd7417d49979a804f1bfbd1de4 198972 nscd_2.11.3-4+deb6u2_amd64.deb
7b2b5a4a4cf48f97b9befde06c5e71cc20441a15 10387362 libc6-dbg_2.11.3-4+deb6u2_amd64.deb
300b229a1a85db5ab067b515b7a2592a25469dfa 1152118 libc6-udeb_2.11.3-4+deb6u2_amd64.udeb
85355f74333ef852a3818d9bbfdef48877a91a1b 11114 libnss-dns-udeb_2.11.3-4+deb6u2_amd64.udeb
ea6c0b4bfd5aeecefb792f05d121b0d12c0e9696 20146 libnss-files-udeb_2.11.3-4+deb6u2_amd64.udeb
Checksums-Sha256:
19b515a020213c444a91076607c4bce9ce6e9310a7fd297df95cd8aaf6eb4c32 3398 eglibc_2.11.3-4+deb6u2.dsc
86468e94516b84c586b0f5c78c5b2361474698a7619f465091b1a61f0ae134af 22677499 eglibc_2.11.3.orig.tar.gz
70042152f5b262b8524aa8abeda4c9249b7c6a46a4e800ac80f427dafda8f5ab 925660 eglibc_2.11.3-4+deb6u2.diff.gz
e87e247b1efbe035597a97824564b71177cd12f0efbbb83378222e8623f5b102 1852740 glibc-doc_2.11.3-4+deb6u2_all.deb
6884f46a5affe42ccd1e26621f1f3953c79fc4b401cef60ed1b6075c3d69f457 11052794 eglibc-source_2.11.3-4+deb6u2_all.deb
c745681d4d5df9aaa768e6545dce412fc6de614316b27753bcbc946665b3a1ae 4756850 locales_2.11.3-4+deb6u2_all.deb
382b0724f578cbd1cca0a050eb80c9952e157b07c972668a3ff6556665569577 4267216 libc6_2.11.3-4+deb6u2_amd64.deb
6503387c21e98eff1873f7f61c26aaf65a12c6524d3db06789c0e0e26eec314a 2588748 libc6-dev_2.11.3-4+deb6u2_amd64.deb
d2b4ec0f3d82131296fbe3c698fbfdcad2e65adf6fad556b3c1a6aa9c316d0d6 2036110 libc6-prof_2.11.3-4+deb6u2_amd64.deb
44fe9602f28cb24bcab5d8e49e0307ad5f227598ecf155f1ce80a15936862020 1548750 libc6-pic_2.11.3-4+deb6u2_amd64.deb
5c4efd876e52cf3bb0ba34ef66ae9ab6c92b6fe7bdbc444b90967ee857e02506 750600 libc-bin_2.11.3-4+deb6u2_amd64.deb
8b05051fc2c473041885686d4e393407ff4819787431375e319be1033a3c2c91 210970 libc-dev-bin_2.11.3-4+deb6u2_amd64.deb
d46d7a66a0d35fb992581b1ee0bbd7dd56ed6f276bcaa549dbb240facf598554 3686424 locales-all_2.11.3-4+deb6u2_amd64.deb
715a284b9fd9a98cdf15630c395cc026cbfe429421d38ae09c5b2d1cf250ac35 3804390 libc6-i386_2.11.3-4+deb6u2_amd64.deb
ab8026920f5cfbe31848810b75409196710dfec56d2efa980517d74accf85efb 1527380 libc6-dev-i386_2.11.3-4+deb6u2_amd64.deb
54d092d515475256d009d728bb42221f5a39f59a9fb714dd4ffb6876bf1babe3 198972 nscd_2.11.3-4+deb6u2_amd64.deb
18bb27990f31140721cc379c62a94e62f4c74ab0d2cea20c043d9401f72d0200 10387362 libc6-dbg_2.11.3-4+deb6u2_amd64.deb
b6eac610bb1652decefb804d2eb89fd0545bfcf4458f23efa49f88025894e5da 1152118 libc6-udeb_2.11.3-4+deb6u2_amd64.udeb
4d2cdd85ff5bbb1e136f159855048f8599d2a7e64d4463f6d20b5d0e98a93fbd 11114 libnss-dns-udeb_2.11.3-4+deb6u2_amd64.udeb
72c9835be88c44dee866b62ef2815e73a39f65a61e8504836d54795849843903 20146 libnss-files-udeb_2.11.3-4+deb6u2_amd64.udeb
Files:
4719d6fac698acc38b307690e18bd1b6 3398 libs required eglibc_2.11.3-4+deb6u2.dsc
