r4071 - in glibc-package/branches/glibc-branch-lenny/debian: . patches patches/any
Author: aurel32 Date: 2010-01-07 23:13:35 + (Thu, 07 Jan 2010) New Revision: 4071 Added: glibc-package/branches/glibc-branch-lenny/debian/patches/any/submitted-nis-shadow.diff Modified: glibc-package/branches/glibc-branch-lenny/debian/changelog glibc-package/branches/glibc-branch-lenny/debian/patches/series Log: * Fix NIS shadow entries leakage to non-priviledge users when nscd is in use. Fixes: CVE-2010-. Modified: glibc-package/branches/glibc-branch-lenny/debian/changelog === --- glibc-package/branches/glibc-branch-lenny/debian/changelog 2010-01-07 22:13:13 UTC (rev 4070) +++ glibc-package/branches/glibc-branch-lenny/debian/changelog 2010-01-07 23:13:35 UTC (rev 4071) @@ -1,3 +1,11 @@ +glibc (2.7-18lenny2) stable-security; urgency=low + + * Fix NIS shadow entries leakage to non-priviledge users when nscd is +in use. +Fixes: CVE-2010-. + + -- Aurelien Jarno Fri, 08 Jan 2010 00:10:10 +0100 + glibc (2.7-18lenny1) stable; urgency=low * patches/any/cvs-realloc.diff: fix bug in realloc() when enlarging a Added: glibc-package/branches/glibc-branch-lenny/debian/patches/any/submitted-nis-shadow.diff === --- glibc-package/branches/glibc-branch-lenny/debian/patches/any/submitted-nis-shadow.diff (rev 0) +++ glibc-package/branches/glibc-branch-lenny/debian/patches/any/submitted-nis-shadow.diff 2010-01-07 23:13:35 UTC (rev 4071) @@ -0,0 +1,304 @@ +2010-01-06 Christoph Pleger + Aurelien Jarno + + * nis/nss_nis/nis-pwd.c (internal_nis_getpwent_r): When adjunct + style secret password is returned, mangle 'x' instead of the + encrypted password. + (_nss_nis_getpwnam_r): Likewise. + (_nss_nis_getpwuid_r): Likewise. + * nis/nss_nis/nis-spwd.c (internal_nis_getspent_r): When shadow.byname + does not exist, look in passwd.adjunct.byname and adapt the result. + (_nss_nis_getspnam_r): Likewise. + +diff --git a/nis/nss_nis/nis-pwd.c b/nis/nss_nis/nis-pwd.c +index fdc7dc9..efb5c61 100644 +--- a/nis/nss_nis/nis-pwd.c b/nis/nss_nis/nis-pwd.c +@@ -266,49 +266,32 @@ internal_nis_getpwent_r (struct passwd *pwd, char *buffer, size_t buflen, + /* Check for adjunct style secret passwords. They can be +recognized by a password starting with "##". */ + char *p = strchr (result, ':'); +- size_t namelen; +- char *result2; +- int len2; + if (p != NULL /* This better should be true in all cases. */ +-&& p[1] == '#' && p[2] == '#' +-&& (namelen = p - result, +-yp_match (domain, "passwd.adjunct.byname", result, namelen, +- &result2, &len2)) == YPERR_SUCCESS) ++&& p[1] == '#' && p[2] == '#') + { +-/* We found a passwd.adjunct entry. Merge encrypted +- password therein into original result. */ +-char *encrypted = strchr (result2, ':'); +-char *endp; +-size_t restlen; +- +-if (encrypted == NULL +-|| (endp = strchr (++encrypted, ':')) == NULL +-|| (p = strchr (p + 1, ':')) == NULL) ++size_t namelen = p - result; ++if ((p = strchr (p + 1, ':')) == NULL) + { + /* Invalid format of the entry. This never should happen +unless the data from which the NIS table is generated is +wrong. We simply ignore it. */ +-free (result2); + goto non_adjunct; + } + +-restlen = len - (p - result); +-if (__builtin_expect ((size_t) (namelen + (endp - encrypted) +-+ restlen + 2) > buflen, 0)) ++/* We found an adjunct style secret password. Replace ++ it by 'x' into the result. */ ++size_t restlen = len - (p - result); ++if (__builtin_expect ((namelen + restlen + 3) > buflen, 0)) + { +-free (result2); + free (result); + *errnop = ERANGE; + return NSS_STATUS_TRYAGAIN; + } + +-mempcpy (mempcpy (mempcpy (mempcpy (buffer, result, namelen), +- ":", 1), +- encrypted, endp - encrypted), ++mempcpy (mempcpy (mempcpy (buffer, result, namelen), ++ ":x", 2), + p, restlen + 1); + p = buffer; +- +-free (result2); + } + else + { +@@ -400,47 +383,33 @@ _nss_nis_getpwnam_r (const char *name, struct passwd *pwd, + + /* Check for adjunct style secret passwords. They can be recognized + by a password starting with "##". */ +- char *result2; +- int len2; + char *p = strchr (result, ':'); + if (p != NULL /* This better should be true in all cases. */ +- && p[1] == '#' && p[2] == '#' +-
Bug#564008: marked as done (FTBFS: Applying patch kfreebsd/local-no-SOCK_NONBLOCK.diff fails)
Your message dated Thu, 07 Jan 2010 22:49:41 + with message-id and subject line Bug#564008: fixed in eglibc 2.10.2-5 has caused the Debian Bug report #564008, regarding FTBFS: Applying patch kfreebsd/local-no-SOCK_NONBLOCK.diff fails to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 564008: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564008 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: eglibc Version: 2.10.2-4 Severity: serious Justification: FTBFS Hi Aurélien et al., eglibc unfortunately FTBFS on all non-Linux ports (at least): | Applying patch kfreebsd/local-no-SOCK_NONBLOCK.diff | patching file resolv/res_send.c | Hunk #1 FAILED at 933. | Hunk #2 succeeded at 927 (offset -18 lines). | Hunk #3 FAILED at 956. | Hunk #4 succeeded at 945 (offset -23 lines). | Hunk #5 succeeded at 973 (offset -23 lines). | 2 out of 5 hunks FAILED -- rejects in file resolv/res_send.c | patching file nscd/connections.c | Restoring resolv/res_send.c | Restoring nscd/connections.c | Patch kfreebsd/local-no-SOCK_NONBLOCK.diff does not apply (enforce with -f) | Restoring resolv/res_send.c | Restoring nscd/connections.c | make: *** [/build/buildd-eglibc_2.10.2-4-kfreebsd-amd64-o4wcHm/eglibc-2.10.2/stamp-dir/patch] Error 1 Build logs at the usual place: https://buildd.debian.org/status/package.php?p=eglibc&suite=unstable Mraw, KiBi. --- End Message --- --- Begin Message --- Source: eglibc Source-Version: 2.10.2-5 We believe that the bug you reported is fixed in the latest version of eglibc, which is due to be installed in the Debian FTP archive: eglibc-source_2.10.2-5_all.deb to main/e/eglibc/eglibc-source_2.10.2-5_all.deb eglibc_2.10.2-5.diff.gz to main/e/eglibc/eglibc_2.10.2-5.diff.gz eglibc_2.10.2-5.dsc to main/e/eglibc/eglibc_2.10.2-5.dsc glibc-doc_2.10.2-5_all.deb to main/e/eglibc/glibc-doc_2.10.2-5_all.deb libc-bin_2.10.2-5_amd64.deb to main/e/eglibc/libc-bin_2.10.2-5_amd64.deb libc-dev-bin_2.10.2-5_amd64.deb to main/e/eglibc/libc-dev-bin_2.10.2-5_amd64.deb libc6-dbg_2.10.2-5_amd64.deb to main/e/eglibc/libc6-dbg_2.10.2-5_amd64.deb libc6-dev-i386_2.10.2-5_amd64.deb to main/e/eglibc/libc6-dev-i386_2.10.2-5_amd64.deb libc6-dev_2.10.2-5_amd64.deb to main/e/eglibc/libc6-dev_2.10.2-5_amd64.deb libc6-i386_2.10.2-5_amd64.deb to main/e/eglibc/libc6-i386_2.10.2-5_amd64.deb libc6-pic_2.10.2-5_amd64.deb to main/e/eglibc/libc6-pic_2.10.2-5_amd64.deb libc6-prof_2.10.2-5_amd64.deb to main/e/eglibc/libc6-prof_2.10.2-5_amd64.deb