Bug 17325 (CVE-2014-6040) - iconv from ccsid 937 to utf-8 access invalid memory (CVE-2014-6040)
Summary: iconv from ccsid 937 to utf-8 access invalid memory (CVE-2014-6040)
Status: RESOLVED FIXED
Alias: CVE-2014-6040
Product: glibc
Classification: Unclassified
Component: localedata (show other bugs)
Version: 2.20
: P2 normal
Target Milestone: ---
Assignee: Florian Weimer
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-28 17:46 UTC by Adhemerval Zanella Netto
Modified: 2015-02-23 15:02 UTC (History)
3 users (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:
fweimer: security+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Adhemerval Zanella Netto 2014-08-28 17:46:05 UTC
The testcase:

--

#include <stdio.h>
#include <stdlib.h>
#include <iconv.h>

void
testIconv (const char *toEnc, char *to_conv, size_t to_conv_len)
{
  iconv_t cd;
  char buf_input[13];
  char buf_output[64];
  size_t input_len = to_conv_len;
  sprintf (buf_input, "%s", to_conv);
  size_t available_len = sizeof (buf_output) - 1;
  size_t output_len = available_len;
  buf_output[sizeof (buf_output) - 1] = 0;

  cd = iconv_open ("UTF-8", toEnc);
  if (cd == (iconv_t) - 1)
    {
      fprintf (stderr, "%s: iconv_open (...) error\n", toEnc);
      return;
    }
  char *in_buf_ptr = &buf_input[0];
  char *out_buf_ptr = &buf_output[0];

  size_t iconv_val =
    iconv (cd, &in_buf_ptr, &input_len, &out_buf_ptr, &output_len);
  if (iconv_val == (size_t) - 1)
    {
      fprintf (stderr, "%s: iconv (...) error\n", toEnc);
      return;
    }
  size_t converted = available_len - output_len;
  if (converted > 0 && converted < sizeof (buf_output))
    {
      buf_output[converted] = 0;
      fprintf (stderr, "%s: converted to %s\n", toEnc, buf_output);
    }
  int ret = iconv_close (cd);
  if (ret != 0)
    fprintf (stderr, "%s: iconv_close(...) err\n", toEnc);
}

int
main ()
{
  testIconv ("IBM930", "\016\377\377\377\377\377\377\377\377\377\377\377", 12);
  testIconv ("IBM932", "\016\377\377\377\377\377\377\377\377\377\377\377", 12);
  testIconv ("IBM933", "\016\377\377\377\377\377\377\377\377\377\377\377", 12);
  testIconv ("IBM935", "\016\377\377\377\377\377\377\377\377\377\377\377", 12);
  testIconv ("IBM937", "\016\377\377\377\377\377\377\377\377\377\377\377", 12);
  testIconv ("IBM939", "\016\377\377\377\377\377\377\377\377\377\377\377", 12);
  testIconv ("IBM943", "\016\377\377\377\377\377\377\377\377\377\377\377", 12);
  return 0;
}

--

Produces segmentation faults due invalid memory access, more specifically, on GLIBC's code:

* iconvdata/ibm937.c

161         ch = (ch * 0x100) + inptr[1];                                         \
162         while (ch > rp2->end)                                                 \
163           ++rp2;                                                              \
164                                                                               \
165         if (__builtin_expect (rp2 == NULL, 0)                                 \
166             || __builtin_expect (ch < rp2->start, 0)                          \
167             || (res = __ibm937db_to_ucs4[ch + rp2->idx],                      \
168                 __builtin_expect (res, L'\1') == L'\0' && ch != '\0'))        \
169           {                                                                   \
170             /* This is an illegal character.  */                              \
171             STANDARD_FROM_LOOP_ERR_HANDLER (2);                               \
172           }                                                                   \
173         else                                                                  \
174           {                                                                   \
175             put32 (outptr, res);                                              \
176             outptr += 4;                                                      \
177           }                                                                   \
178         inptr += 2;                                                           \
179       }                                                                       \

The 'res = __ibm937db_to_ucs4[ch + rp2->idx],' is accessing invalid memory due the array index value 'ch + rp2->idx' being out the bounds. A straightforward fix you emit an invalid error if the index is out of the bonds, as the following:

diff --git a/iconvdata/ibm933.c b/iconvdata/ibm933.c
index f46dfb5..6de73e8 100644
--- a/iconvdata/ibm933.c
+++ b/iconvdata/ibm933.c
@@ -164,6 +164,8 @@ enum
                                                                              \
        if (__builtin_expect (rp2 == NULL, 0)                                 \
            || __builtin_expect (ch < rp2->start, 0)                          \
+           || __builtin_expect (                                             \
+                   (ch + rp2->idx) > sizeof __ibm933db_to_ucs4, 0)           \
            || (res = __ibm933db_to_ucs4[ch + rp2->idx],                      \
                __builtin_expect (res, L'\1') == L'\0' && ch != '\0'))        \
          {                                                                   \
diff --git a/iconvdata/ibm935.c b/iconvdata/ibm935.c
index a8e4e6c..dfb152d 100644
--- a/iconvdata/ibm935.c
+++ b/iconvdata/ibm935.c
@@ -164,6 +164,8 @@ enum
                                                                              \
        if (__builtin_expect (rp2 == NULL, 0)                                 \
            || __builtin_expect (ch < rp2->start, 0)                          \
+           || __builtin_expect (                                             \
+                   (ch + rp2->idx) > sizeof __ibm935db_to_ucs4, 0)           \
            || (res = __ibm935db_to_ucs4[ch + rp2->idx],                      \
                __builtin_expect (res, L'\1') == L'\0' && ch != '\0'))        \
          {                                                                   \
diff --git a/iconvdata/ibm937.c b/iconvdata/ibm937.c
index 239be61..13f8b3c 100644
--- a/iconvdata/ibm937.c
+++ b/iconvdata/ibm937.c
@@ -164,6 +164,8 @@ enum
                                                                              \
        if (__builtin_expect (rp2 == NULL, 0)                                 \
            || __builtin_expect (ch < rp2->start, 0)                          \
+           || __builtin_expect (                                             \
+                   (ch + rp2->idx) > sizeof __ibm937db_to_ucs4, 0)           \
            || (res = __ibm937db_to_ucs4[ch + rp2->idx],                      \
                __builtin_expect (res, L'\1') == L'\0' && ch != '\0'))        \
          {                                                                   \
diff --git a/iconvdata/ibm939.c b/iconvdata/ibm939.c
index 5d0db36..98299e9 100644
--- a/iconvdata/ibm939.c
+++ b/iconvdata/ibm939.c
@@ -164,6 +164,8 @@ enum
                                                                              \
        if (__builtin_expect (rp2 == NULL, 0)                                 \
            || __builtin_expect (ch < rp2->start, 0)                          \
+           || __builtin_expect (                                             \
+                   (ch + rp2->idx) > sizeof __ibm939db_to_ucs4, 0)           \
            || (res = __ibm939db_to_ucs4[ch + rp2->idx],                      \
                __builtin_expect (res, L'\1') == L'\0' && ch != '\0'))        \
          {
Comment 1 Florian Weimer 2014-08-29 08:40:43 UTC
This has application impact and has to be treated as a security bug.

Do you know what actually happens?  I think it's this: rp2 points to the last range in the _idx array, which corresponds to the ch value of 0xffff.  This is intended as a sentinel, but the code proceeds as if it is a real table entry.  Do you agree?  If this analysis is correct, it means that the only possible out-of-bound indexing happens with ch == 0xffff.

I think the patch is incorrect because sizeof doesn't give the array length in elements.  It may work by accident, but it's probably better to check for 0xffff explicitly, or rp2->idx being zero.

Other conversion modules are affected as well (e.g., ibm1364).
Comment 2 Adhemerval Zanella Netto 2014-08-29 12:06:13 UTC
I must confess I didn't pay much attention in my first analysis. And I agree with your evaluation: if ch is 0xffff is a out of the bound access.

I have changed the patch to check for 0xffff and also found other possible susceptible encodings.  I have place the test with others sanity ones to simplify the code.  What do you think?