dd8e9ddf5a3d62209d2ef113888d0899 22677499 libs required eglibc_2.11.3.orig.tar.gz
bdd308ea209b7a71668941eac4e4af32 925660 libs required eglibc_2.11.3-4+deb6u2.diff.gz
c6b8d36a3ec265ca363f46b0b5c02d7e 1852740 doc optional glibc-doc_2.11.3-4+deb6u2_all.deb
bc06506814c59af1375262d6ad94f354 11052794 devel optional eglibc-source_2.11.3-4+deb6u2_all.deb
21b19e3e1aba02134255485036c61d11 4756850 localization standard locales_2.11.3-4+deb6u2_all.deb
5a72e463f373314f5b3864c09cf757e0 4267216 libs required libc6_2.11.3-4+deb6u2_amd64.deb
aa5e0d985970618c255f187ea63324d2 2588748 libdevel optional libc6-dev_2.11.3-4+deb6u2_amd64.deb
8b8484ebe2e43d8882271d86ac751944 2036110 libdevel extra libc6-prof_2.11.3-4+deb6u2_amd64.deb
232c28fcc01f2be336973819be0a1e7a 1548750 libdevel optional libc6-pic_2.11.3-4+deb6u2_amd64.deb
afcb31f82ab3e49acd6f70eb0be51907 750600 libs required libc-bin_2.11.3-4+deb6u2_amd64.deb
ce5ce424471e4c2cef11277be9bc5675 210970 libdevel optional libc-dev-bin_2.11.3-4+deb6u2_amd64.deb
2b6141092e4f86280dff4b59ba2c3740 3686424 localization extra locales-all_2.11.3-4+deb6u2_amd64.deb
925d877a4d7719ad91a3dba40de348bb 3804390 libs optional libc6-i386_2.11.3-4+deb6u2_amd64.deb
98772c0ea638d20c9c56600f77cf868b 1527380 libdevel optional libc6-dev-i386_2.11.3-4+deb6u2_amd64.deb
13badb38298696b64cd080c62e6775e5 198972 admin optional nscd_2.11.3-4+deb6u2_amd64.deb
c6e6787ce6e6542db44adfaefca9711a 10387362 debug extra libc6-dbg_2.11.3-4+deb6u2_amd64.deb
644480f24b3a67bf852b52e580d05982 1152118 debian-installer extra libc6-udeb_2.11.3-4+deb6u2_amd64.udeb
7c91d857aa6d92999146a97805c4af8e 11114 debian-installer extra libnss-dns-udeb_2.11.3-4+deb6u2_amd64.udeb
f1bee76204cc0b03920d7e13b9aa80de 20146 debian-installer extra libnss-files-udeb_2.11.3-4+deb6u2_amd64.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJUdeauXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHGgoP/R2kqxnK5FFA2yTyxeJYiUwG
ad/NyHVFv3eNscaU67Kf4+uqQwZfr+mut0M2wmNWdrh8FPPCrMp7rnoZ/N69lcjU
pB9EN8b4IIjesNxmgLQeyQIlvg7g+hPOOmAbJIFupjBDNHeKzSLezCQI+L3gc103
SRKe7cY3WmwyA/PFPnd0wrgNCobXJ+x8OgevgWOTBlbIfbd7iFrsAoS3xomnI9Hp
igjrTr2VJ1uuvI1tqK5TUAb+R/7k8nDKFsVM169w0ly24fmcYlQhtfQKoeVokRgA
2Bh2qqHnISsXGh6Sp0hDt7zMSwp0lBOhPL0Pt7ezB96YAMR/EfAskSGhdtMdpMv2
rktZ0OVKVx4S9B/zeVB9m7DKWOqEIBjBIHgDbAlS/e7rbfFlbuBG9vNQn97aKGAQ
5UZmmhqRwP0/djTQ4aBloPIV6mOaQLD0SFePt8Rkc/Rh21b+gcG5Ixe6ryDuIdz+
nx9j1Qwn8Dd0p0rqIoXZEsG/tGF9abYIzsN2HbyDUqzxbSByjnL6LqR6Fo4pY8Vt
zSrU6sS0ZLB6pHI4+mPpXCNkfVTvE+YOENsh8NbKvfRH14DDzgnqXuQisl5r1iST
6GSnROsY7Ca0pffefl9GxF+9Qgava6GjQV2PfMYf7HtkiOyvBXxh2LL+C8RTYqlq
1rlShgwfpaleU3mtj7yc
=y9vp
-----END PGP SIGNATURE-----