Maandelijks archief juni 2021

glibc (JollaPhone)

Rating: 
0
No votes yet

The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function.

sha256sum filename:
4fe3c320bc0c4d931c15d99fad731be7f911d6afb298e1dcfcc0f8da1dc252c2 glibc-2.30+git7-8.2.armv7hl.rpm

Category:

Keywords:

Application versions: 
Attachment Size Date
Fileglibc-2.196.14.1-1.armv7hl.rpm 5.55 MB 10/03/2018 – 16:37
Fileglibc-2.30git7-8.armv7hl.rpm 2.27 MB 30/06/2021 – 21:47
Fileglibc-2.30git7-8.1.armv7hl.rpm 2.27 MB 05/08/2021 – 20:56
Fileglibc-2.30git7-8.2.armv7hl.rpm 2.27 MB 19/08/2021 – 20:06
Changelog: 

2.30+git7-8.2:
+librt-fix-NULL-pointer-dereference-bug-28213.patch
+librt-add-test-bug28213.patch

2.30+git7-8.1:
Security related changes:
Fix an arbitrary read in wordexp() (CVE-2021-35942)

2.30+git7-8:
Security related changes:

CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.

CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.

CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.

The following bugs are resolved with this release:

[20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
[20543] Please move from .gnu.linkonce to comdat
[23296] Data race in setting function descriptor during lazy binding
[23518] login: Remove utmp backend jump tables
[24682] localedata: zh_CN first weekday should be Monday per GB/T
7408-2005
[24867] malloc: Remove unwanted leading whitespace in malloc_info
[24879] login: Disarm timer after utmp lock acquisition
[24880] login: Use struct flock64 in utmp
[24882] login: Acquire write lock early in pututline
[24986] alpha: new getegid, geteuid and getppid syscalls used
unconditionally
[24899] login: Add nonstring attributes to struct utmp, struct utmpx
[24902] login: pututxline could fail to overwrite existing entries
[25066] FAIL: nptl/tst-tls1 on hppa
[25189] Don’t use a custom wrapper macro around __has_include
[25203] libio: Disable vtable validation for pre-2.1 interposed handles
[25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs
[25225] ld.so fails to link on x86 if GCC defaults to -fcf-protection
[25232] No const correctness for strchr et al. for Clang++
[25401] Remove incorrect alloc_size attribute from pvalloc
[25487] sinl() stack corruption from crafted input (CVE-2020-10029)
[25523] MIPS/Linux inline syscall template is miscompiled
[25635] arm: Wrong sysdep order selection for soft-fp
[25715] system() returns wrong errors when posix_spawn fails
[25810] x32: Incorrect syscall entries with pointer, off_t and size_t
[25896] Incorrect prctl
[25902] Bad LOADARGS_N
[25933] Off by one error in __strncmp_avx2
[25966] Incorrect access of __x86_shared_non_temporal_threshold for x32
[25976] nss_compat: internal_end*ent may clobber errno, hiding ERANGE
[27130] “rep movsb” performance issue
[27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn’t work

glibc-common (JollaPhone)

Rating: 
0
No votes yet

The glibc-common package includes common binaries for the GNU libc
libraries, as well as national language (locale) support.

sha256sum filename:
7fc1c614bf0390279bf4b9a61b4dc402b08e5ee5af8a0584711f2c89f79e125f glibc-common-2.30+git7-8.2.armv7hl.rpm

Category:

Keywords:

Application versions: 
Attachment Size Date
Fileglibc-common-2.196.14.1-1.armv7hl.rpm 4.42 MB 10/03/2018 – 16:32
Fileglibc-common-2.30git7-8.armv7hl.rpm 4.75 MB 30/06/2021 – 21:45
Fileglibc-common-2.30git7-8.1.armv7hl.rpm 4.75 MB 05/08/2021 – 20:55
Fileglibc-common-2.30git7-8.2.armv7hl.rpm 4.75 MB 19/08/2021 – 20:05
Changelog: 

2.30+git7-8.2:
+librt-fix-NULL-pointer-dereference-bug-28213.patch
+librt-add-test-bug28213.patch

2.30+git7-8.1:
Security related changes:
Fix an arbitrary read in wordexp() (CVE-2021-35942)

2.30+git7-8:
Security related changes:

CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.

CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.

CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.

