- Tue Jul 26 2016 tmb <tmb> 6:2.20-23.mga5
+ Revision: 1043638
- Fix static dlopen default library search path [BZ #17250]
- grantpt: trust the kernel about pty group and permission mode [BZ #19347]
- sunrpc: Do not use alloca in clntudp_call [BZ #20112] (CVE-2016-4429, mga#18651)
- glob: Simplify the interface for the GLOB_ALTDIRFUNC callback gl_readdir
- CVE-2016-1234: glob: Do not copy d_name field of struct dirent [BZ #19779]
- CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r [BZ #19879]
- CVE-2016-3706: getaddrinfo: stack overflow in hostent conversion [BZ #20010]
- getaddrinfo() stack-based buffer overflow [BZ 18665] (CVE-2015-7547)
- nan function unbounded stack allocation [BZ 16961, 16962] (CVE-2014-9761)
- catopen() Multiple unbounded stack allocations [BZ 17905] (CVE-2015-8779)
- hcreate, hcreate_r should fail with ENOMEM if element count is too large [BZ 18240] (CVE-2015-8778)
- out of range data to strftime() causes a segfault [BZ 18985] (CVE-2015-8776)
- Always enable pointer guard [BZ #18928] (CVE-2015-8777) - Sat May 2 2015 tmb <tmb> 6:2.20-20.mga5
+ Revision: 821015
- Do not close NSS files database during iteration [BZ #18007] (CVE-2014-8121) - Fri May 1 2015 tmb <tmb> 6:2.20-19.mga5
+ Revision: 821001
- resolv/nss_dns/dns-host.c buffer overflow (CVE-2015-1781) [BZ#18287] - Sun Apr 19 2015 tmb <tmb> 6:2.20-18.mga5
+ Revision: 820468
- nscd needs /var/db/nscd (mga#15545) - Sat Apr 18 2015 tmb <tmb> 6:2.20-17.mga5
+ Revision: 820464
- Fix _IO_wstr_overflow integer overflow (PR/BZ #17269)
- Fix read past end of pattern in fnmatch (PR/BZ #18032) - Sat Feb 21 2015 tmb <tmb> 6:2.20-16.mga5
+ Revision: 816252
- sync with upstream glibc-2.20 maintenance branch:
* Update Russian translation
* Revert to defining __extern_inline only for gcc-4.3+ (BZ #17266)
* Update French translation
* BZ#17460: Fix buffer overrun in nscd --help
* MIPS: Avoid a dangling `vfork@GLIBC_2.0' reference
* AArch64: End frame record chain correctly
* Make __extern_always_inline usable on clang++ again
* Move findidx nested functions to top-level
* Fix memory handling in strxfrm_l [BZ #16009] (CVE pending)
* Use AVX unaligned memcpy only if AVX2 is available - Sun Feb 8 2015 tmb <tmb> 6:2.20-15.mga5
+ Revision: 814068
- wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473) - Sun Dec 21 2014 tmb <tmb> 6:2.20-14.mga5
+ Revision: 804687
- Fix stack overflow in vfprintf [BZ #16617] (CVE-2012-3406)
- Avoid infinite loop in nss_dns getnetbyname [BZ #17630] (CVE-2014-9402) - Sat Nov 22 2014 tmb <tmb> 6:2.20-12.mga5
+ Revision: 798301
- posix wordexp fails to honour WRDE_NOCMD (CVE-2014-7817) - Wed Oct 15 2014 tmb <tmb> 6:2.20-11.mga5
+ Revision: 751288
- elf/dl-load.c (open_path): Avoid writing to 'env_path_list'
when none of the search directories exist. (BZ #15378)
- Fix infinite loop in check_pf (BZ #12926)
- disable lock elision again - Fri Oct 10 2014 tmb <tmb> 6:2.20-10.mga5
+ Revision: 737970
- re-enable lock elision for now as disabling it triggesrs SIGILL traps - Fri Oct 10 2014 tmb <tmb> 6:2.20-9.mga5
+ Revision: 737928
- add missing checks on ELIDE_UNLOCK for disabled lock elision (mga#14172) - Fri Oct 10 2014 tmb <tmb> 6:2.20-8.mga5
+ Revision: 737868
- ensure adaptive elision in rwlocks is disabled (mga#14172) - Thu Oct 9 2014 tv <tv> 6:2.20-7.mga5
+ Revision: 737764
- convert %pretrans from dash to lua (one less Requires(pre), one less dep loop)
(note that previous scriptlet was broken since UsrMove) - Sun Sep 28 2014 tmb <tmb> 6:2.20-6.mga5
+ Revision: 731421
- disable lock-elision as glibc breaks on intel microcode update - Thu Sep 25 2014 tmb <tmb> 6:2.20-5.mga5
+ Revision: 724574
- Fix memory leak in libio/wfileops.c do_ftell_wide [BZ #17370]
- Fix memory leak in error path of do_ftell_wide [BZ #17370]
+ tv
- autoconvert to new prov/req excludes - Sat Sep 13 2014 tmb <tmb> 6:2.20-4.mga5
+ Revision: 674978
- fix segfault in getifaddrs_internal [BZ#17371]
- malloc: additional unlink hardening for non-small bins [BZ#17344]
- Add new Linux 3.16 constants to netinet/udp.h - Tue Sep 9 2014 tmb <tmb> 6:2.20-3.mga5
+ Revision: 674336
- submit to release - Mon Sep 8 2014 tmb <tmb> 6:2.20-2.mga5
+ Revision: 673679
- hp-timing.c is dropped upstream
- rebase some patches so they apply
- dont use conditional patching for mips build