diff --git a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c
index 0b5484f..21f71bd 100644
--- a/iconvdata/ibm1364.c
+++ b/iconvdata/ibm1364.c
@@ -222,6 +222,7 @@ enum
 									      \
 	uint32_t res;							      \
 	if (__builtin_expect (ch < rp2->start, 0)			      \
+	    || __builtin_expect (ch == 0xffff, 0)			      \
 	    || (res = DB_TO_UCS4[ch + rp2->idx],			      \
 		__builtin_expect (res, L'\1') == L'\0' && ch != '\0'))	      \
 	  {								      \
diff --git a/iconvdata/ibm930.c b/iconvdata/ibm930.c
index 768a444..72f4afe 100644
--- a/iconvdata/ibm930.c
+++ b/iconvdata/ibm930.c
@@ -165,6 +165,7 @@ enum
 									      \
 	if (__builtin_expect (rp2->start == 0xffff, 0)			      \
 	    || __builtin_expect (ch < rp2->start, 0)			      \
+	    || __builtin_expect (ch == 0xffff, 0)			      \
 	    || (res = __ibm930db_to_ucs4[ch + rp2->idx],		      \
 		__builtin_expect (res, L'\1') == L'\0' && ch != '\0'))	      \
 	  {								      \
diff --git a/iconvdata/ibm932.c b/iconvdata/ibm932.c
index f5dca59..57ac293 100644
--- a/iconvdata/ibm932.c
+++ b/iconvdata/ibm932.c
@@ -79,6 +79,7 @@
 									      \
 	if (__builtin_expect (rp2 == NULL, 0)				      \
 	    || __builtin_expect (ch < rp2->start, 0)			      \
+	    || __builtin_expect (ch == 0xffff, 0)			      \
 	    || (res = __ibm932db_to_ucs4[ch + rp2->idx],		      \
 	    __builtin_expect (res, '\1') == 0 && ch !=0))		      \
 	  {								      \
diff --git a/iconvdata/ibm933.c b/iconvdata/ibm933.c
index f46dfb5..633ed8f 100644
--- a/iconvdata/ibm933.c
+++ b/iconvdata/ibm933.c
@@ -164,6 +164,7 @@ enum
 									      \
 	if (__builtin_expect (rp2 == NULL, 0)				      \
 	    || __builtin_expect (ch < rp2->start, 0)			      \
+	    || __builtin_expect (ch == 0xffff, 0)			      \
 	    || (res = __ibm933db_to_ucs4[ch + rp2->idx],		      \
 		__builtin_expect (res, L'\1') == L'\0' && ch != '\0'))	      \
 	  {								      \
diff --git a/iconvdata/ibm935.c b/iconvdata/ibm935.c
index a8e4e6c..d00edd0 100644
--- a/iconvdata/ibm935.c
+++ b/iconvdata/ibm935.c
@@ -164,6 +164,7 @@ enum
 									      \
 	if (__builtin_expect (rp2 == NULL, 0)				      \
 	    || __builtin_expect (ch < rp2->start, 0)			      \
+	    || __builtin_expect (ch == 0xffff, 0)			      \
 	    || (res = __ibm935db_to_ucs4[ch + rp2->idx],		      \
 		__builtin_expect (res, L'\1') == L'\0' && ch != '\0'))	      \
 	  {								      \
diff --git a/iconvdata/ibm937.c b/iconvdata/ibm937.c
index 239be61..6dff7a2 100644
--- a/iconvdata/ibm937.c
+++ b/iconvdata/ibm937.c
@@ -164,6 +164,7 @@ enum
 									      \
 	if (__builtin_expect (rp2 == NULL, 0)				      \
 	    || __builtin_expect (ch < rp2->start, 0)			      \
+	    || __builtin_expect (ch == 0xffff, 0)			      \
 	    || (res = __ibm937db_to_ucs4[ch + rp2->idx],		      \
 		__builtin_expect (res, L'\1') == L'\0' && ch != '\0'))	      \
 	  {								      \
diff --git a/iconvdata/ibm939.c b/iconvdata/ibm939.c
index 5d0db36..c46758c 100644
--- a/iconvdata/ibm939.c
+++ b/iconvdata/ibm939.c
@@ -164,6 +164,7 @@ enum
 									      \
 	if (__builtin_expect (rp2 == NULL, 0)				      \
 	    || __builtin_expect (ch < rp2->start, 0)			      \
+	    || __builtin_expect (ch == 0xffff, 0)			      \
 	    || (res = __ibm939db_to_ucs4[ch + rp2->idx],		      \
 		__builtin_expect (res, L'\1') == L'\0' && ch != '\0'))	      \
 	  {								      \
diff --git a/iconvdata/ibm943.c b/iconvdata/ibm943.c
index be0c14f..e2e8ef5 100644
--- a/iconvdata/ibm943.c
+++ b/iconvdata/ibm943.c
@@ -80,6 +80,7 @@
 									      \
 	if (__builtin_expect (rp2 == NULL, 0)				      \
 	    || __builtin_expect (ch < rp2->start, 0)			      \
+	    || __builtin_expect (ch == 0xffff, 0)			      \
 	    || (res = __ibm943db_to_ucs4[ch + rp2->idx],		      \
 	    __builtin_expect (res, '\1') == 0 && ch !=0))		      \
 	  {								      \
Comment 3 Florian Weimer 2014-08-29 12:18:01 UTC
(In reply to Adhemerval Zanella Netto from comment #2)
> I must confess I didn't pay much attention in my first analysis. And I agree
> with your evaluation: if ch is 0xffff is a out of the bound access.

Thanks, I've posted a rather similar patch to libc-alpha.  Could you review it?
Comment 4 Sourceware Commits 2014-09-03 17:52:11 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  41488498b6d9440ee66ab033808cce8323bba7ac (commit)
      from  a78b712d405b55405b425e9b1453745615483003 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=41488498b6d9440ee66ab033808cce8323bba7ac

commit 41488498b6d9440ee66ab033808cce8323bba7ac
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Sep 3 19:45:43 2014 +0200

    CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
    
    These changes are based on the fix for BZ #14134 in commit
    6e230d11837f3ae7b375ea69d7905f0d18eb79e5.

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                   |   17 +++++++++++++++++
 NEWS                        |    7 ++++++-
 iconvdata/Makefile          |    1 +
 iconvdata/ibm1364.c         |    3 ++-
 iconvdata/ibm932.c          |    5 +++--
 iconvdata/ibm933.c          |    2 +-
 iconvdata/ibm935.c          |    2 +-
 iconvdata/ibm937.c          |    2 +-
 iconvdata/ibm939.c          |    2 +-
 iconvdata/ibm943.c          |    5 +++--
 iconvdata/run-iconv-test.sh |   18 ++++++++++++++++++
 11 files changed, 54 insertions(+), 10 deletions(-)
Comment 5 Florian Weimer 2014-09-03 17:56:17 UTC
Fixed in 2.20.
Comment 6 Sourceware Commits 2014-09-05 13:16:26 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, release/2.19/master has been updated
       via  daea1a9b2ab9ad1690a2770006f5964e188be11f (commit)
       via  b8d0acdb33866d0f67ee8a019bdbdaa6a00d0c99 (commit)
       via  92b410973f872297e0c1bfda06abead4b0a265d1 (commit)
       via  424f645c513d56a5b8323971197e3afa1ed8f003 (commit)
       via  75f66fe467b280d9fb192d3f32e06e4b20d12dcc (commit)
       via  ac39af9f195138a01b836fb4a30bd971de4aa163 (commit)
       via  2da15d05c54738ed2c53aaf555c7cf51a9057844 (commit)
       via  6ccc1c41f52f93548b5eb64d106219e287052472 (commit)
       via  4e27332819b6151ccb5031d0efd718d802168573 (commit)
       via  9583c3542133be925467c87df7f74882783d867d (commit)
       via  2ce47f454b6f1df5d2374fcac1b72e65e5f55a67 (commit)
       via  1f542fe398a1d02cce53d78f7a33e72078e7d4e9 (commit)
       via  d3b2d64576fcc1281841a48740f5f481d1b46a90 (commit)
       via  40da893a143224b0a41a004eb5e971fc5d94381b (commit)
       via  3a4f226eaf6aff5529711f7fa3885a1cec815c32 (commit)
       via  efbeb31ba5277132b683011714f8e77bc2156aa2 (commit)
       via  968b59ad2aecdbe67ac5016c395a7e38fd682bb7 (commit)
       via  29fd33140d964e0e08207ceecbf479b85658fcb8 (commit)
       via  8ec14bdc9c600cc273b242ebca6566fe15de107d (commit)
       via  e698ea2c03ddfdfa87459c1a0e53e2a4289de0fa (commit)
      from  344e61df0200af758e794b9843ffb37bd89e5259 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=daea1a9b2ab9ad1690a2770006f5964e188be11f

commit daea1a9b2ab9ad1690a2770006f5964e188be11f
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Sep 3 19:45:43 2014 +0200

    CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
    
    These changes are based on the fix for BZ #14134 in commit
    6e230d11837f3ae7b375ea69d7905f0d18eb79e5.
    
    (cherry picked from commit 41488498b6d9440ee66ab033808cce8323bba7ac)
    
    Conflicts:
    	NEWS
    	iconvdata/Makefile

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b8d0acdb33866d0f67ee8a019bdbdaa6a00d0c99

commit b8d0acdb33866d0f67ee8a019bdbdaa6a00d0c99
Author: Florian Weimer <fweimer@redhat.com>
Date:   Tue Aug 26 19:38:59 2014 +0200

    __gconv_translit_find: Disable function [BZ #17187]
    
    This functionality has never worked correctly, and the implementation
    contained a security vulnerability (CVE-2014-5119).
    
    (cherry picked from commit a1a6a401ab0a3c9f15fb7eaebbdcee24192254e8)
    (cherry picked from commit f9df71e895d3552d557e783fdb9d133328195645)
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=92b410973f872297e0c1bfda06abead4b0a265d1

commit 92b410973f872297e0c1bfda06abead4b0a265d1
Author: Stefan Liebler <stli@linux.vnet.ibm.com>
Date:   Fri Aug 1 09:48:17 2014 +0200

    NEWS: Explain the s390 jmp_buf / ucontext_t ABI change reversal.
    
    (cherry picked from commit 95ee7fb13ba99ba265b49531c57e1cb8db629bc6)
    
    Typo fix as in commit 45ef66289acbab17278a73512f9b2a9d8a7ca79d and
    NEW enty adjusted to reflect revert occuring in 2.19.1 and 2.20.
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=424f645c513d56a5b8323971197e3afa1ed8f003

commit 424f645c513d56a5b8323971197e3afa1ed8f003
Author: Stefan Liebler <stli@linux.vnet.ibm.com>
Date:   Thu Aug 28 16:53:13 2014 +1000

    S/390: Revert the jmp_buf/ucontext_t ABI change
    
    Backport of commit 2f438e20ab591641760e97458d5d1569942eced5

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=75f66fe467b280d9fb192d3f32e06e4b20d12dcc

commit 75f66fe467b280d9fb192d3f32e06e4b20d12dcc
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed May 28 14:05:03 2014 +0200

    manual: Update the locale documentation
    
    (cherry picked from commit 585367266923156ac6fb789939a923641ba5aaf4)
    
    Conflicts:
    	manual/locale.texi

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ac39af9f195138a01b836fb4a30bd971de4aa163

commit ac39af9f195138a01b836fb4a30bd971de4aa163
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon May 12 15:24:12 2014 +0200

    _nl_find_locale: Improve handling of crafted locale names [BZ #17137]
    
    Prevent directory traversal in locale-related environment variables
    (CVE-2014-0475).
    
    (cherry picked from commit 4e8f95a0df7c2300b830ec12c0ae1e161bc8a8a3)
    
    Addiational backporting fixes:
      Added tst-setlocale3-ENV to localedata/Makefile
    
    Conflicts:
    	NEWS
    	localedata/Makefile

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2da15d05c54738ed2c53aaf555c7cf51a9057844

commit 2da15d05c54738ed2c53aaf555c7cf51a9057844
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed May 28 14:41:52 2014 +0200

    setlocale: Use the heap for the copy of the locale argument
    
    This avoids alloca calls with potentially large arguments.
    