libc6-udeb_2.10.2-5_amd64.udeb to main/e/eglibc/libc6-udeb_2.10.2-5_amd64.udeb libc6_2.10.2-5_amd64.deb to main/e/eglibc/libc6_2.10.2-5_amd64.deb libnss-dns-udeb_2.10.2-5_amd64.udeb to main/e/eglibc/libnss-dns-udeb_2.10.2-5_amd64.udeb libnss-files-udeb_2.10.2-5_amd64.udeb to main/e/eglibc/libnss-files-udeb_2.10.2-5_amd64.udeb locales-all_2.10.2-5_amd64.deb to main/e/eglibc/locales-all_2.10.2-5_amd64.deb locales_2.10.2-5_all.deb to main/e/eglibc/locales_2.10.2-5_all.deb nscd_2.10.2-5_amd64.deb to main/e/eglibc/nscd_2.10.2-5_amd64.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 564...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Aurelien Jarno (supplier of updated eglibc package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Format: 1.8 Date: Thu, 07 Jan 2010 20:57:49 +0100 Source: eglibc Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-sparcv9b libc6-i686 libc6-xen libc0.1-i686 libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb Architecture: source all amd64 Version: 2.10.2-5 Distribution: unstable Urgency: low Maintainer: Aurelien Jarno Changed-By: A
r4069 - glibc-package/trunk/debian
Author: aurel32 Date: 2010-01-07 22:10:09 + (Thu, 07 Jan 2010) New Revision: 4069 Modified: glibc-package/trunk/debian/changelog Log: Upload to unstable Modified: glibc-package/trunk/debian/changelog === --- glibc-package/trunk/debian/changelog2010-01-07 19:56:30 UTC (rev 4068) +++ glibc-package/trunk/debian/changelog2010-01-07 22:10:09 UTC (rev 4069) @@ -1,4 +1,4 @@ -eglibc (2.10.2-5) UNSTABLE; urgency=low +eglibc (2.10.2-5) unstable; urgency=low [ Petr Salinger] * Update kfreebsd/local-no-SOCK_NONBLOCK.diff to cvs-resolv-* changes. @@ -22,7 +22,7 @@ [ Aurelien Jarno ] * Fix sparc64 build. - -- Aurelien Jarno Thu, 07 Jan 2010 20:56:15 +0100 + -- Aurelien Jarno Thu, 07 Jan 2010 20:57:49 +0100 eglibc (2.10.2-4) unstable; urgency=low -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
r4068 - in glibc-package/trunk/debian: . sysdeps testsuite-checking
Author: aurel32 Date: 2010-01-07 19:56:30 + (Thu, 07 Jan 2010) New Revision: 4068 Added: glibc-package/trunk/debian/testsuite-checking/expected-results-sparc64b-linux-gnu-sparcv9b Modified: glibc-package/trunk/debian/changelog glibc-package/trunk/debian/sysdeps/sparc64.mk glibc-package/trunk/debian/testsuite-checking/expected-results-sparc64-linux-gnu-libc Log: * Fix sparc64 build. Modified: glibc-package/trunk/debian/changelog === --- glibc-package/trunk/debian/changelog2010-01-07 10:26:13 UTC (rev 4067) +++ glibc-package/trunk/debian/changelog2010-01-07 19:56:30 UTC (rev 4068) @@ -19,8 +19,11 @@ * patches/hurd-i386/submitted-setsid.diff: renamed to cvs-setsid.diff since merged upstream. - -- Aurelien Jarno Wed, 06 Jan 2010 22:18:19 +0100 + [ Aurelien Jarno ] + * Fix sparc64 build. + -- Aurelien Jarno Thu, 07 Jan 2010 20:56:15 +0100 + eglibc (2.10.2-4) unstable; urgency=low [ Samuel Thibault ] Modified: glibc-package/trunk/debian/sysdeps/sparc64.mk === --- glibc-package/trunk/debian/sysdeps/sparc64.mk 2010-01-07 10:26:13 UTC (rev 4067) +++ glibc-package/trunk/debian/sysdeps/sparc64.mk 2010-01-07 19:56:30 UTC (rev 4068) @@ -5,8 +5,8 @@ EGLIBC_PASSES += sparcv9b DEB_ARCH_REGULAR_PACKAGES += libc6-sparcv9b sparcv9b_add-ons = nptl $(add-ons) -sparcv9b_configure_target=sparcv9b-linux-gnu -sparcv9b_configure_build=sparcv9b-linux-gnu +sparcv9b_configure_target=sparc64b-linux-gnu +sparcv9b_configure_build=sparc64b-linux-gnu sparcv9b_extra_cflags = -mcpu=ultrasparc3 sparcv9b_extra_config_options = $(extra_config_options) --disable-profile sparcv9b_rtlddir = /lib Modified: glibc-package/trunk/debian/testsuite-checking/expected-results-sparc64-linux-gnu-libc === --- glibc-package/trunk/debian/testsuite-checking/expected-results-sparc64-linux-gnu-libc 2010-01-07 10:26:13 UTC (rev 4067) +++ glibc-package/trunk/debian/testsuite-checking/expected-results-sparc64-linux-gnu-libc 2010-01-07 19:56:30 UTC (rev 4068) @@ -6,5 +6,7 @@ annexc.out, Error 1 (ignored) check-localplt.out, Error 1 tst-cancelx21.out, Error 1 +tst-cancelx4.out, Error 1 +tst-cancelx5.out, Error 1 tst-cpuclock2.out, Error 1 tst-timer.out, Error 139 Added: glibc-package/trunk/debian/testsuite-checking/expected-results-sparc64b-linux-gnu-sparcv9b === --- glibc-package/trunk/debian/testsuite-checking/expected-results-sparc64b-linux-gnu-sparcv9b (rev 0) +++ glibc-package/trunk/debian/testsuite-checking/expected-results-sparc64b-linux-gnu-sparcv9b 2010-01-07 19:56:30 UTC (rev 4068) @@ -0,0 +1,14 @@ +# +# Allowed failures for sparc64b-linux-gnu-sparcv9b and the returned make +# failure number, indicating the signal the process died with. +# Format: , Error [(ignored)] +# +annexc.out, Error 1 (ignored) +check-localplt.out, Error 1 +tst-cancelx21.out, Error 1 +tst-cancelx4.out, Error 1 +tst-cancelx5.out, Error 1 +tst-cpuclock2.out, Error 1 +tst-execstack-needed.out, Error 1 +tst-execstack-prog.out, Error 1 +tst-execstack.out, Error 1 -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#563987: /lib/libnss_hesiod.so.2: hesiod users not fully supported
Ken Raeburn a écrit : > Aurelien Jarno wrote: >> Wouldn't it be possible to also use Kerberos for shadow information, as >> it is actually where the encrypted passwords are stored? >> > > Kerberos doesn't necessarily have the information in its database, and > the protocol provides no way to pass the information around. > >> Other nsswitch modules provide both interfaces, because there is >> actually a shadow database. Hesiod does not provide a shadow database. >> >> The only thing that can be done is to provide functions that will always >> return an error. Not sure it is really useful. >> > If that's the model -- that it's permissible for there not to be shadow > data -- then yes, the Hesiod code is okay and this is a pam bug... > It's permissible, but as said not really useful. That won't change the value returned by getspnam(), which already return -1 when an entry is not found. This returned value simply means that shadow entry exists for the given name. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#563987: /lib/libnss_hesiod.so.2: hesiod users not fully supported
Aurelien Jarno wrote: Wouldn't it be possible to also use Kerberos for shadow information, as it is actually where the encrypted passwords are stored? Kerberos doesn't necessarily have the information in its database, and the protocol provides no way to pass the information around. Other nsswitch modules provide both interfaces, because there is actually a shadow database. Hesiod does not provide a shadow database. The only thing that can be done is to provide functions that will always return an error. Not sure it is really useful. If that's the model -- that it's permissible for there not to be shadow data -- then yes, the Hesiod code is okay and this is a pam bug... Ken -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#563987: /lib/libnss_hesiod.so.2: hesiod users not fully supported