The following bugs are resolved with this release:

[20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
[20543] Please move from .gnu.linkonce to comdat
[23296] Data race in setting function descriptor during lazy binding
[23518] login: Remove utmp backend jump tables
[24682] localedata: zh_CN first weekday should be Monday per GB/T
7408-2005
[24867] malloc: Remove unwanted leading whitespace in malloc_info
[24879] login: Disarm timer after utmp lock acquisition
[24880] login: Use struct flock64 in utmp
[24882] login: Acquire write lock early in pututline
[24986] alpha: new getegid, geteuid and getppid syscalls used
unconditionally
[24899] login: Add nonstring attributes to struct utmp, struct utmpx
[24902] login: pututxline could fail to overwrite existing entries
[25066] FAIL: nptl/tst-tls1 on hppa
[25189] Don’t use a custom wrapper macro around __has_include
[25203] libio: Disable vtable validation for pre-2.1 interposed handles
[25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs
[25225] ld.so fails to link on x86 if GCC defaults to -fcf-protection
[25232] No const correctness for strchr et al. for Clang++
[25401] Remove incorrect alloc_size attribute from pvalloc
[25487] sinl() stack corruption from crafted input (CVE-2020-10029)
[25523] MIPS/Linux inline syscall template is miscompiled
[25635] arm: Wrong sysdep order selection for soft-fp
[25715] system() returns wrong errors when posix_spawn fails
[25810] x32: Incorrect syscall entries with pointer, off_t and size_t
[25896] Incorrect prctl
[25902] Bad LOADARGS_N
[25933] Off by one error in __strncmp_avx2
[25966] Incorrect access of __x86_shared_non_temporal_threshold for x32
[25976] nss_compat: internal_end*ent may clobber errno, hiding ERANGE
[27130] “rep movsb” performance issue
[27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn’t work

glibc-utils (JollaPhone)

Rating: 
0
No votes yet

The glibc-utils package contains memusage, a memory usage profiler,
mtrace, a memory leak tracer and xtrace, a function call tracer
which can be helpful during program debugging.

If unsure if you need this, don’t install this package.

sha256sum filename:
000cd99a5e73b601373fde90953fa3395aaa72ded3cb6ceb8fe0ab92915054f9 glibc-utils-2.30+git7-8.2.armv7hl.rpm

Category:

Keywords:

Application versions: 
Attachment Size Date
Fileglibc-utils-2.196.14.1-1.armv7hl.rpm 40.68 KB 10/03/2018 – 16:29
Fileglibc-utils-2.30git7-8.armv7hl.rpm 23.19 KB 30/06/2021 – 21:42
Fileglibc-utils-2.30git7-8.1.armv7hl.rpm 23.2 KB 05/08/2021 – 20:52
Fileglibc-utils-2.30git7-8.2.armv7hl.rpm 23.21 KB 19/08/2021 – 20:02
Changelog: 

2.30+git7-8.2:
+librt-fix-NULL-pointer-dereference-bug-28213.patch
+librt-add-test-bug28213.patch

2.30+git7-8.1:
Security related changes:
Fix an arbitrary read in wordexp() (CVE-2021-35942)

2.30+git7-8:
Security related changes:

CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.

CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.

CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.

The following bugs are resolved with this release:

[20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
[20543] Please move from .gnu.linkonce to comdat
[23296] Data race in setting function descriptor during lazy binding
[23518] login: Remove utmp backend jump tables
[24682] localedata: zh_CN first weekday should be Monday per GB/T
7408-2005
[24867] malloc: Remove unwanted leading whitespace in malloc_info
[24879] login: Disarm timer after utmp lock acquisition
[24880] login: Use struct flock64 in utmp
[24882] login: Acquire write lock early in pututline
[24986] alpha: new getegid, geteuid and getppid syscalls used
unconditionally
[24899] login: Add nonstring attributes to struct utmp, struct utmpx
[24902] login: pututxline could fail to overwrite existing entries
[25066] FAIL: nptl/tst-tls1 on hppa
[25189] Don’t use a custom wrapper macro around __has_include
[25203] libio: Disable vtable validation for pre-2.1 interposed handles
[25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs
[25225] ld.so fails to link on x86 if GCC defaults to -fcf-protection
[25232] No const correctness for strchr et al. for Clang++
[25401] Remove incorrect alloc_size attribute from pvalloc
[25487] sinl() stack corruption from crafted input (CVE-2020-10029)
[25523] MIPS/Linux inline syscall template is miscompiled
[25635] arm: Wrong sysdep order selection for soft-fp
[25715] system() returns wrong errors when posix_spawn fails
[25810] x32: Incorrect syscall entries with pointer, off_t and size_t
[25896] Incorrect prctl
[25902] Bad LOADARGS_N
[25933] Off by one error in __strncmp_avx2
[25966] Incorrect access of __x86_shared_non_temporal_threshold for x32
[25976] nss_compat: internal_end*ent may clobber errno, hiding ERANGE
[27130] “rep movsb” performance issue
[27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn’t work

nscd

Rating: 
0
No votes yet

!! Jolla1 NOT SUPPORTED !! (glibc-2.30)