    (cherry picked from commit d183645616b0533b3acee28f1a95570bffbdf50f)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6ccc1c41f52f93548b5eb64d106219e287052472

commit 6ccc1c41f52f93548b5eb64d106219e287052472
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon May 26 11:40:08 2014 +0530

    Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (BZ #16878)
    
    The netgroups nss modules in the glibc tree use NSS_STATUS_UNAVAIL
    (with errno as ERANGE) when the supplied buffer does not have
    sufficient space for the result.  This is wrong, because the canonical
    way to indicate insufficient buffer is to set the errno to ERANGE and
    the status to NSS_STATUS_TRYAGAIN, as is used by all other modules.
    
    This fixes nscd behaviour when the nss_ldap module returns
    NSS_STATUS_TRYAGAIN to indicate that a netgroup entry is too long to
    fit into the supplied buffer.
    
    (cherry picked from commit c3ec475c5dd16499aa040908e11d382c3ded9692)
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4e27332819b6151ccb5031d0efd718d802168573

commit 4e27332819b6151ccb5031d0efd718d802168573
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Wed Mar 12 17:27:22 2014 +0530

    Provide correct buffer length to netgroup queries in nscd (BZ #16695)
    
    The buffer to query netgroup entries is allocated sufficient space for
    the netgroup entries and the key to be appended at the end, but it
    sends in an incorrect available length to the NSS netgroup query
    functions, resulting in overflow of the buffer in some special cases.
    The fix here is to factor in the key length when sending the available
    buffer and buffer length to the query functions.
    
    (cherry picked from commit c44496df2f090a56d3bf75df930592dac6bba46f)
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9583c3542133be925467c87df7f74882783d867d

commit 9583c3542133be925467c87df7f74882783d867d
Author: Maciej W. Rozycki <macro@codesourcery.com>
Date:   Fri Jun 20 21:52:53 2014 +0100

    [BZ #16046] dl_iterate_phdr static executable test
    
    (cherry picked from commit 257ce7127e2f64a6a959b146786cd43de0e42b5f)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2ce47f454b6f1df5d2374fcac1b72e65e5f55a67

commit 2ce47f454b6f1df5d2374fcac1b72e65e5f55a67
Author: Andreas Schwab <schwab@linux-m68k.org>
Date:   Fri Jun 20 12:41:27 2014 +0200

    Fix another memory leak in regexp compiler (BZ #17069)
    
    (cherry picked from commit aa6ec754f3b4b1df81d186480c534b6486a1e6ee)
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1f542fe398a1d02cce53d78f7a33e72078e7d4e9

commit 1f542fe398a1d02cce53d78f7a33e72078e7d4e9
Author: Andreas Schwab <schwab@linux-m68k.org>
Date:   Thu Jun 19 15:38:03 2014 +0200

    Fix memory leak in regexp compiler (BZ #17069)
    
    (cherry picked from commit 4d43ef1e7434d7d419afbcd754931cb0c794763c)
    
    Conflicts:
    	posix/Makefile

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d3b2d64576fcc1281841a48740f5f481d1b46a90

commit d3b2d64576fcc1281841a48740f5f481d1b46a90
Author: Andreas Schwab <schwab@suse.de>
Date:   Mon May 26 18:01:31 2014 +0200

    Fix invalid file descriptor reuse while sending DNS query (BZ #15946)
    
    (cherry picked from commit f9d2d03254a58d92635a311a42253eeed5a40a47)
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=40da893a143224b0a41a004eb5e971fc5d94381b

commit 40da893a143224b0a41a004eb5e971fc5d94381b
Author: Andreas Schwab <schwab@suse.de>
Date:   Tue Feb 18 10:57:25 2014 +0100

    Properly fix memory leak in _nss_dns_gethostbyname4_r with big DNS answer
    
    Instead of trying to guess whether the second buffer needs to be freed
    set a flag at the place it is allocated
    
    (cherry picked from commit ab09bf616ad527b249aca5f2a4956fd526f0712f)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3a4f226eaf6aff5529711f7fa3885a1cec815c32

commit 3a4f226eaf6aff5529711f7fa3885a1cec815c32
Author: Ondřej Bílka <neleai@seznam.cz>
Date:   Sun Feb 16 12:59:23 2014 +0100

    Deduplicate resolv/nss_dns/dns-host.c
    
    In resolv/nss_dns/dns-host.c one of code path duplicated code after
    that. We merge these paths.
    
    (cherry picked from commit ab7ac0f2cf8731fe4c3f3aea6088a7c0127b5725)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=efbeb31ba5277132b683011714f8e77bc2156aa2

commit efbeb31ba5277132b683011714f8e77bc2156aa2
Author: Andreas Schwab <schwab@suse.de>
Date:   Thu Feb 13 11:01:57 2014 +0100

    Fix memory leak in _nss_dns_gethostbyname4_r with big DNS answer
    
    (cherry picked from commit d668061994a7486a3ba9c7d5e7882d85a2883707)
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=968b59ad2aecdbe67ac5016c395a7e38fd682bb7

commit 968b59ad2aecdbe67ac5016c395a7e38fd682bb7
Author: Andreas Schwab <schwab@suse.de>
Date:   Thu May 8 16:53:01 2014 +0200

    Fix unbound stack use in NIS NSS module
    
    (cherry picked from commit 315eb1d86aea489cd6325fd1c2521dcfb4fc0e1c)
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=29fd33140d964e0e08207ceecbf479b85658fcb8

commit 29fd33140d964e0e08207ceecbf479b85658fcb8
Author: Allan McRae <allan@archlinux.org>
Date:   Sat Jun 21 17:23:55 2014 +1000

    Mention CVE-2014-4043 in NEWS
    
    (cherry picked from commit d03efb2f979defd473955a455d66b949961d26b2)
    
    Conflicts:
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8ec14bdc9c600cc273b242ebca6566fe15de107d

commit 8ec14bdc9c600cc273b242ebca6566fe15de107d
Author: Stefan Liebler <stli@linux.vnet.ibm.com>
Date:   Thu Jun 12 14:15:25 2014 +0200

    posix_spawn_faction_addopen: Add missing string.h include directive
    
    This is needed to avoid a PLT call on s390.
    
    (cherry picked from commit 35a5e3e338ae17f3d42c60a708763c5d498fb840)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e698ea2c03ddfdfa87459c1a0e53e2a4289de0fa

commit e698ea2c03ddfdfa87459c1a0e53e2a4289de0fa
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Jun 11 23:12:52 2014 +0200

    posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
    
    POSIX requires that we make a copy, so we allocate a new string
    and free it in posix_spawn_file_actions_destroy.
    
    Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz.  This bug
    may have security implications.
    
    (cherry picked from commit 89e435f3559c53084498e9baad22172b64429362)
    