Aurelien Jarno wrote: hesiod is not supposed to be used to provide password. Even if used that way, I don't really see the point of providing a shadow database though hesiod, as the data will anyway be public, as published in the DNS. Certainly not password authentication data, but it can be (and is) used for the other /etc/passwd info (say, in combination with Kerberos authentication; they both came out of MIT's Project Athena). But on the systems it was developed on, some of the shadow information (the hashed password) wasn't in a separate shadow file, and some of it just didn't exist. So maybe Hesiod's interface is just outdated? IMHO, that's a wrong assumption that should be fixed in pam That was my other thought, but at first glance, it appeared that other nsswitch modules provided both together. And I've seen cases on other systems where the shadow entry was required for things to work; not that that necessarily means they weren't broken too Ken -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#563987: /lib/libnss_hesiod.so.2: hesiod users not fully supported
Ken Raeburn a écrit : > Aurelien Jarno wrote: >> hesiod is not supposed to be used to provide password. Even if used that >> way, I don't really see the point of providing a shadow database though >> hesiod, as the data will anyway be public, as published in the DNS. >> > > Certainly not password authentication data, but it can be (and is) used > for the other /etc/passwd info (say, in combination with Kerberos > authentication; they both came out of MIT's Project Athena). But on the > systems it was developed on, some of the shadow information (the hashed > password) wasn't in a separate shadow file, and some of it just didn't > exist. So maybe Hesiod's interface is just outdated? Wouldn't it be possible to also use Kerberos for shadow information, as it is actually where the encrypted passwords are stored? >> IMHO, that's a wrong assumption that should be fixed in pam > That was my other thought, but at first glance, it appeared that other > nsswitch modules provided both together. And I've seen cases on other > systems where the shadow entry was required for things to work; not that > that necessarily means they weren't broken too Other nsswitch modules provide both interfaces, because there is actually a shadow database. Hesiod does not provide a shadow database. The only thing that can be done is to provide functions that will always return an error. Not sure it is really useful. -- Aurelien Jarno GPG: 1024D/F1BCDB73 aurel...@aurel32.net http://www.aurel32.net -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Online Courses for Iowa Teachers