Nscd caches name service lookups and can dramatically improve
performance with NIS+, and may help with DNS as well.

sha256sum filename:
bc9e0436c77c8ec7b0969756ad31d0f17f2d49da9d1b7fddea9ce19c7cbdeb97 nscd-2.30+git7-8.2.armv7hl.rpm

Category:

Keywords:

Application versions: 
Attachment Size Date
Filenscd-2.196.14.1-1.armv7hl.rpm 223.3 KB 10/03/2018 – 16:27
Filenscd-2.30git7-8.armv7hl.rpm 62.97 KB 30/06/2021 – 21:40
Filenscd-2.30git7-8.1.armv7hl.rpm 62.96 KB 05/08/2021 – 20:50
Filenscd-2.30git7-8.2.armv7hl.rpm 63.12 KB 19/08/2021 – 20:01
Changelog: 

!! Jolla1 NOT SUPPORTED !!

2.30+git7-8.2:
+librt-fix-NULL-pointer-dereference-bug-28213.patch
+librt-add-test-bug28213.patch

2.30+git7-8.1:
Security related changes:
Fix an arbitrary read in wordexp() (CVE-2021-35942)

2.30+git7-8:
Security related changes:

CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.

CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.

CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.

The following bugs are resolved with this release:

[20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
[20543] Please move from .gnu.linkonce to comdat
[23296] Data race in setting function descriptor during lazy binding
[23518] login: Remove utmp backend jump tables
[24682] localedata: zh_CN first weekday should be Monday per GB/T
7408-2005
[24867] malloc: Remove unwanted leading whitespace in malloc_info
[24879] login: Disarm timer after utmp lock acquisition
[24880] login: Use struct flock64 in utmp
[24882] login: Acquire write lock early in pututline
[24986] alpha: new getegid, geteuid and getppid syscalls used
unconditionally
[24899] login: Add nonstring attributes to struct utmp, struct utmpx
[24902] login: pututxline could fail to overwrite existing entries
[25066] FAIL: nptl/tst-tls1 on hppa
[25189] Don’t use a custom wrapper macro around __has_include
[25203] libio: Disable vtable validation for pre-2.1 interposed handles
[25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs
[25225] ld.so fails to link on x86 if GCC defaults to -fcf-protection
[25232] No const correctness for strchr et al. for Clang++
[25401] Remove incorrect alloc_size attribute from pvalloc
[25487] sinl() stack corruption from crafted input (CVE-2020-10029)
[25523] MIPS/Linux inline syscall template is miscompiled
[25635] arm: Wrong sysdep order selection for soft-fp
[25715] system() returns wrong errors when posix_spawn fails
[25810] x32: Incorrect syscall entries with pointer, off_t and size_t
[25896] Incorrect prctl
[25902] Bad LOADARGS_N
[25933] Off by one error in __strncmp_avx2
[25966] Incorrect access of __x86_shared_non_temporal_threshold for x32
[25976] nss_compat: internal_end*ent may clobber errno, hiding ERANGE
[27130] “rep movsb” performance issue
[27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn’t work

glibc-static (JollaPhone)

Rating: 
0
No votes yet

The glibc-static package contains the C library static libraries
for -static linking. You don’t need these, unless you link statically,
which is highly discouraged.

sha256sum filename:
f1fa74e9f4b640cd3a5c78217ee477f928c3effea6ba2f4d072e413e6ecad3c3 glibc-static-2.30+git7-8.2.armv7hl.rpm

Category:

Keywords:

Application versions: 
Attachment Size Date
Fileglibc-static-2.196.14.1-1.armv7hl.rpm 1.57 MB 10/03/2018 – 16:26
Fileglibc-static-2.30git7-8.armv7hl.rpm 986.08 KB 30/06/2021 – 21:37
Fileglibc-static-2.30git7-8.1.armv7hl.rpm 986.1 KB 05/08/2021 – 20:48
Fileglibc-static-2.30git7-8.2.armv7hl.rpm 986.21 KB 19/08/2021 – 20:00
Changelog: 

2.30+git7-8.2:
+librt-fix-NULL-pointer-dereference-bug-28213.patch
+librt-add-test-bug28213.patch

2.30+git7-8.1:
Security related changes:
Fix an arbitrary read in wordexp() (CVE-2021-35942)

2.30+git7-8:
Security related changes:

CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.

CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.

CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.