    Conflicts:
    	NEWS

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                                          |  247 ++++++++++++++++++++
 NEWS                                               |   40 +++-
 elf/Makefile                                       |    2 +-
 elf/tst-dl-iter-static.c                           |   47 ++++
 iconv/gconv_trans.c                                |  177 +--------------
 iconvdata/Makefile                                 |    1 +
 iconvdata/ibm1364.c                                |    3 +-
 iconvdata/ibm932.c                                 |    5 +-
 iconvdata/ibm933.c                                 |    2 +-
 iconvdata/ibm935.c                                 |    2 +-
 iconvdata/ibm937.c                                 |    2 +-
 iconvdata/ibm939.c                                 |    2 +-
 iconvdata/ibm943.c                                 |    5 +-
 iconvdata/run-iconv-test.sh                        |   18 ++
 include/resolv.h                                   |    6 +-
 locale/findlocale.c                                |   74 +++++-
 locale/setlocale.c                                 |   14 +-
 localedata/ChangeLog                               |    6 +
 localedata/Makefile                                |    5 +-
 localedata/tst-setlocale3.c                        |  203 ++++++++++++++++
 manual/locale.texi                                 |  146 +++++++++---
 nis/nss_nis/nis-hosts.c                            |   14 ++
 nis/nss_nis/nis-initgroups.c                       |    7 +
 nis/nss_nis/nis-network.c                          |    7 +
 nis/nss_nis/nis-service.c                          |   14 ++
 nptl/sysdeps/unix/sysv/linux/s390/pt-longjmp.c     |   71 ++----
 nscd/netgroupcache.c                               |   16 +-
 nss/nss_files/files-netgrp.c                       |    2 +-
 posix/Makefile                                     |   10 +-
 posix/bug-regex36.c                                |   29 +++
 posix/regcomp.c                                    |   19 ++-
 posix/spawn_faction_addopen.c                      |   14 +-
 posix/spawn_faction_destroy.c                      |   22 ++-
 posix/spawn_int.h                                  |    2 +-
 posix/tst-spawn.c                                  |   10 +-
 resolv/gethnamaddr.c                               |    6 +-
 resolv/nss_dns/dns-canon.c                         |    2 +-
 resolv/nss_dns/dns-host.c                          |   32 ++--
 resolv/nss_dns/dns-network.c                       |    4 +-
 resolv/res_query.c                                 |   45 ++--
 resolv/res_send.c                                  |   22 ++-
 sysdeps/s390/Makefile                              |    9 -
 sysdeps/s390/Versions                              |    6 +-
 sysdeps/s390/__longjmp.c                           |   31 ---
 sysdeps/s390/bits/setjmp.h                         |    4 -
 sysdeps/s390/longjmp.c                             |   68 ++----
 sysdeps/s390/rtld-__longjmp.c                      |   19 --
 sysdeps/s390/rtld-global-offsets.sym               |    7 -
 sysdeps/s390/rtld-setjmp.S                         |   20 --
 sysdeps/s390/s390-32/__longjmp-common.c            |   68 ------
 sysdeps/s390/s390-32/__longjmp.c                   |   68 ++++++
 sysdeps/s390/s390-32/setjmp-common.S               |   84 -------
 sysdeps/s390/s390-32/setjmp.S                      |  111 +++++++++
 sysdeps/s390/s390-64/__longjmp-common.c            |   74 ------
 sysdeps/s390/s390-64/__longjmp.c                   |   74 ++++++
 sysdeps/s390/s390-64/setjmp-common.S               |   79 -------
 sysdeps/s390/s390-64/setjmp.S                      |  106 +++++++++
 sysdeps/s390/setjmp.S                              |   64 -----
 sysdeps/s390/sigjmp.c                              |   34 ---
 sysdeps/s390/v1-longjmp.c                          |   57 -----
 sysdeps/s390/v1-setjmp.h                           |  111 ---------
 sysdeps/s390/v1-sigjmp.c                           |   44 ----
 sysdeps/unix/sysv/linux/s390/Makefile              |    6 -
 sysdeps/unix/sysv/linux/s390/getcontext.S          |   38 ---
 sysdeps/unix/sysv/linux/s390/longjmp_chk.c         |   36 ++--
 sysdeps/unix/sysv/linux/s390/rtld-getcontext.S     |   19 --
 .../unix/sysv/linux/s390/s390-32/____longjmp_chk.c |   24 +--
 .../sysv/linux/s390/s390-32/getcontext-common.S    |  112 ---------
 sysdeps/unix/sysv/linux/s390/s390-32/getcontext.S  |   86 +++++++
 .../unix/sysv/linux/s390/s390-32/nptl/libc.abilist |    1 -
 sysdeps/unix/sysv/linux/s390/s390-32/setcontext.S  |   10 +-
 sysdeps/unix/sysv/linux/s390/s390-32/swapcontext.S |   24 +--
 .../unix/sysv/linux/s390/s390-32/ucontext_i.sym    |   26 --
 .../unix/sysv/linux/s390/s390-64/____longjmp_chk.c |   25 +--
 .../sysv/linux/s390/s390-64/getcontext-common.S    |   79 -------
 sysdeps/unix/sysv/linux/s390/s390-64/getcontext.S  |   86 +++++++
 .../unix/sysv/linux/s390/s390-64/nptl/libc.abilist |    1 -
 sysdeps/unix/sysv/linux/s390/s390-64/swapcontext.S |   14 +-
 sysdeps/unix/sysv/linux/s390/sys/ucontext.h        |   13 -
 .../sysv/linux/s390/{s390-64 => }/ucontext_i.sym   |    0
 sysdeps/unix/sysv/linux/s390/v1-longjmp_chk.c      |   35 ---
 81 files changed, 1598 insertions(+), 1530 deletions(-)
 create mode 100644 elf/tst-dl-iter-static.c
 create mode 100644 localedata/tst-setlocale3.c
 create mode 100644 posix/bug-regex36.c
 delete mode 100644 sysdeps/s390/Makefile
 delete mode 100644 sysdeps/s390/__longjmp.c
 delete mode 100644 sysdeps/s390/rtld-__longjmp.c
 delete mode 100644 sysdeps/s390/rtld-global-offsets.sym
 delete mode 100644 sysdeps/s390/rtld-setjmp.S
 delete mode 100644 sysdeps/s390/s390-32/__longjmp-common.c
 create mode 100644 sysdeps/s390/s390-32/__longjmp.c
 delete mode 100644 sysdeps/s390/s390-32/setjmp-common.S
 create mode 100644 sysdeps/s390/s390-32/setjmp.S
 delete mode 100644 sysdeps/s390/s390-64/__longjmp-common.c
 create mode 100644 sysdeps/s390/s390-64/__longjmp.c
 delete mode 100644 sysdeps/s390/s390-64/setjmp-common.S
 create mode 100644 sysdeps/s390/s390-64/setjmp.S
 delete mode 100644 sysdeps/s390/setjmp.S
 delete mode 100644 sysdeps/s390/sigjmp.c
 delete mode 100644 sysdeps/s390/v1-longjmp.c
 delete mode 100644 sysdeps/s390/v1-setjmp.h
 delete mode 100644 sysdeps/s390/v1-sigjmp.c
 delete mode 100644 sysdeps/unix/sysv/linux/s390/getcontext.S
 delete mode 100644 sysdeps/unix/sysv/linux/s390/rtld-getcontext.S
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/getcontext-common.S
 create mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/getcontext.S
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-32/ucontext_i.sym
 delete mode 100644 sysdeps/unix/sysv/linux/s390/s390-64/getcontext-common.S
 create mode 100644 sysdeps/unix/sysv/linux/s390/s390-64/getcontext.S
 rename sysdeps/unix/sysv/linux/s390/{s390-64 => }/ucontext_i.sym (100%)
 delete mode 100644 sysdeps/unix/sysv/linux/s390/v1-longjmp_chk.c
Comment 7 Sourceware Commits 2014-09-07 12:14:44 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The annotated tag, glibc-2.20 has been created
        at  9bcede1abfb0fa62d54b7cfce5c72d56e2f7b95c (tag)
   tagging  b8079dd0d360648e4e8de48656c5c38972621072 (commit)
  replaces  glibc-2.19
 tagged by  Allan McRae
        on  Sun Sep 7 18:17:29 2014 +1000

- Log -----------------------------------------------------------------
The GNU C Library
=================

The GNU C Library version 2.20 is now available.

The GNU C Library is used as *the* C library in the GNU systems
and is widely used on systems with the Linux kernel.

The GNU C Library is primarily designed to be a portable
and high performance C library.  It follows all relevant
standards including ISO C11 and POSIX.1-2008.  It is also
internationalized and has one of the most complete
internationalization interfaces known.

The GNU C Library webpage is at http://www.gnu.org/software/libc/

Packages for the 2.20 release may be downloaded from:
        http://ftpmirror.gnu.org/libc/
        http://ftp.gnu.org/gnu/libc/

The mirror list is at http://www.gnu.org/order/ftp.html

NEWS for version 2.20
====================

* The following bugs are resolved with this release:

  6804, 9894, 12994, 13347, 13651, 14308, 14770, 15119, 15132, 15347, 15514,
  15698, 15804, 15894, 15946, 16002, 16064, 16095, 16194, 16198, 16275,
  16284, 16287, 16315, 16348, 16349, 16354, 16357, 16362, 16447, 16516,
  16532, 16539, 16545, 16561, 16562, 16564, 16574, 16599, 16600, 16609,
  16610, 16611, 16613, 16619, 16623, 16629, 16632, 16634, 16639, 16642,
  16648, 16649, 16670, 16674, 16677, 16680, 16681, 16683, 16689, 16695,
  16701, 16706, 16707, 16712, 16713, 16714, 16724, 16731, 16739, 16740,
  16743, 16754, 16758, 16759, 16760, 16770, 16786, 16789, 16791, 16796,
  16799, 16800, 16815, 16823, 16824, 16831, 16838, 16839, 16849, 16854,
  16876, 16877, 16878, 16882, 16885, 16888, 16890, 16892, 16912, 16915,
  16916, 16917, 16918, 16922, 16927, 16928, 16932, 16943, 16958, 16965,
  16966, 16967, 16977, 16978, 16984, 16990, 16996, 17009, 17022, 17031,
  17042, 17048, 17050, 17058, 17061, 17062, 17069, 17075, 17078, 17079,
  17084, 17086, 17088, 17092, 17097, 17125, 17135, 17137, 17150, 17153,
  17187, 17213, 17259, 17261, 17262, 17263, 17319, 17325, 17354.

* Reverted change of ABI data structures for s390 and s390x:
  On s390 and s390x the size of struct ucontext and jmp_buf was increased in
  2.19. This change is reverted in 2.20. The introduced 2.19 symbol versions
  of getcontext, setjmp, _setjmp, __sigsetjmp, longjmp, _longjmp, siglongjmp
  are preserved pointing straight to the same implementation as the old ones.
  Given that, new callers will simply provide a too-big buffer to these
  functions. Any applications/libraries out there that embed jmp_buf or
  ucontext_t in an ABI-relevant data structure that have already been rebuilt
  against 2.19 headers will have to rebuilt again. This is necessary in any
  case to revert the breakage in their ABI caused by the glibc change.

* Support for file description locks is added to systems running the
  Linux kernel. The standard file locking interfaces are extended to
  operate on file descriptions, not file descriptors, via the use of
  F_OFD_GETLK, F_OFD_SETLK, and F_OFD_SETLKW. File description locks
  are associated with an open file instead of a process.

* Optimized strchr implementation for AArch64.  Contributed by ARM Ltd.

* The minimum Linux kernel version that this version of the GNU C Library
  can be used with is 2.6.32.

* Running the testsuite no longer terminates as soon as a test fails.
  Instead, a file tests.sum (xtests.sum from "make xcheck") is generated,
  with PASS or FAIL lines for individual tests.  A summary of the results is
  printed, including a list of failing lists, and "make check" exits with
  error status if there were any unexpected failures.  "make check
  stop-on-test-failure=y" may be used to keep the old behavior.

* The am33 port, which had not worked for several years, has been removed
  from ports.

* The _BSD_SOURCE and _SVID_SOURCE feature test macros are no longer
  supported; they now act the same as _DEFAULT_SOURCE (but generate a
  warning).  Except for cases where _BSD_SOURCE enabled BSD interfaces that
  conflicted with POSIX (support for which was removed in 2.19), the
  interfaces those macros enabled remain available when compiling with
  _GNU_SOURCE defined, with _DEFAULT_SOURCE defined, or without any feature
  test macros defined.

* Optimized strcmp implementation for ARMv7.  Contributed by ARM Ltd.

* Added support for TX lock elision of pthread mutexes on s390 and s390x.
  This may improve lock scaling of existing programs on TX capable systems.
  The lock elision code is only built with --enable-lock-elision=yes and
  then requires a GCC version supporting the TX builtins.  With lock elision
  default mutexes are elided via __builtin_tbegin, if the cpu supports
  transactions. By default lock elision is not enabled and the elision code
  is not built.

