This bug was fixed in the package glibc - 2.32-0ubuntu3

---------------
glibc (2.32-0ubuntu3) groovy; urgency=medium

  * Fix cross-toolchain-base.
    Use ${Depends:foo=foo} magic to not create cross packages for
    libnss-nis*, rpcsvc-proto, libtirpc-dev and libnsl-dev (LP: #1895632)
  * XFAIL time/tst-cpuclock1 (LP: #1895687)

glibc (2.32-0ubuntu2) groovy; urgency=medium

  * Merge from Debian unstable
  * Refresh patches
  * debian/watch: Use HTTPS and download xz-compressed tarball
  * debian/watch: Use upstream's signing key to verify the tarball
  * Don't build and ship libnsl.a and Sun RPC static library and header files
  * XFAIL stdlib/tst-getrandom (LP: #1891403)
  * debian/symbols.wildcards: Update versions
  * Make libc-dev depend on rpcsvc-proto and libtirpc-dev.
    They replace development files for the Sun RPC library removed in glibc 32.
  * Make libc-dev depend on libnsl-dev.
    It replaces the development files for the new libnsl library replacing the
    one shipped by glibc.
  * Don't check symbols of libnss_nis.so and libnss_nisplus.so libraries.
    They are not shipped in glibc 2.32
  * Depend on libnss-nis and libnss-nisplus shipping the libraries dropped
    in 2.32
  * debian/patches/git-updates.diff: update from upstream stable branch:
    - x86-64: Fix FMA4 detection in ifunc
  * debian/testsuite-xfail-debian.mk: XFAIL unsupported tests failing in 
autopkgtest

glibc (2.31-3) unstable; urgency=medium

  [ Aurelien Jarno ]
  * debian/control.in/libc: add a Breaks: against openarena (<< 0.8.8+dfsg-4~)
    due to bug#966150.
  * debian/control.in/libc: add a Breaks: against ioquake3
    (<< 1.36+u20200211.f2c61c1~dfsg-2~) as previous versions are not correctly
    linked with libm.
  * debian/patches/git-updates.diff: update from upstream stable branch:
    - Fix an infinite loop in the iconv program (CVE-2016-10228).  Closes:
      #856503.
    - debian/patches/any/submitted-selinux-deprecations.diff: upstreamed.
    - debian/patches/x32/submitted-fix-nptl-setgroups-x32.diff: upstreamed.
  * debian/rules.d/build.mk: install <finclude/math-vector-fortran.h> in the
    multiarch path.  Closes: #962457.

  [ Samuel Thibault ]
  * debian/libc0.3.symbols.hurd-i386: Fix dependency of __errno_location and
    __h_errno_location symbols in libpthread.
  * patches/hurd-i386/unsubmitted-sbrk-_end.diff: Fix _end symbol appearance
    by reworking sbrk.
  * patches/hurd-i386/unsubmitted-sched_sets.diff: Add sched_set/getscheduler.
  * patches/hurd-i386/git-pthread_atfork-hidden.diff: Hide pthread_atfork
    symbols imported to applications, to avoid leaking them.

glibc (2.31-2ubuntu1) groovy; urgency=medium

  [ Michael Hudson-Doyle ]
  * Mark tst-getpw as XFAIL on arm64. (LP: #1869364)

  [ Balint Reczey ]
  * Merge from Debian unstable
    - debian/patches/any/submitted-selinux-deprecations.diff: proposed patch to
      ignore the selinux deprecations introduced in libselinux (>= 3.1), fixing
      an FTBFS. (LP: #1887919)
    Remaining changes:
    - Enable libc6{,-dev}-armel on armhf and libc6{-dev}-armhf on armel.
    - Heavily mangle the way we do service restarting on major upgrades.
    - Build amd64 with -O3, and build ppc64 variants (both 64-bit and 32-bit)
      with -O3 -fno-tree-vectorize.
    - Build generic i386 flavour with -mno-tls-direct-seg-refs for Xen.
    - Drop the libc6-xen flavour, as the above change covers Xen's needs.
    - Enable systemtap support, which is currently disabled in Debian.
    - Don't build libc-l10n, its contents get stripped for language-packs.
    - Drop libc-bin manpages Recommends to Suggests to keep it in standard.
    - Revert dropping the ldconfig wrapper, as we still have a lot of
      packages that don't ship a trigger but instead call in postinst.
    - Use DH_COMPAT=8 for dh_strip to fix debug sections for valgrind.
    - Mangle locales package to support Ubuntu language packs seamlessly.
    - Relax some expected test failures for our infrastructure's quirks.
    - Let nptl/tst-stack4 fail, as it's been racing on several architectures.
    - Copy the fully conditionalized x86 variant for math-vector-fortran.h
      to /usr/include/finclude. On all architectures.
    - Backport x86 CET patches from the trunk.
    - Ship arm64 variant with LSE support in libc6-lse
    - debian/sysdeps/{amd64/i386/x32}.mk: Enable Intel Control Flow
    Dropped changes:
    - Build i386 variants as -march=i686
    - debian/patches/git-updates.diff: update from upstream stable branch.
  * debian/gbp.conf: Add initial configuration
  * debian/debhelper.in/libc.preinst: Fix setting LDCONFIG_NOTRIGGER
    (LP: #1889190)
  * Build-depend again on g++-10-multilib on armel and armhf which were lost in 
the merge
    (LP: #1889069)
  * debian/control.in/main: Add Vcs-* pointing to Ubuntu packaging repository
  * Don't handle false positive stringop-overflow warnings as errors on ppc64el
  * Fall back to calling nanosleep syscall when __clock_nanosleep returns EINVAL
    (LP: #1871240)
  * debian/testsuite-xfail-debian.mk: XFAIL stdlib/tst-strtod-round on riscv64

