From: Raspbian automatic forward porter <root@raspbian.org>
Date: Sun, 27 Mar 2022 03:41:04 +0000 (+0100)
Subject: Merge version 2.31-13+rpi1+deb11u2 and 2.31-13+deb11u3 to produce 2.31-13+rpi1+deb11u3
X-Git-Tag: archive/raspbian/2.31-13+rpi1+deb11u3~1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=4c69d1fe165b8c10e65a64f5e79d0ddbd312af0d;p=glibc.git

Merge version 2.31-13+rpi1+deb11u2 and 2.31-13+deb11u3 to produce 2.31-13+rpi1+deb11u3
---

4c69d1fe165b8c10e65a64f5e79d0ddbd312af0d
diff --cc debian/changelog
index b8a75a4dd,b1753afef..4393d6f21
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,15 -1,24 +1,37 @@@
- glibc (2.31-13+rpi1+deb11u2) bullseye-staging; urgency=medium
++glibc (2.31-13+rpi1+deb11u3) bullseye-staging; urgency=medium
 +
 +  [changes brought forward from 2.25-2+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Wed, 29 Nov 2017 03:00:21 +0000]
 +  * Disable testsuite.
 +
 +  [changes introduced in 2.29-9+rpi1 by Peter Michale Green]
 +  * Change mode on scripts/check-obsolete-constructs.py to 644, 
 +    dgit does not like mode 755 files created by patches and the
 +    script does not seem to be used for anything in the Debian
 +    package.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Sat, 09 Oct 2021 14:29:47 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sun, 27 Mar 2022 03:41:03 +0000
++
+ glibc (2.31-13+deb11u3) bullseye; urgency=medium
+ 
+   [ Aurelien Jarno ]
+   * debian/patches/git-updates.diff: update from upstream stable branch:
+     - Fix bad conversion from ISO-2022-JP-3 with iconv (CVE-2021-43396).
+       Closes: #998622.
+     - Remove PIE check on amd64 to fix FTBFS with binutils 2.37.
+     - Fix a buffer overflow in sunrpc svcunix_create (CVE-2022-23218).
+     - Fix a buffer overflow in sunrpc clnt_create (CVE-2022-23219).
+   * debian/debhelper.in/libc-bin.postinst: stop replacing older versions from
+     /etc/nsswitch.conf.  Closes: #998008.
+   * debian/debhelper.in/libc.preinst: simplify the version comparison by only
+     comparing the two first parts, now that kernel 2.X are not supported
+     anymore.  Closes: #1004861.
+   * debian/debhelper.in/libc.preinst: drop the check for kernel release > 255
+     now that glibc and preinstall script are fixed.  Closes: #987266.
+   * debian/patches/local-CVE-2021-33574-mq_notify-use-after-free.diff:
+     fix a possible use-after-free in mq_notify (CVE-2021-33574).  Closes:
+     #989147.
+ 
+  -- Aurelien Jarno <aurel32@debian.org>  Thu, 17 Mar 2022 22:37:00 +0100
  
  glibc (2.31-13+deb11u2) bullseye; urgency=medium