* CVE-2014-4043 The posix_spawn_file_actions_addopen implementation did not
  copy the path argument.  This allowed programs to cause posix_spawn to
  deference a dangling pointer, or use an unexpected pathname argument if
  the string was modified after the posix_spawn_file_actions_addopen
  invocation.

* All supported architectures now use the main glibc sysdeps directory
  instead of some being in a separate "ports" directory (which was
  distributed separately before glibc 2.17).

* The NPTL implementation of POSIX pthreads is no longer an "add-on".
  On configurations that support it (all Linux configurations), it's now
  used regardless of the --enable-add-ons switch to configure.  It is no
  longer possible to build such configurations without pthreads support.

* Locale names, including those obtained from environment variables (LANG
  and the LC_* variables), are more tightly checked for proper syntax.
  setlocale will now fail (with EINVAL) for locale names that are overly
  long, contain slashes without starting with a slash, or contain ".." path
  components. (CVE-2014-0475)  Previously, some valid locale names were
  silently replaced with the "C" locale when running in AT_SECURE mode
  (e.g., in a SUID program).  This is no longer necessary because of the
  additional checks.

* On x86-64, the dynamic linker's lazy-binding support is now compatible
  with application code using Intel MPX instructions.  (With all previous
  versions, the MPX register state could be clobbered when making calls
  into or out of a shared library.)  Note that while the new dynamic
  linker is compatible with all known x86 hardware whether or not it
  supports Intel MPX, some x86 instruction-set emulators might fail to
  handle the new instruction encodings.  This is known to affect Valgrind
  versions up through 3.9 (but will be fixed in the forthcoming 3.10
  release), and might affect other tools that do instruction emulation.

* Support for loadable gconv transliteration modules has been removed.
  The support for transliteration modules has been non-functional for
  over a decade, and the removal is prompted by security defects.  The
  normal gconv conversion modules are still supported.  Transliteration
  with //TRANSLIT is still possible, and the //IGNORE specifier
  continues to be  supported. (CVE-2014-5119)

* Decoding a crafted input sequence in the character sets IBM933, IBM935,
  IBM937, IBM939, IBM1364 could result in an out-of-bounds array read,
  resulting a denial-of-service security vulnerability in applications which
  use functions related to iconv. (CVE-2014-6040)

Contributors
============

This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports.  These include:

Adam Conrad
Adhemerval Zanella
Alan Modra
Allan McRae
Andi Kleen
Andreas Krebbel
Andreas Schwab
Arjun Shankar
Aurelien Jarno
Bernard Ogden
Carlos O'Donell
Chris Metcalf
David Holsgrove
David S. Miller
David Svoboda
Dominik Vogt
Dylan Alex Simon
Eric Wong
Florian Weimer
Guo Yixuan
H.J. Lu
Ian Bolton
Igor Zamyatin
Jeff Layton
Jim Meyering
Joey Ye
Jose E. Marchesi
Joseph Anthony Pasquale Holsten
Joseph Myers
Julian Brown
Khem Raj
Konstantin Serebryany
Kyle McMartin
Ling Ma
Ludovic Courtès
Maciej W. Rozycki
Marcus Shawcroft
Mark Wielaard
Marko Myllynen
Meador Inge
Mike Frysinger
Ondřej Bílka
Paul Eggert
Paul Pluzhnikov
Peter TB Brett
Rajalakshmi Srinivasaraghavan
Rasmus Villemoes
Richard Earnshaw
Richard Henderson
Roland McGrath
Sami Kerola
Samuel Thibault
Sean Anderson
Serge Hallyn
Siddhesh Poyarekar
Sihai Yao
Stefan Liebler
Steve Ellcey
Tomas Dohnalek
Torvald Riegel
Venkataramanan Kumar
Vidya Ranganathan
Wilco
Wilco Dijkstra
Will Newton
Yang Yingliang
Yufeng Zhang
Yury Gribov
Yvan Roux
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAABAgAGBQJUDBTZAAoJEPmf/g/q6Zm99pwH/1dlaqMxZ1SB7Nzk1C95URs+
AOihIh+Q5EYgqD3GnYp/evfMaHzZN7TTncZLXmDq6Ui7UiafYddFL91x06q/NzWN
veCipwZC/RgCtQmEAkonVeREKauYrA4OGar86cU3HCIrpG2lGs/QXlhjvB/0HEay
3EJR90lARmZTjFX6nx78uiAzlpfPWhOiallr+Q6WTO4LSyIsf5obyaTNGNWAmWIj
uotYaWjHr+cLwmiYxgO+6JuSOv7HxutnNer82hCH+k/2ppXyIh5RjqRbvbZFscax
VNnfC5Hg/khzZdVXZXowAOkDvLagiQIwSHfTep80p5NeP+aJ2A+CK1ARYY0y8ts=
=Yk2q
-----END PGP SIGNATURE-----

Adam Conrad (2):
      Allow sys/auxv.h to be used from the testsuite on powerpc and sparc.
      Revert incorrect removal of the XDR currency from locale/iso-4217.def

Adhemerval Zanella (68):
      PowerPC: Update powerpc-fpu ULPs.
      PowerPC: Optimized isnan/isnanf for POWER8
      PowerPC: Optimized isinf/isinff for POWER8
      PowerPC: Optimized finite/finitef for POWER8
      PowerPC: llrint/llrintf POWER8 optimization
      PowerPC: llround/llroundf POWER8 optimization
      PowerPC: Update powerpc-fpu ULPs.
      PowerPC: Fix modf/modff optimization return sign
      PowerPC: strncat optimization for PPC64
      PowerPC: Fix bzero definition for static libc for PPC64
      PowerPC: Fix strspn for static build
      PowerPC: Fix bzero definition for static libc for PPC32
      Add truncl tests related to BZ#16414
      PowerPC: remove wrong ceill implementation for PowerPC64
      PowerPC: remove wrong nearbyintl implementation for PPC64
      PowerPC: remove wrong roundl implementation for PowerPC64
      Add stardard definition on conform processing
      PowerPC: optimized strcspn for PPC64/POWER7
      PowerPC: optimized strpbrk for POWER7
      PowerPC: Fix -Wundef warning for __PTHREAD_MUTEX_HAVE_ELISION.
      Update powerpc-fpu ULPs.
      PowerPC: Revert __PTHREAD_MUTEX_HAVE_ELISION change
      Fix localplt check for GNU_IFUNC
      PowerPC: Fix little endian enconding for mfvsrd
      PowerPC: Fix nearbyint/nearbyintf result for FE_DOWNWARD
      PowerPC: define _CALL_ELF if compiler does not
      PowerPC: Fix --disable-multi-arch builds
      Move __PTHREAD_SPINS definition to architecture specific header
      Define _STRING_ARCH_unaligned unconditionally
      PowerPC: Add fenv macros for long double
      PowerPC: Sync pthread_once with default implementation
      PowerPC: Suppress unnecessary FPSCR write
      Fix
      More fixes for unsafe compiler optimization
      PowerPC: ifunc improvement for internal calls
      Fix elf/tst-tls9-static build
      PowerPC: clean BSD Terminal Modes expectation in termios.h
      PowerPC: Fix multiarch hypotf PPC64 path
      PowerPC: Fix copysignf optimization macro
      Update powerpc-fpu ULPs.
      PowerPC: Fix memchr ifunc hidden symbol for PPC32
      PowerPC: Remove unneeded copysign[f] macros
      PowerPC: Remove 64 bits instructions in PPC32 code
      PowerPC: Consolidate NPTL/non versions of vfork
      PowerPC: Consolidate NPTL/non versions of clone
      PowerPC: Move powerpc64 timer_*.c out of nptl/
      PowerPC: Move NPTL ABI headers to sysdeps.
      PowerPC: Move remaining nptl/sysdeps/unix/sysv/linux/powerpc/ files.
      Update powerpc-fpu ULPs.
      PowerPC: Fix optimized strncat strlen call
      Fix ChangeLog indentation.
      Update powerpc-fpu ULPs.
      Fix ChangeLog indentation.
      PowerPC: Move powerpc code out of nptl/ subdirectory
      PowerPC: sync hwcap.h capabilities
      Update powerpc-fpu ULPs.
      Update powerpc-fpu ULPs.
      PowerPC: Guard CALL_ELF check for ppc64 only in link.h
      PowerPC: memmove default implementation cleanup
      PowerPC: optimized memmove for POWER7/PPC64
      PowerPC: optimized memmove for POWER7/PPC32
      PowerPC: Align power7 memcpy using VSX to quadword
      PowerPC: Add ifunc tests for memmove
      PowerPC: Fix compiler warnings
      PowerPC: Cleanup powerpc memmove
      PowerPC: Fix build due missing lll_robust_trylock
      PowerPC: Fix gprof entry point for LE
      PowerPC: Fix termios definitions

Alan Modra (7):
      Fix s_copysign stack temp for PowerPC64 ELFv2
      Fix reference to toc symbol.
      Correct prefetch hint in power7 memrchr.
      Correct IBM long double nextafterl.
      Correct IBM long double frexpl.
      Update fixed bug list
      Correct DT_PPC64_NUM

Allan McRae (27):
      Open development for 2.20
      Fix qsort argument order in collation example
      Update Esperanto translations
      Fix variable used in sed expression in timezone/Makefile
      Update Swedish translations
      Mention CVE-2014-4043 in NEWS
      Add missing changelog entry for commit ab7ac0f2
      Add fixed bug to NEWS
      Update Spanish translations
      Regenerate libc.po
      Update Spanish translation
      Update Dutch translation
      Update Sweedish translation
      Update Bulgarian translation
      Update German translation
      Update Czech translation
      Update Polish translation
      Update Russian translation
      Update French translation
      Update Ukrainian translation
      Update Vietnamese translation
      Update x86 ULPs
      Update Catalan translation
      Update Esperanto translation
      Update Korean translation
      Update contrib.texi
      Update version.h and include/features.h for 2.20 release

Andi Kleen (5):
      Fix dwarf2 unwinding through futex functions.
      Add a fast path for C rd/wrlock v2
      Add adaptive elision to rwlocks
      Remove x86 assembler rwlock code
      Add fallback file for elide.h

Andreas Krebbel (3):
      BZ #16447: Fix ldbl-128 expl implementation.
      NEWS: Add 16447 to fixed bugs list.
      NEWS: Add comment about changed ABI on s390 and s390x.