- drop old powerpc fix
- nptl is not an addon anymore, adjust build accordingly
- drop merged patches
- update to 2.20 - Thu Sep 4 2014 tmb <tmb> 6:2.19-12.mga5
+ Revision: 672173
- fix crashes on invalid input in IBM gconv modules [BZ #17325] (CVE-2014-6040) - Thu Aug 28 2014 tmb <tmb> 6:2.19-11.mga5
+ Revision: 669052
- _gconv_translit_find: Disable function [BZ #17187]
(CVE-2014-5119) (mga#13995) - Sun Jul 27 2014 tmb <tmb> 6:2.19-10.mga5
+ Revision: 657579
- rebuild with fixed gcc - Wed Jul 23 2014 tmb <tmb> 6:2.19-9.mga5
+ Revision: 656122
- setlocale: Use the heap for the copy of the locale argument
- _nl_find_locale: Improve handling of crafted locale names
(BZ#17137, CVE-2014-0475) - Wed Jul 23 2014 colin <colin> 6:2.19-8.mga5
+ Revision: 655883
- Rename ldconfig filetrigger to make sure it's run first - Sun Jun 29 2014 tmb <tmb> 6:2.19-7.mga5
+ Revision: 640940
- posix_spawn_file_actions_addopen needs to copy the path argument
(BZ 17048, CVE-2014-4043) - Tue May 13 2014 tmb <tmb> 6:2.19-6.mga5
+ Revision: 622540
- rebuild with gcc 4.9 - Wed May 7 2014 tmb <tmb> 6:2.19-3.mga5
+ Revision: 620910
- misc/sys/xattr.h: guard against linux uapi header inclusion - Sat Mar 1 2014 tmb <tmb> 6:2.19-2.mga5
+ Revision: 598263
- Fix sign of input to bsloww1 (glibc #16623)
- Update x86_64 libm-test-ulps on AMD family 21h model 1 (glibc #16545) - Mon Feb 17 2014 tmb <tmb> 6:2.19-1.mga5
+ Revision: 593923
- submit to /release - Sat Feb 8 2014 tmb <tmb> 6:2.19-0.1.mga5
+ Revision: 585854
- drop P12, ancient ppc fix
- dummy libbsd now removed upstream
- rediff P06, P11, P44
- drop merged patches
- update to 2.19 - Wed Feb 5 2014 tmb <tmb> 6:2.18-10.mga5
+ Revision: 582832
- x86: Disable x87 inline functions for SSE2 math - Sun Jan 5 2014 tmb <tmb> 6:2.18-9.mga4
+ Revision: 564795
- malloc: Fix race in free() of fastbin chunk (Glibc BZ #15073) - Wed Dec 4 2013 tmb <tmb> 6:2.18-8.mga4
+ Revision: 555189
- Print the reason why preloading failed in do_preload()
- Fix PI mutex check in pthread_cond_broadcast and pthread_cond_signal - Fri Oct 25 2013 tmb <tmb> 6:2.18-7.mga4
+ Revision: 546939
- Fix stack overflow due to large AF_INET6 requests (CVE-2013-4458) - Wed Oct 16 2013 tmb <tmb> 6:2.18-6.mga4
+ Revision: 501486
- rebuild with new gcc & binutils
- Fix handling LC_CTYPE nonascii-case fallback in i686 SSE4.2 and SSSE3
strcasecmp/strncasecmp - Sat Oct 12 2013 tmb <tmb> 6:2.18-5.mga4
+ Revision: 496066
- rebuild with new binutils & make - Fri Oct 11 2013 tmb <tmb> 6:2.18-4.mga4
+ Revision: 495280
- allow building wit GNU Make 4
- (struct __dirstream): Fix alignment of directory block (broken by CVE-2013-4237 fix) - Sun Oct 6 2013 tmb <tmb> 6:2.18-3.mga4
+ Revision: 492209
- initialize the pointer guard used for pointer mangling (CVE-2013-4788) - Wed Sep 25 2013 tmb <tmb> 6:2.18-2.mga4
+ Revision: 486293
- inet: avoid redefinition of some structs in kernel - Tue Sep 17 2013 tmb <tmb> 6:2.18-1.mga4
+ Revision: 480803
- malloc: check for integer overflows in pvalloc, valloc, memalign (CVE-2013-4332)
- make silent builds so only warnings and errors gets logged
- Correct the processing of '\x80' characters in crypt_freesec.c
- fix typo in nscd.service - Sun Aug 25 2013 tmb <tmb> 6:2.18-0.5.mga4
+ Revision: 471565
- temporarily disable build_check as it eats i686 libs on i586 build
- remove more references to pt_chown
- enable lock elision support
- fix strcoll() integer overflow leading to buffer overflow (CVE-2012-4412),
and alloca() stack overflow in the strcoll() interface (CVE-2012-4424)
(fedora, P102)
- install a sanitized LinuxThreads(fedora)
- gcc >= 4.4 is needed to build glibc
- binutils >= 2.20 is needed to build glibc
- experimental-malloc is default since 2011-06-28
- drop obsolete TlsFlags
- fix segfault with __strstr_sse42 (P60)
- Fix cbrtl for ldbl-96 (P100)
- Fix CVE-2013-4237, BZ #14699: Buffer overflow in readdir_r (P101)
- drop minimal required kernel to 2.6.32 so it works in chroots on top
of enterprise kernels
- pt_chown is disabled/removed as part of fix for CVE-2013-2207
- rediff P17, P38
- drop P18, P60, P61 (merged)
- update to 2.18 - Sun Aug 11 2013 tmb <tmb> 6:2.17-10.mga4
+ Revision: 465392
- rebuild with new gcc - Thu Aug 1 2013 tmb <tmb> 6:2.17-9.mga4
+ Revision: 462088
- test gcc-4.8.2 build