diff --git a/glibc-testsuite.changes b/glibc-testsuite.changes
index 99e1209..8fad9b6 100644
--- a/glibc-testsuite.changes
+++ b/glibc-testsuite.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Jun 9 09:17:10 UTC 2016 - schwab@suse.de
+
+- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ
+ #19755)
+
-------------------------------------------------------------------
Mon May 30 08:23:03 UTC 2016 - schwab@suse.de
@@ -295,7 +301,7 @@ Wed Aug 5 09:35:41 UTC 2015 - schwab@suse.de
* The header <regexp.h> is deprecated, and will be removed in a future
release.
* bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211
- bsc#940195 bsc#940332
+ bsc#940195 bsc#940332 bsc#944494 bsc#968787
- Patches from upstream removed
* htm-tabort.patch
* o-tmpfile.patch
@@ -441,7 +447,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
and the LC_* variables), are more tightly checked for proper syntax
* On x86-64, the dynamic linker's lazy-binding support is now compatible
with application code using Intel MPX instructions
- * CVE-2013-7423 bsc#915526 bsc#934084
+ * CVE-2013-7423 bsc#915526 bsc#934084 bsc#973010
- Patches from upstream removed
* nss-dns-memleak.patch
* sin-sign.patch
@@ -466,6 +472,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
* resolv-dont-ignore-second-answer.patch
* iconv-ibm-sentinel-check.patch
- Remove sprof.1, and mtrace.1, now included in the man-pages package
+ (bsc#967190)
-------------------------------------------------------------------
Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de
diff --git a/glibc-testsuite.spec b/glibc-testsuite.spec
index f81a47f..b491508 100644
--- a/glibc-testsuite.spec
+++ b/glibc-testsuite.spec
@@ -308,6 +308,8 @@ Patch1054: 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch
Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch
# PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112)
Patch1056: clntudp-call-alloca.patch
+# PATCH-FIX-UPSTREAM Fix nscd assertion failure in gc (BZ #19755)
+Patch1057: nscd-gc-crash.patch
###
# Patches awaiting upstream approval
@@ -587,6 +589,7 @@ rm nscd/s-stamp
%patch1054 -p1
%patch1055 -p1
%patch1056 -p1
+%patch1057 -p1
%patch2000 -p1
%patch2001 -p1
@@ -872,6 +875,8 @@ make -C cc-base -k check || {
done < $sum
done
set -$o
+ # Fail build if there where compilation errors during testsuite run
+ test -f tests.sum
}
%else
# This has to pass on all platforms!
diff --git a/glibc-utils.changes b/glibc-utils.changes
index 99e1209..8fad9b6 100644
--- a/glibc-utils.changes
+++ b/glibc-utils.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Jun 9 09:17:10 UTC 2016 - schwab@suse.de
+
+- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ
+ #19755)
+
-------------------------------------------------------------------
Mon May 30 08:23:03 UTC 2016 - schwab@suse.de
@@ -295,7 +301,7 @@ Wed Aug 5 09:35:41 UTC 2015 - schwab@suse.de
* The header <regexp.h> is deprecated, and will be removed in a future
release.
* bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211
- bsc#940195 bsc#940332
+ bsc#940195 bsc#940332 bsc#944494 bsc#968787
- Patches from upstream removed
* htm-tabort.patch
* o-tmpfile.patch
@@ -441,7 +447,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
and the LC_* variables), are more tightly checked for proper syntax
* On x86-64, the dynamic linker's lazy-binding support is now compatible
with application code using Intel MPX instructions
- * CVE-2013-7423 bsc#915526 bsc#934084
+ * CVE-2013-7423 bsc#915526 bsc#934084 bsc#973010
- Patches from upstream removed
* nss-dns-memleak.patch
* sin-sign.patch
@@ -466,6 +472,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
* resolv-dont-ignore-second-answer.patch
* iconv-ibm-sentinel-check.patch
- Remove sprof.1, and mtrace.1, now included in the man-pages package
+ (bsc#967190)
-------------------------------------------------------------------
Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de
diff --git a/glibc-utils.spec b/glibc-utils.spec
index 1b7ad53..bdfd810 100644
--- a/glibc-utils.spec
+++ b/glibc-utils.spec
@@ -307,6 +307,8 @@ Patch1054: 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch
Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch
# PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112)
Patch1056: clntudp-call-alloca.patch
+# PATCH-FIX-UPSTREAM Fix nscd assertion failure in gc (BZ #19755)
+Patch1057: nscd-gc-crash.patch
###
# Patches awaiting upstream approval
@@ -587,6 +589,7 @@ rm nscd/s-stamp
%patch1054 -p1
%patch1055 -p1
%patch1056 -p1
+%patch1057 -p1
%patch2000 -p1
%patch2001 -p1
@@ -872,6 +875,8 @@ make -C cc-base -k check || {
done < $sum
done
set -$o
+ # Fail build if there where compilation errors during testsuite run
+ test -f tests.sum
}
%else
# This has to pass on all platforms!
diff --git a/glibc.changes b/glibc.changes
index 99e1209..8fad9b6 100644
--- a/glibc.changes
+++ b/glibc.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Jun 9 09:17:10 UTC 2016 - schwab@suse.de
+
+- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ
+ #19755)
+
-------------------------------------------------------------------
Mon May 30 08:23:03 UTC 2016 - schwab@suse.de
@@ -295,7 +301,7 @@ Wed Aug 5 09:35:41 UTC 2015 - schwab@suse.de
* The header <regexp.h> is deprecated, and will be removed in a future
release.
* bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211
- bsc#940195 bsc#940332
+ bsc#940195 bsc#940332 bsc#944494 bsc#968787
- Patches from upstream removed
* htm-tabort.patch
* o-tmpfile.patch
@@ -441,7 +447,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
and the LC_* variables), are more tightly checked for proper syntax
* On x86-64, the dynamic linker's lazy-binding support is now compatible
with application code using Intel MPX instructions
- * CVE-2013-7423 bsc#915526 bsc#934084
+ * CVE-2013-7423 bsc#915526 bsc#934084 bsc#973010
- Patches from upstream removed
* nss-dns-memleak.patch
* sin-sign.patch
@@ -466,6 +472,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
* resolv-dont-ignore-second-answer.patch
* iconv-ibm-sentinel-check.patch
- Remove sprof.1, and mtrace.1, now included in the man-pages package
+ (bsc#967190)
-------------------------------------------------------------------
Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de
diff --git a/glibc.spec b/glibc.spec
index 3187cfc..f1e5cf0 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -308,6 +308,8 @@ Patch1054: 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch
Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch
# PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112)
Patch1056: clntudp-call-alloca.patch
+# PATCH-FIX-UPSTREAM Fix nscd assertion failure in gc (BZ #19755)
+Patch1057: nscd-gc-crash.patch
###
# Patches awaiting upstream approval
@@ -587,6 +589,7 @@ rm nscd/s-stamp
%patch1054 -p1
%patch1055 -p1
%patch1056 -p1
+%patch1057 -p1
%patch2000 -p1
%patch2001 -p1
@@ -872,6 +875,8 @@ make -C cc-base -k check || {
done < $sum
done
set -$o
+ # Fail build if there where compilation errors during testsuite run
+ test -f tests.sum
}
%else
# This has to pass on all platforms!
diff --git a/nscd-gc-crash.patch b/nscd-gc-crash.patch
new file mode 100644
index 0000000..cc842bc
--- /dev/null
+++ b/nscd-gc-crash.patch
@@ -0,0 +1,73 @@
+ [BZ #19755]
+ * nscd/pwdcache.c (cache_addpw): Lock prune_run_lock while adding
+ new entries in auto-propagate mode.
+ * nscd/grpcache.c (cache_addgr): Likewise.
+
+Index: glibc-2.23/nscd/grpcache.c
+===================================================================
+--- glibc-2.23.orig/nscd/grpcache.c
++++ glibc-2.23/nscd/grpcache.c
+@@ -205,10 +205,19 @@ cache_addgr (struct database_dyn *db, in
+ dataset = NULL;
+
+ if (he == NULL)
+- dataset = (struct dataset *) mempool_alloc (db, total + n, 1);
++ {
++ /* Prevent an INVALIDATE request from pruning the data between
++ the two calls to cache_add. */
++ if (db->propagate)
++ pthread_mutex_lock (&db->prune_run_lock);
++ dataset = (struct dataset *) mempool_alloc (db, total + n, 1);
++ }
+
+ if (dataset == NULL)
+ {
++ if (he == NULL && db->propagate)
++ pthread_mutex_unlock (&db->prune_run_lock);
++
+ /* We cannot permanently add the result in the moment. But
+ we can provide the result as is. Store the data in some
+ temporary memory. */
+@@ -396,6 +405,8 @@ cache_addgr (struct database_dyn *db, in
+
+ out:
+ pthread_rwlock_unlock (&db->lock);
++ if (he == NULL && db->propagate)
++ pthread_mutex_unlock (&db->prune_run_lock);
+ }
+ }
+
+Index: glibc-2.23/nscd/pwdcache.c
+===================================================================
+--- glibc-2.23.orig/nscd/pwdcache.c
++++ glibc-2.23/nscd/pwdcache.c
+@@ -198,10 +198,19 @@ cache_addpw (struct database_dyn *db, in
+ dataset = NULL;
+
+ if (he == NULL)
+- dataset = (struct dataset *) mempool_alloc (db, total + n, 1);
++ {
++ /* Prevent an INVALIDATE request from pruning the data between
++ the two calls to cache_add. */
++ if (db->propagate)
++ pthread_mutex_lock (&db->prune_run_lock);
++ dataset = (struct dataset *) mempool_alloc (db, total + n, 1);
++ }
+
+ if (dataset == NULL)
+ {
++ if (he == NULL && db->propagate)
++ pthread_mutex_unlock (&db->prune_run_lock);
++
+ /* We cannot permanently add the result in the moment. But
+ we can provide the result as is. Store the data in some
+ temporary memory. */
+@@ -374,6 +383,8 @@ cache_addpw (struct database_dyn *db, in
+
+ out:
+ pthread_rwlock_unlock (&db->lock);
++ if (he == NULL && db->propagate)
++ pthread_mutex_unlock (&db->prune_run_lock);
+ }
+ }
+