Andreas Schwab (45):
      Move m68k from ports to libc
      Whitespace fixes
      Fix memory leak in _nss_dns_gethostbyname4_r with big DNS answer
      Properly fix memory leak in _nss_dns_gethostbyname4_r with big DNS answer
      Add GLIBC_2.17 to librt in Version.def
      Fix race conditions in pldd that may leave the process stopped after detaching
      nscd: also invalidate netgroup cache on reload
      Account for alloca use when collecting interface addresses (bug 16002)
      Fix use of half-initialized result in getaddrinfo when using nscd (bug 16743)
      Setup LOCPATH for tst-ftell-active-handler and tst-ftell-partial-wide in libio
      Fix use of uninitialized variable
      ChangeLog cleanup
      Correctly handle %p in wprintf (BZ #16890)
      Fix implicit declaration
      Don't use catomic functions in mcount (BZ #16912)
      Fix parsing of getai result from nscd for IPv6-only request
      Fix unbound stack use in NIS NSS module
      Fix typo in assertion
      Fix macro warning on HAVE_PT_CHOWN
      Remove last use of USE___THREAD
      Fix searching localedef input on I18NPATH (BZ #16984)
      Remove second argument from TLS_INIT_TP macro
      Fix invalid file descriptor reuse while sending DNS query (BZ #15946)
      Install uz_UZ.UTF-8 locale (BZ #16095)
      ChangeLog fix
      m68k: avoid pointer to integer conversion warning
      m68k: Consolidate NPTL/non versions of vfork
      m68k: Consolidate NPTL/non versions of clone
      Update feature guard for strdup/strndup in <bits/string2.h>
      Pass $TIMEOUTFACTOR to tests also in cross testing
      Fix typo in preprocessor conditional
      m68k: update libm test ULPs
      Don't read past end of pattern in fnmatch (BZ #17062)
      Fix memory leak in regexp compiler (BZ #17069)
      Fix another memory leak in regexp compiler (BZ #17069)
      Don't ignore too long lines in nss_files (BZ #17079)
      Remove unused label
      m68k: Add compat symbols for scalbln*
      Update i386 libm test ULPs
      Fix missing newline in test output
      m68k: update libm test ULPs
      ChangeLog fix
      m68k: use generic lowlevellock.h
      Fix -Wundef warning for HAVE_IFUNC
      Fix missing <math_private.h> in ldbl-96 fma

Arjun Shankar (1):
      Correctly report nscd child process status (BZ #17092)

Aurelien Jarno (5):
      SPARC: add EFD_SEMAPHORE in <bits/eventfd.h> (BZ #16916)
      ptsname_r: don't leak uninitialized memory (BZ #16917)
      SPARC: add prlimit and prlimit64 in <bits/resource.h> (BZ #16943)
      fix nl_langinfo with static linking (BZ #16915)
      Fix strtold on 32-bit sparc (and probably others) (BZ #16965)

Bernard Ogden (3):
      hppa: Remove lowlevellock.c.
      MIPS - Remove mips lowlevellock.h.
      Check value of futex before updating in __lll_timedlock

Carlos O'Donell (27):
      BZ #16613: Support TLS in audit libraries.
      BZ #16632: Change [_BSD/_SVID]_SOURCE warning.
      Add a new "Inter-Process Communication" chapter.
      Use @Theglibc{} in manual/ipc.texi.
      Promote do_lookup_x:check_match to a full function.
      Add header and standard information to threads.texi.
      Revert 4248f0da6ff9e7dd63464cdecec2dec332dfc2f0.
      hppa: Regenerate ULPs.
      hppa: Regenerate ULPs again.
      hppa: Remove fma ulps from libm-test-ulps.
      hppa: Add _STACK_GROWS_* cases to pthread_attr_[sg]etstack.
      Fix ChangeLog formatting.
      manual/ipc.texi: Fix AC-safety notes.
      nscd: Make SELinux checks dynamic.
      Support _r_debug for static binaries.
      manual: Sort overview listing by manual order.
      hppa: Use r25 as second input to __longjmp.
      hppa: Use lll_futex_wake.
      hppa: Update lowlevellock.h.
      Relocate hppa from ports to libc.
      Remove ports README and update machine ChangeLogs.
      Final update to ports ChangeLog.
      Fix -Wundef warning for FEATURE_INDEX_1.
      Remove nested function mi_arena from malloc_info.
      hppa: Add ABI baselines.
      hppa: Remove GLIBC_2.3 from librt.abilist.
      NEWS: Typo fix: s/wil /will /g

Chris Metcalf (7):
      Move tilegx, tilepro, and linux-generic from ports to libc.
      tile: Fix cut-and-paste bug in commit fcccd5128.
      math: make test-fenv-preserve.c a no-op if FE_ALL_EXCEPT == 0.
      crypt: don't include ufc-crypt.h multiple times
      tile: move sysdeps/unix/sysv/linux/tile nptl files.
      tile: Consolidate NPTL/non versions of vfork
      [BZ #17354] tile: Fix up corner cases with signed relocations

David Holsgrove (2):
      [MicroBlaze]: Move MicroBlaze from ports to sysdeps.
      MicroBlaze: Add missing sysdep-cancel.h implementation

David S. Miller (17):
      Fix tst-sscanf and tst-swscanf on 64-bit.
      Regenerate sparc ULPs.
      Fix sigaction conform test failures on sparc.
      Fix some sparc conform test failures in siginfo.h
      Fix some sparc -Wundef build warnings.
      Correct sparc CPP guards for EMT_TAGOVF.
      Add round-mode context support to sparc.
      Fix v9/64-bit strcmp when string ends in multiple zero bytes.
      NEWS: Add 16885 to fixed bug list.
      Fix some termios.h conformtest failures on sparc.
      Fix excessive ULP for y1_upward (0x2p+0) in test-float and test-ifloat.
      Update Sparc ULPS.
      Fixup ChangeLog and add missing NEWS entry for previous commits.
      Consolidate sparc clone, fork, and vfork implementations.
      Update Sparc ULPs.
      Update sparc ULPS.
      Get rid of sparc specific NPTL internaltypes.h header.

David Svoboda (1):
      manual: clarify buffer behavior in getline [BZ #5666]

Dominik Vogt (1):
      S/390: Port of lock elision to System/z

Dylan Alex Simon (1):
      Update x86_64 libm-test-ulps on AMD family 21h model 1 (bug 16545).

Eric Wong (1):
      Avoid stat/fstat in statvfs/fstatvfs (BZ #15132)

Florian Weimer (12):
      misc/sys/select.h (__FD_MASK): Avoid signed integer overflow.
      Check for syscall error in the SETXID implementation in NPTL (bug 13347).
      Update NEWS for fixed bug 13347
      posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
      Fix tautological comparison in non-executed part of tst-setuid2 (BZ #17058)
      setlocale: Use the heap for the copy of the locale argument
      _nl_find_locale: Improve handling of crafted locale names [BZ #17137]
      manual: Update the locale documentation
      nptl: Fix abort in case of set*id failure [BZ #17135]
      __gconv_translit_find: Disable function [BZ #17187]
      Fix typo in CVE ID
      CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]

Guo Yixuan (2):
      Fixed pthread_spin_lock on sparc32/64 (bug 16882)
      New test for pthread_spin_lock (bug 16882)

H.J. Lu (8):
      Check AVX-512 assembler support first
      Replace __int128 with __int128_t in bits/link.h
      Use 3 bytes for __pad1 in pthread_rwlock_t for x32
      Remove sysdeps/x86_64/multiarch/rtld-strlen.S
      Add ifunc tests for x86_64 memset_chk and memset
      Enable AVX2 optimized memset only if -mavx2 works
      Replace cpuid asm statement with __cpuid_count
      Mention fixes for BZs 16194 and 16275 in NEWS

Ian Bolton (4):
      [AArch64] Provide initial implementation of math_private.h.
      [AArch64] Define HAVE_RM_CTX and related hooks.
      Add fenv test support for AArch64.
      [AArch64] Suppress unnecessary FPSR and FPCR writes.

Igor Zamyatin (3):
      Save and restore AVX-512 zmm registers to x86-64 ld.so
      Save/restore bound registers in _dl_runtime_resolve
      Save/restore bound registers for _dl_runtime_profile

Jeff Layton (1):
      fcntl-linux.h: add new definitions and manual updates for open file description locks

Jim Meyering (1):
      regex: don't deref NULL upon heap allocation failure

Joey Ye (1):
      Fix ARM NAN fraction bits.

Jose E. Marchesi (1):
      Fix sparc memcpy data corruption when using niagara2 optimized routines.