The following bugs are resolved with this release:

[20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
[20543] Please move from .gnu.linkonce to comdat
[23296] Data race in setting function descriptor during lazy binding
[23518] login: Remove utmp backend jump tables
[24682] localedata: zh_CN first weekday should be Monday per GB/T
7408-2005
[24867] malloc: Remove unwanted leading whitespace in malloc_info
[24879] login: Disarm timer after utmp lock acquisition
[24880] login: Use struct flock64 in utmp
[24882] login: Acquire write lock early in pututline
[24986] alpha: new getegid, geteuid and getppid syscalls used
unconditionally
[24899] login: Add nonstring attributes to struct utmp, struct utmpx
[24902] login: pututxline could fail to overwrite existing entries
[25066] FAIL: nptl/tst-tls1 on hppa
[25189] Don’t use a custom wrapper macro around __has_include
[25203] libio: Disable vtable validation for pre-2.1 interposed handles
[25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs
[25225] ld.so fails to link on x86 if GCC defaults to -fcf-protection
[25232] No const correctness for strchr et al. for Clang++
[25401] Remove incorrect alloc_size attribute from pvalloc
[25487] sinl() stack corruption from crafted input (CVE-2020-10029)
[25523] MIPS/Linux inline syscall template is miscompiled
[25635] arm: Wrong sysdep order selection for soft-fp
[25715] system() returns wrong errors when posix_spawn fails
[25810] x32: Incorrect syscall entries with pointer, off_t and size_t
[25896] Incorrect prctl
[25902] Bad LOADARGS_N
[25933] Off by one error in __strncmp_avx2
[25966] Incorrect access of __x86_shared_non_temporal_threshold for x32
[25976] nss_compat: internal_end*ent may clobber errno, hiding ERANGE
[27130] “rep movsb” performance issue
[27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn’t work

glibc-headers (JollaPhone)

Rating: 
0
No votes yet

The glibc-headers package contains the header files necessary
for developing programs which use the standard C libraries (which are
used by nearly all programs). If you are developing programs which
will use the standard C libraries, your system needs to have these
standard header files available in order to create the
executables.

Install glibc-headers if you are going to develop programs which will
use the standard C libraries.

sha256sum filename:
b1dffa188cd113142f5136cff5706c06b14160d4d69778ee371e614da2698c71 glibc-headers-2.30+git7-8.2.armv7hl.rpm

Category:

Keywords:

Application versions: 
Attachment Size Date
Fileglibc-headers-2.196.14.1-1.armv7hl.rpm 426.78 KB 10/03/2018 – 16:23
Fileglibc-headers-2.30git7-8.armv7hl.rpm 421.99 KB 30/06/2021 – 21:35
Fileglibc-headers-2.30git7-8.1.armv7hl.rpm 422.02 KB 05/08/2021 – 20:46
Fileglibc-headers-2.30git7-8.2.armv7hl.rpm 422 KB 19/08/2021 – 19:59
Changelog: 

2.30+git7-8.2:
+librt-fix-NULL-pointer-dereference-bug-28213.patch
+librt-add-test-bug28213.patch

2.30+git7-8.1:
Security related changes:
Fix an arbitrary read in wordexp() (CVE-2021-35942)

2.30+git7-8:
Security related changes:

CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.

CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.

CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.

The following bugs are resolved with this release:

[20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
[20543] Please move from .gnu.linkonce to comdat
[23296] Data race in setting function descriptor during lazy binding
[23518] login: Remove utmp backend jump tables
[24682] localedata: zh_CN first weekday should be Monday per GB/T
7408-2005
[24867] malloc: Remove unwanted leading whitespace in malloc_info
[24879] login: Disarm timer after utmp lock acquisition
[24880] login: Use struct flock64 in utmp
[24882] login: Acquire write lock early in pututline
[24986] alpha: new getegid, geteuid and getppid syscalls used
unconditionally
[24899] login: Add nonstring attributes to struct utmp, struct utmpx
[24902] login: pututxline could fail to overwrite existing entries
[25066] FAIL: nptl/tst-tls1 on hppa
[25189] Don’t use a custom wrapper macro around __has_include
[25203] libio: Disable vtable validation for pre-2.1 interposed handles
[25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs
[25225] ld.so fails to link on x86 if GCC defaults to -fcf-protection
[25232] No const correctness for strchr et al. for Clang++
[25401] Remove incorrect alloc_size attribute from pvalloc
[25487] sinl() stack corruption from crafted input (CVE-2020-10029)
[25523] MIPS/Linux inline syscall template is miscompiled
[25635] arm: Wrong sysdep order selection for soft-fp
[25715] system() returns wrong errors when posix_spawn fails
[25810] x32: Incorrect syscall entries with pointer, off_t and size_t
[25896] Incorrect prctl
[25902] Bad LOADARGS_N
[25933] Off by one error in __strncmp_avx2
[25966] Incorrect access of __x86_shared_non_temporal_threshold for x32
[25976] nss_compat: internal_end*ent may clobber errno, hiding ERANGE
[27130] “rep movsb” performance issue
[27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn’t work

glibc-devel (JollaPhone)