ONLINE COURSES FOR TEACHERS Would you care to receive periodic emails about our highly regarded online courses for teachers? If so click here. http://www.admail.net/confirm/19b3d65/55cd7401/ If not, you are automatically "opted-out" and you will not receive another email from us unless you click the confirm link. You're receiving this notice because you were identified as an educator who may be interested in the professional development of teachers. For over ten years our organization has been serving teachers with online, professional development courses in all subject areas, including the award of university credit good for recertification and salary enhancement. A few examples of the unique selection of courses we offer include: --Stress Reduction in Staff & Students --How to Differentiate Instruction in Mixed Ability Classrooms --More Real World Math --Google Earth Basics --Making Science Fun: K-8 Science Projects --Going to the Movies: Global Issues in Film --Literacy Strategies for Grades 4-12 Please indicate by clicking here http://www.admail.net/confirm/19b3d65/55cd7401/ if you would like to receive periodic announcements from us about our courses. We apologize if you feel you have received this email in error, and you will not receive another notice from us unless you choose to do so. We appreciate your attention to this notice. ___ Use the following link to confirm that you'd like to receive future mailings. http://www.admail.net/confirm/19b3d65/55cd7401/ The Heritage Institute Box 860 Clinton, WA 98236 Powered by Admail.net ___ -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
r4067 - glibc-package/trunk/debian/testsuite-checking
Author: sthibault Date: 2010-01-07 10:26:13 + (Thu, 07 Jan 2010) New Revision: 4067 Modified: glibc-package/trunk/debian/testsuite-checking/expected-results-i486-gnu-libc Log: tst-cpucount fails to link due to missing support Modified: glibc-package/trunk/debian/testsuite-checking/expected-results-i486-gnu-libc === --- glibc-package/trunk/debian/testsuite-checking/expected-results-i486-gnu-libc 2010-01-07 10:21:50 UTC (rev 4066) +++ glibc-package/trunk/debian/testsuite-checking/expected-results-i486-gnu-libc 2010-01-07 10:26:13 UTC (rev 4067) @@ -4,6 +4,7 @@ # Format: , Error [(ignored)] # # Need actual porting +tst-cpucount, Error 1 tst-cpuset.o, Error 1 tst-cputimer1.o, Error 1 tst-cputimer2.o, Error 1 @@ -43,7 +44,6 @@ tst-chk5.out, Error 1 tst-chk6.out, Error 1 tst-cpuclock2, Error 1 -tst-cpucount, Error 1 tst-dlmopen1.out, Error 1 tst-error1-mem, Error 1 tst-ether_line.o, Error 1 -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
r4066 - in glibc-package/trunk/debian: . patches patches/hurd-i386 testsuite-checking
Author: sthibault Date: 2010-01-07 10:21:50 + (Thu, 07 Jan 2010) New Revision: 4066 Added: glibc-package/trunk/debian/patches/hurd-i386/cvs-getcwd.diff glibc-package/trunk/debian/patches/hurd-i386/cvs-setsid.diff glibc-package/trunk/debian/patches/hurd-i386/submitted-posix_opt.h.diff Removed: glibc-package/trunk/debian/patches/hurd-i386/submitted-getcwd.diff glibc-package/trunk/debian/patches/hurd-i386/submitted-setsid.diff Modified: glibc-package/trunk/debian/changelog glibc-package/trunk/debian/patches/hurd-i386/local-pthread_posix-option.diff glibc-package/trunk/debian/patches/hurd-i386/local-tls-support.diff glibc-package/trunk/debian/patches/hurd-i386/submitted-sysvshm.diff glibc-package/trunk/debian/patches/series glibc-package/trunk/debian/testsuite-checking/expected-results-i486-gnu-libc Log: patches/hurd-i386/submitted-posix_opt.h.diff: New patch to update standard macros in posix_opt.h. patches/hurd-i386/local-pthread_posix-option.diff: Refresh and update standard macros in posix_opt.h. patches/hurd-i386/submitted-sysvshm.diff: Add standard macro _XOPEN_SHM in posix_opt.h. patches/hurd-i386/local-tls-support.diff: Use kern_return_t instead of error_t to avoid a dependency on a GNU-specific type. patches/hurd-i386/submitted-getcwd.diff: renamed to cvs-getcwd.diff since merged upstream. patches/hurd-i386/submitted-setsid.diff: renamed to cvs-setsid.diff since merged upstream. Modified: glibc-package/trunk/debian/changelog === --- glibc-package/trunk/debian/changelog2010-01-07 06:50:24 UTC (rev 4065) +++ glibc-package/trunk/debian/changelog2010-01-07 10:21:50 UTC (rev 4066) @@ -5,6 +5,20 @@ Move it into any/local-no-SOCK_NONBLOCK.diff, as it is used also on hurd. Closes: #564008. + [ Samuel Thibault ] + * patches/hurd-i386/submitted-posix_opt.h.diff: New patch to update standard +macros in posix_opt.h. + * patches/hurd-i386/local-pthread_posix-option.diff: Refresh and update +standard macros in posix_opt.h. + * patches/hurd-i386/submitted-sysvshm.diff: Add standard macro _XOPEN_SHM in +posix_opt.h. + * patches/hurd-i386/local-tls-support.diff: Use kern_return_t instead of +error_t to avoid a dependency on a GNU-specific type. + * patches/hurd-i386/submitted-getcwd.diff: renamed to cvs-getcwd.diff since +merged upstream. + * patches/hurd-i386/submitted-setsid.diff: renamed to cvs-setsid.diff since +merged upstream. + -- Aurelien Jarno Wed, 06 Jan 2010 22:18:19 +0100 eglibc (2.10.2-4) unstable; urgency=low Copied: glibc-package/trunk/debian/patches/hurd-i386/cvs-getcwd.diff (from rev 4051, glibc-package/trunk/debian/patches/hurd-i386/submitted-getcwd.diff) === --- glibc-package/trunk/debian/patches/hurd-i386/cvs-getcwd.diff (rev 0) +++ glibc-package/trunk/debian/patches/hurd-i386/cvs-getcwd.diff 2010-01-07 10:21:50 UTC (rev 4066) @@ -0,0 +1,19 @@ +The patch below fixes a spurious call to mach_port_deallocate: rootdevid +is already deallocated as soon as it is fetched through __io_identity. + +--- + getcwd.c |1 - + 1 file changed, 1 deletion(-) + +diff --git a/sysdeps/mach/hurd/getcwd.c b/sysdeps/mach/hurd/getcwd.c +index 7e07e6b..f833f3d 100644 +--- a/sysdeps/mach/hurd/getcwd.c b/sysdeps/mach/hurd/getcwd.c +@@ -60,7 +60,6 @@ _hurd_canonicalize_directory_name_internal (file_t thisdir, + __mach_port_deallocate (__mach_task_self (), thisid); + __mach_port_deallocate (__mach_task_self (), thisdevid); + __mach_port_deallocate (__mach_task_self (), rootid); +- __mach_port_deallocate (__mach_task_self (), rootdevid); + + if (dirbuf != NULL) + __vm_deallocate (__mach_task_self (), Copied: glibc-package/trunk/debian/patches/hurd-i386/cvs-setsid.diff (from rev 4051, glibc-package/trunk/debian/patches/hurd-i386/submitted-setsid.diff) === --- glibc-package/trunk/debian/patches/hurd-i386/cvs-setsid.diff (rev 0) +++ glibc-package/trunk/debian/patches/hurd-i386/cvs-setsid.diff 2010-01-07 10:21:50 UTC (rev 4066) @@ -0,0 +1,17 @@ +Fix bogus port deallocation due to uninitialized variable + +--- + hurdioctl.c |2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- eglibc-2.10.2-orig/hurd/hurdioctl.c2006-08-17 02:18:26.0 +0100 eglibc-2.10.2/hurd/hurdioctl.c 2009-12-22 03:13:05.0 + +@@ -169,7 +169,7 @@ + for (i = 0; i < _hurd_dtablesize; ++i) + { + struct hurd_fd *const d = _hurd_dtable[i]; +- mach_port_t newctty; ++ mach_port_t newctty = MACH_PORT_NULL; + + if (d == NULL) + /* Nothing to do for an unused descriptor cell. */ Modified: glibc-package/trunk/debian/patches/hurd-i386/local-pthread_posix-option.diff