Joseph Anthony Pasquale Holsten (1):
      Fix typo in comment in res_query.c

Joseph Myers (158):
      Remove am33 port.
      Move shared sysdeps files from alpha to arm.
      Move arm from ports to libc.
      Fix whitespace in ARM files to allow move.
      Remove mips dependency on alpha.
      Move shared umount.c from hppa to mips.
      Move mips from ports to libc.
      Fix whitespace in MIPS files to allow move.
      Merge MIPS dl-lookup.c into generic file.
      Regenerate x86_64 ulps.
      Remove _BSD_SOURCE and _SVID_SOURCE.
      soft-fp: support after-rounding tininess detection.
      Make ABI tests generate .out files.
      Stop io/ftwtest deleting its own output.
      Remove indirection in stdio-common tests dependencies.
      Remove reference to subdir_lint.out.
      Combine __USE_BSD and __USE_SVID into __USE_MISC.
      Update MIPS math-tests.h for GCC 4.9 using soft-fp.
      Clean up trivially redundant __USE_MISC conditionals.
      Split up rules for tests that compare output with baselines.
      Split up rules for tests using mtrace and something else.
      Fix gen-auto-libm-tests sticky bit setting for negative results.
      Move tests of fma from libm-test.inc to auto-libm-test-in.
      Move tests of clog10 from libm-test.inc to auto-libm-test-in.
      Update ARM HWCAP data.
      Fix __ASSUME_ACCEPT4 issues (bug 16609).
      Fix __ASSUME_RECVMMSG issues (bug 16610).
      Fix __ASSUME_SENDMMSG issues (bug 16611).
      Complete _BSD_SOURCE / _SVID_source followup cleanup.
      Generate .test-result files for tests with special rules.
      Consistently include Makeconfig after defining subdir.
      Support expected failures in .test-result files.
      Fix libm-test.inc:print_complex_max_error handling of some error cases.
      Don't include individual test ulps in libm-test-ulps.
      Automatically check sanity of ulps from libm tests.
      Adjust how gen-auto-libm-tests handles before-rounding/after-rounding cases.
      Don't define __ASSUME_UTIMES for linux-generic architectures.
      Prepare libm-test.inc structures for multi-rounding-mode testing.
      Remove INSTALL_INFO setting in manual/Makefile.
      conformtest: correct set of standards for which some headers are tested.
      conformtest: correct set of standards for which more headers are tested.
      Enumerate tests with special rules in tests-special variable.
      conformtest: clean up POSIX expectations for semaphore.h, signal.h, tar.h.
      conformtest: split up running of tests from makefile.
      Generate overall summary of test results.
      Make tests consistently use *.out output files.
      Count miscellaneous files built on host for testing as tests.
      Include all of <time.h> from <sched.h> for older standards (bug 16670).
      Fix POSIX namespace for <bits/siginfo.h> (bug 16674).
      Add libm-test.inc macro for all-rounding-modes testing.
      Fix nextafter overflow in non-default rounding modes (bug 16677).
      Fix MIPS libc_feresetround*_ctx to preserve exceptions.
      Fix __ASSUME_PSELECT for MicroBlaze (bug 16642).
      Regenerate INSTALL.
      Do not terminate default test runs on test failure.
      Add libm-test support for per-rounding-mode manually specified results.
      Test rint and nearbyint with same inputs, in all rounding modes.
      Exit with error status on check-abi failure.
      Test scalbn and scalbln in all rounding modes, add more tests of negative arguments.
      Fix __ASSUME_PREADV and __ASSUME_PWRITEV for Alpha and MicroBlaze (bug 16649).
      Use ALL_RM_TEST for more libm tests.
      Make libm-test support ALL_RM_TEST with AUTO_TESTS_*.
      Test most libm functions in all rounding modes.
      Fix log (1) in round-downward mode (bug 16731).
      Fix -Wundef warnings for _ABI* on MIPS.
      Fix dbl-64 exp overflow/underflow in non-default rounding modes (bug 16284).
      Fix implicit __isinf declarations in exp.
      Relax gen-auto-libm-tests may-underflow rules, test log1p in all rounding modes.
      Add empty GLIBC_2.2.5 version to elf/Versions.
      Make x86_64 fegetenv preserve exception mask (bug 16198).
      Fix x86/x86_64 expl/exp10l spurious underflows (bug 16348).
      Fix clog10 (-0 +/- 0i) (bug 16362).
      Fix scalb spurious "invalid" exceptions (bug 16770).
      Fix futimesat for older MicroBlaze kernels (bug 16648).
      Correct robust mutex / PI futex kernel assumptions (bug 9894).
      Set errno for atan2 underflow (bug 16349).
      Set errno for scalb errors (bug 6803, bug 6804).
      Fix clog / clog10 sign of zero result in round-downward mode (bug 16789).
      Fix catan, catanh, __ieee754_logf in round-downward mode (bug 16799, bug 16800).
      conformtest: clean up POSIX expectations for stdlib.h, string.h.
      Increase minimum Linux kernel version to 2.6.32.
      Include SSE state in i386 fenv_t (bug 16064).
      Clean up kernel version conditionals for pre-2.6.32 kernels.
      Clean up ARM old-ABI symbol versioning relics.
      Reduce kernel-features.h duplication.
      Fix erf underflow handling near 0 (bug 16516).
      Fix acosh (1) in round-downward mode (bug 16927).
      Fix cacos (+Inf + finite*i) in round-downward mode (bug 16928).
      Fix log1pl (LDBL_MAX) in FE_UPWARD mode (bug 16564).
      Use existing makefile variables for dependencies on glibc libraries.
      Fix ARM build with GCC trunk.
      Consistently use $(elf-objpfx).
      Don't mention linuxthreads in Depend files.
      Fix log10 (1) in round-downward mode (bug 16977).
      Define TSVTX in tar.h for older POSIX (bug 16978).
      Include LOCPATH in default test environment.
      Don't require test wrappers to preserve environment variables, use more consistent environment.
      Remove redundant C locale settings.
      conformtest: clean up POSIX expectations for termios.h, time.h.
      Remove special makefile rules / .sh files for some localedata tests.
      Fix log2 (1) in round-downward mode (bug 17042).
      conformtest: clean up POSIX expectations for sys/mman.h, sys/stat.h, sys/types.h.
      Add CFI to x86 ceil / floor / trunc (bug 16681).
      Use $(rtld-prefix) more consistently.
      Fix __ieee754_logl (-LDBL_MAX) in FE_DOWNWARD mode (bug 17022).
      Remove __ASSUME_ATFCTS conditionals in sysdeps/unix/sysv/linux/.
      Remove __ASSUME_ADJ_OFFSET_SS_READ.
      Remove __ASSUME_AT_RANDOM.
      Remove __ASSUME_F_GETOWN_EX.
      Remove __ASSUME_SOCK_CLOEXEC / SOCK_CLOEXEC conditionals in Linux-specific code.
      Include <kernel-features.h> explicitly where required.
      Remove ARM __ASSUME_SIGFRAME_V2.
      Update headers for Linux 3.15.
      Fix pow overflow in non-default rounding modes (bug 16315).
      Test cpow in all rounding modes.
      Set errno for y1 overflow (bug 17050).
      Fix cosh spurious underflows from expm1 (bug 16354), inaccurate results near 0 (bug 17061).
      Move architecture cases out of sysdeps/unix/sysv/linux/configure.ac.
      Fix ldbl-128 erfl spurious underflows (bug 16287).
      Fix x86/x86_64 expm1l spurious underflow exceptions (bug 16539).
      Remove __ASSUME_COMPLETE_READV_WRITEV.
      Fix exp10 spurious underflows (bug 16560).
      Remove __ASSUME_UTIMENSAT.
      Update README and NEWS for ports directory removal.
      Remove __ASSUME_XFS_RESTRICTED_CHOWN.
      Update timezone code from tzcode 2014e.
      Move base_machine and machine settings from configure.ac to sysdeps preconfigure fragments.
      Remove BROKEN_PPC_ASM_CR0 configure test.
      Remove stray includes of kernel-features.h.
      Move USE_REGPARMS define to sysdeps/i386/configure.ac.
      Remove __ASSUME_O_CLOEXEC / O_CLOEXEC conditionals in sysdeps/unix/sysv/linux/.
      Remove configure tests for assembler CFI support.
      Remove powerpc special cases in configure.ac.
      Update miscellaneous files from upstream sources.
      Update scripts/list-sources.sh for ports repository merge.
      Fix MIPS64 *_nocancel gp setup.
      Fix yn overflow handling in non-default rounding modes (bug 16561, bug 16562).
      Remove relro configure test.
      Remove shlib-versions ABI names support.
      Fix ldbl-128 powl sign of result in overflow / underflow cases (bug 17097).
      Rename soft-fp extended.h, op-common.h variables to avoid risk of shadowing.
      Rename soft-fp op-[1248].h variables to avoid risk of shadowing.
      Fix ldbl-128 expm1l spurious underflow (bug 16539).
      Regenerate ARM libm-test-ulps.
      Regenerate powerpc-nofpu libm-test-ulps.
      Regenerate MIPS libm-test-ulps.
      MicroBlaze: Update kernel-features.h for syscalls added in 3.15
      Move architecture shlib-versions files to Linux-specific directories.
      Refactor handling of /lib64 etc. cases, move out of sysdeps/gnu/configure.ac.
      Split x86_64 out of main Linux kernel-features.h.
      Split i386 out of main Linux kernel-features.h.
      Split sparc out of main Linux kernel-features.h.
      Split powerpc out of main Linux kernel-features.h.
      Split sh out of main Linux kernel-features.h.
      Split s390 out of main Linux kernel-features.h.
      Fix fallback fesetenv and feupdateenv on FE_NOMASK_ENV (bug 17088).
      Fix powerpc-nofpu __fe_enabled_env and __fe_nonieee_env (bug 17261).
      Fix powerpc32 __get_clockfreq for non-power4 (bug 17263).

Julian Brown (1):
      ARM: Fix R_ARM_IRELATIVE RELA relocations.

Khem Raj (1):
      Define __GI_fegetenv for e500 libm

Konstantin Serebryany (2):
      Remove nested functions: crypt/md5-crypt.c
      Remove redundant nested function b64_from_24bit

Kyle McMartin (1):
      [AARCH64] correct alignment of TLS_TCB_ALIGN (BZ #16796)

Ling Ma (2):
      Add x86_64 memset optimized for AVX2
      Improve 64bit memcpy performance for Haswell CPU with AVX instruction

Ludovic Courtès (1):
      nscd: Remove unused typedef and variable.