glibc (2.31-2) unstable; urgency=medium

  [ Aurelien Jarno ]
  * debian/control.in/libc: add a Breaks: against macs (<< 2.2.7.1-3~) due to
    bug #965073.
  * debian/patches/git-updates.diff: update from upstream stable branch:
    - Fix a signed comparison vulnerability in the ARMv7 memcpy and memmove
      functions (CVE-2020-6096).  Closes: #961452.
  * debian/control.in/libc: do not limit the openssh-server breaks to 32-bit
    architectures, clock_nanosleep has to be allowed in addition to
    clock_gettime64.  Closes: #965932.
  * debian/patches/any/submitted-selinux-deprecations.diff: proposed patch to
    ignore the selinux deprecations introduced in libselinux (>= 3.1), fixing
    an FTBFS.  Closes: #965941.
  * debian/patches/x32/submitted-fix-nptl-setgroups-x32.patch: proposed patch
    to fix the setgroups functions in threaded applications on x32 (without
    the testsuite part).  Closes: #965091.

  [ Samuel Thibault ]
  * debian/patches/hurd-i386/local-tls-ie-align.diff: Fix TLS IE load with >=
    8 byte alignment.
  * debian/testsuite-xfail-debian.mk: Update backtrace result.
  * debian/patches/hurd-i386/git-fix-longjmp.diff: Fix longjmp from dl loader.
    Notably fixes calling setuid programs from eatmydata.
  * debian/control: Build-depend on gnumach-dev with userland driver RPC 
interface.
  * debian/libc0.3.symbols.hurd-i386: Add userland driver RPC interface stubs.
  * debian/patches/hurd-i386/local-clock_gettime_MONOTONIC.diff: Make
    clock_nanosleep accept CLOCK_MONOTONIC as well.

glibc (2.31-1) unstable; urgency=medium

  [ Samuel Thibault ]
  * debian/control: Build-depend on gcc-10 version that defaults to i686 on
    hurd-i386.
  * debian/control: Build-depend on mig-for-host instead of mig.
  * debian/sysdeps/hurd-i386.mk: Drop adding -march=i686.
  * debian/hurd-i386/git-pselect.diff: Fix pselect atomicity.
  * debian/hurd-i386/git-fexecve.diff: Fix fexecve.
  * debian/hurd-i386/git-cond_destroy.diff: Fix cond_destroy synchronization
    with woken threads.
  * debian/hurd-i386/git-holes.diff: Fix detecting support for file holes.
  * debian/hurd-i386/local-clock_gettime_MONOTONIC.diff: Also fix clock_getres
    with CLOCK_MONOTONIC.
  * debian/hurd-i386/git-longjmp-onstack.diff: Fix longjmp-ing from altstack.
  * debian/hurd-i386/git-register-atfork2.diff: Fix register-atfork ordering.
  * debian/hurd-i386/git-intr-msg-unwind.diff: Fix unwinding over interruptible
    RPC.
  * debian/hurd-i386/git-strtol-test.diff: Fix testing strtol errors.
  * debian/testsuite-xfail-debian.mk: Update.
  * debian/debhelper.in/libc-udeb.install.hurd-i386: Add missing
    libmachuser/libhurduser.
  * debian/rules.d/debhelper.mk: Add dh_link pass to libc-udeb binaryinst.
  * debian/debhelper.in/libc-udeb.links.hurd-i386: Add missing ld.so link.
  * debian/rules: Clean links file.

  [ Aurelien Jarno ]
  * debian/patches/git-updates.diff: update from upstream stable branch.
  * debian/patches/any/git-surplus-tls-accounting.diff: backport TLS surplus
    accounting from upstream.  Closes: #964141.
  * debian/control.in/main: update breaks on cross-toolchain-base* as they
    will need changes to build with glibc 2.31.

 -- Balint Reczey <rbal...@ubuntu.com>  Tue, 15 Sep 2020 17:13:26 +0200

** Changed in: glibc (Ubuntu)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2016-10228

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-6096

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1889190

Title:
  ldconfig is still deferred in libc6.preinst

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1889190/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to