Rating: 
0
No votes yet

The glibc-devel package contains the object files necessary
for developing programs which use the standard C libraries (which are
used by nearly all programs). If you are developing programs which
will use the standard C libraries, your system needs to have these
standard object files available in order to create the
executables.

Install glibc-devel if you are going to develop programs which will
use the standard C libraries.

sha256sum filename:
a78e234d62bea61c232cc54edce49a38e229fec0a2a3da699ecb31100da1afd1 glibc-devel-2.30+git7-8.2.armv7hl.rpm

Category:

Keywords:

Application versions: 
Attachment Size Date
Fileglibc-devel-2.196.14.1-1.armv7hl.rpm 68.54 KB 10/03/2018 – 16:21
Fileglibc-devel-2.30git7-8.armv7hl.rpm 18.21 KB 30/06/2021 – 21:32
Fileglibc-devel-2.30git7-8.1.armv7hl.rpm 18.22 KB 05/08/2021 – 20:44
Fileglibc-devel-2.30git7-8.2.armv7hl.rpm 18.23 KB 19/08/2021 – 19:57
Changelog: 

2.30+git7-8.2:
+librt-fix-NULL-pointer-dereference-bug-28213.patch
+librt-add-test-bug28213.patch

2.30+git7-8.1:
Security related changes:
Fix an arbitrary read in wordexp() (CVE-2021-35942)

2.30+git7-8:
Security related changes:

CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.

CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.

CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.

The following bugs are resolved with this release:

[20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
[20543] Please move from .gnu.linkonce to comdat
[23296] Data race in setting function descriptor during lazy binding
[23518] login: Remove utmp backend jump tables
[24682] localedata: zh_CN first weekday should be Monday per GB/T
7408-2005
[24867] malloc: Remove unwanted leading whitespace in malloc_info
[24879] login: Disarm timer after utmp lock acquisition
[24880] login: Use struct flock64 in utmp
[24882] login: Acquire write lock early in pututline
[24986] alpha: new getegid, geteuid and getppid syscalls used
unconditionally
[24899] login: Add nonstring attributes to struct utmp, struct utmpx
[24902] login: pututxline could fail to overwrite existing entries
[25066] FAIL: nptl/tst-tls1 on hppa
[25189] Don’t use a custom wrapper macro around __has_include
[25203] libio: Disable vtable validation for pre-2.1 interposed handles
[25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs
[25225] ld.so fails to link on x86 if GCC defaults to -fcf-protection
[25232] No const correctness for strchr et al. for Clang++
[25401] Remove incorrect alloc_size attribute from pvalloc
[25487] sinl() stack corruption from crafted input (CVE-2020-10029)
[25523] MIPS/Linux inline syscall template is miscompiled
[25635] arm: Wrong sysdep order selection for soft-fp
[25715] system() returns wrong errors when posix_spawn fails
[25810] x32: Incorrect syscall entries with pointer, off_t and size_t
[25896] Incorrect prctl
[25902] Bad LOADARGS_N
[25933] Off by one error in __strncmp_avx2
[25966] Incorrect access of __x86_shared_non_temporal_threshold for x32
[25976] nss_compat: internal_end*ent may clobber errno, hiding ERANGE
[27130] “rep movsb” performance issue
[27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn’t work

Loonies 8192

Rating: 
5
Your rating: None Average: 5 (1 vote)

Retro Puzzle for DOS, PSP, 3DS, GBA, PSX, Android, NDS, Win32, N800, N9 and PocketCHIP
This simple puzzle game at some point fit into 8 KiB, hence the name. Since then, the focus has shifted to po…

Loonies 8192

Rating: 
0
No votes yet

Retro Puzzle for DOS, PSP, 3DS, GBA, PSX, Android, NDS, Win32, N800, N9 and PocketCHIP
This simple puzzle game at some point fit into 8 KiB, hence the name. Since then, the focus has shifted to porting and support for var…

Scintillon

Rating: 
5
Your rating: None Average: 5 (7 votes)

Scintillon is a Philips Hue compatible smart home app that lets you control your Hue lighting using your Sailfish OS phone.
To use it you’ll need a Philips Hue Hub with some lights attached. Your…