Maciej W. Rozycki (8):
      ARM: soft-fp NaN representation correction
      [BZ #17075] ARM: Fix immediate calculation of R_ARM_TLS_DESC
      stdlib/tst-qsort2.c: Fix off-by-one argc interpretation error
      [BZ #16046] dl_iterate_phdr static executable test
      sysdeps/unix/sysv/linux/bits/socket.h: Correct formatting
      test-skeleton: Kill any child process's offspring
      stdlib/tst-strtod-overflow: Bump timeout up yet
      [BZ #17078] ARM: R_ARM_TLS_DESC prelinker support

Marcus Shawcroft (7):
      Relocate AArch64 from ports to libc.
      [AArch64] Optional trapping exceptions support.
      [AArch64] Regenerate libm-test-ulps.
      Revert "ARM: Improve fenv implementation"
      [AArch64] Regenerate libm-test-ulps
      Revert "Add bug 16918 to NEWS."
      Revert "aarch64: Add hp-timing.h"

Mark Wielaard (1):
      i386 TLS_INIT_TP might produce bogus asm changing stack pointer [BZ #17319]

Marko Myllynen (1):
      Replace __int128 with __int128_t

Meador Inge (1):
      get_nprocs: Only return explictly set cache values (BZ #16996)

Mike Frysinger (23):
      linux_fsinfo.h: sync with current linux/magic.h
      tzselect: stop requiring ksh
      linux: bits/in.h: sync with latest kernel headers
      linux: bits/in.h: sync with latest kernel headers
      tst-longjmp_chk: add comments and convert to test-skeleton
      tests: unify fortification handler logic
      tst-longjmp_chk3: new test for checking sigaltstack edge cases
      tst-backtrace4: expand output even on failures
      manual: setjmp: fix typos/grammar
      sem_open: allow RAMFS_MAGIC for mount points
      shm_open: sync with logic in sem_open
      ia64: relocate out of ports/ subdir
      tst-longjmp_chk2: add comments/sanity check
      manual: time: fix typo in IST example
      sotruss: drop ksh support and add basic POSIX shell support
      delete ksh checks
      stop supporting bash-1.x
      tst-setcontext: fix style
      add ChangeLog for previous commit
      ia64: define nocancel entry points in PSEUDO
      add ChangeLog for previous commit
      tst-gettext2: make setup more robust
      detect broken linker handling of __ehdr_start

Ondřej Bílka (20):
      Remove THREAD_STATS.
      Deduplicate setenv.
      Fix previous commit.
      Use glibc_likely instead __builtin_expect.
      Remove unused variable from stdlib/setenv.c
      Deduplicate resolv/nss_dns/dns-host.c
      Simplify calloc implementation.
      Fix two spaces after sentence.
      Make strtok benchmark competive.
      Add changelog.
      Fix recvmmsg comment.
      Fix types of stream hook functions in manual.
      Fix typo in nptl/sockperf.c
      Fix typo in nscd/selinux.c
      fix changelog.
      Remove duplicate code in elf/dl-deps.c.
      revert commit fdfd175d46ac6a810ebdeb2a2936e6d7d13995ab
      Remove mi_arena nested function.
      Fix typo in manual.
      Fix memory overrun in getifaddrs_internal. Fixes bug 15698.

Paul Eggert (2):
      Sync up mktime with gnulib
      misc/sys/cdefs.h: Add _Noreturn macro for pre-C11 compilers

Paul Pluzhnikov (8):
      2014-03-12  Paul Pluzhnikov  <ppluzhnikov@google.com>
      Add missing elf/tst-pie2.c -- should have been in
      Fix BZ #16634.
      Address post-commit patch comments.
      2014-03-26  Paul Pluzhnikov  <ppluzhnikov@google.com>
      2014-03-27  Paul Pluzhnikov  <ppluzhnikov@google.com>
      2014-04-11  Paul Pluzhnikov  <ppluzhnikov@google.com>
      Fix typo on ChangeLog.

Peter TB Brett (1):
      Use statvfs64() for pathconf(_PC_NAME_MAX).

Rajalakshmi Srinivasaraghavan (3):
      print length in strrchr benchtest
      PowerPC: strrchr optimization for POWER7/PPC64
      PowerPC: Fix nearbyintl failure for few inputs

Rasmus Villemoes (1):
      manual: Update prototypes for alphasort and friends

Richard Earnshaw (1):
      [AArch64] Add optimized strchr.

Richard Henderson (55):
      Relocate alpha from ports to libc
      alpha: Regenerate sysdeps/alpha/libm-test-ulps
      alpha: Fix __pointer_chk_guard definition for the testsuite
      alpha: Enable unwind tables for backtrace.c
      alpha: Remove alpha-linux pthread_once.c
      Merge remote-tracking branch 'origin/roland/nptl-alpha'
      alpha: Create __syscall_nocancel entry points
      alpha: Define ELF_MACHINE_NO_RELA
      alpha: Remove bits/siginfo.h (BZ 16966)
      alpha: fix sa_flags type (BZ 16967)
      aarch64: Merge rtld_errno offset with memory reference
      aarch64: Merge __local_multiple_threads offset with memory reference
      alpha: Remove nptl/fork.c
      alpha: Merge standard and nptl clone.S
      alpha: Consolidate NPTL/non versions of vfork
      alpha: Move remaining files out of sysdeps/unix/sysv/linux/alpha/nptl/
      Only support ifunc in nptl/pt-vfork.c
      Only provide non-default symbols in libpthread for vfork
      alpha: Do non-default symbols in pt-vfork.S
      aarch64: Fix DO_CALL block comment
      aarch64: Remove DOARGS/UNDOARGS macros
      aarch64: Tidy syscall error check
      arm,aarch64: Remove SINGLE_THREAD_P_PIC
      aarch64: Tabify sysdep-cancel.h
      aarch64: Share code in syscall-cancel.h
      aarch64: Pass regno parameter to SINGLE_THREAD_P
      aarch64: Improve syscall-cancel stack frame
      aarch64: Use tpidr_el0 rather than __read_tp in librt
      aarch64: Use tpidr_el0 rather than __errno_location in librt
      aarch64: Rely on syscalls preserving registers
      aarch64: Fix error return from __ioctl
      aarch64: Remove PSEUDO_RET
      aarch64: Consolidate NPTL/non versions of clone
      aarch64: Consolidate NPTL/non versions of vfork
      aarch64: Remove nptl/vfork.S
      alpha: Update libm-test-ulps
      alpha: Fix isnan
      powerpc: Remove dummy hp-timing.h
      Removing HP_TIMING_ZERO as unused
      Removing HP_TIMING_ACCUM as unused
      Remove HP_TIMING_DIFF_INIT and dl_hp_timing_overhead
      Unify hp-timing implementations
      aarch64: Add hp-timing.h
      Always provide HP_SMALL_TIMING_AVAIL
      Rely on HP_TIMING_AVAIL implies HP_SMALL_TIMING_AVAIL
      Changelog for last 8 patches
      alpha: Remove round and roundf implementations
      alpha: Fix lround implementations
      alpha: Implement math_opt_barrier and math_force_eval
      alpha: Remove nearbyint and nearbyintf implementations
      aarch64: Update libm-test-ulps
      Force eval for fma implementations
      alpha: Remove linux lowlevellock.h
      alpha: Remove linux lowlevellock.h
      alpha: Fix exception raising from soft-fp

Roland McGrath (150):
      Avoid comma operator warnings.
      Remove unused %include lines from Versions files.
      Remove obsolete SHLIB_COMPAT conditionalization in Versions files.
      Add missing } in Versions file.
      Fix fallout from Joseph's untested Makeconfig change.
      Retire the separate ChangeLog files in nptl/ and nptl_db/ subdirs.
      ARM: Fix up setjmp/longjmp changes sfi_* macro use.
      ChangeLog format fix.
      Use __ehdr_start, when available, for rtld to get its own headers.
      Fix two stray cases using #ifdef vs #if for TLS_TCB_AT_TP.
      Compile with -Wundef.
      Get rid of Versions.def source file
      Remove "Compiled on ..." crapola from version text.
      Work around binutils bugs in 2.23 and older
      Move bits/mman-linux.h out of sysdeps/unix/sysv/linux/.
      Add comments about non-Linux use of bits/mman-linux.h.
      Kludge fix for Versions.def regression
      Factor mmap/munmap of PT_LOAD segments out of _dl_map_object_from_fd et al.
      Add deprecation header text to remaining ports/ChangeLog* files.
      Move ports/ChangeLog* files to ChangeLog.old-ports*, remove ports/ directory.
      Deconditionalize use of LLL_LOCK_INITIALIZER in bits/libc-lock.h.
      Fix -Wundef warnings for _IO_JUMPS_OFFSET.
      Fix -Wundef issues in generated errlist.c.
      Move rules for Linux-specific pldd program to Linux-specific Makefile.
      Move ARM internal unwind.h header to the right sysdeps directory.
      Fix -Wundef for _UTSNAME_DOMAIN_LENGTH.
      Some configure-related decrufting.
      Silence a missing-noreturn warning for _Unwind_Resume.
      Make armv7 strcmp assembly compatible with ARM mode and SFI.
      Clean up __exit_thread.
      Consolidate NPTL vs non clone.S for ARM.
      Consolidate NPTL configury for ARM/Linux.
      Verbatim NPTL file moves for ARM/Linux.
      Move NPTL public ABI headers for ARM to sysdeps/arm/nptl/.
      ARM: Consolidate NPTL/non versions of vfork
      x86: Consolidate NPTL/non versions of vfork
      Move NPTL public ABI headers for x86 to sysdeps/x86/nptl/.
      x86: Consolidate NPTL/non versions of clone
      Move x86_64 timer_*.c out of nptl/
      Move x86_64 compat-timer.h out of nptl/
      x86_64: Remove useless pthread_spin_{init,unlock} wrapper files.
      Update s390 timer_*.c files for x86_64 file moves.
      Consolidate not-cancel.h files.
      x86: Consolidate NPTL fork.
      Move remaining nptl/sysdeps/unix/sysv/linux/x86_64/ files.
      i386: Remove useless pthread_spin_{init,unlock} wrapper files.
      Update alpha and ia64 timer_*.c files for x86_64 file moves.
      Fix powerpc fork after i386 reorganization.
      Move remaining nptl/sysdeps/unix/sysv/linux/i386/ files.
      Fix mips fork after i386 reorganization.
      Move remaining files out of nptl/sysdeps/unix/sysv/linux/x86/.
      x86: Move abilist files out of nptl/ subdirectories.
      Split arch-fork.h from fork.h
      Add stub arch-fork.h header.
      ARM: Convert fork.c to arch-fork.h
      Alpha: Convert fork.c to arch-fork.h
      Fix __waitpid_nocancel link error.
      AArch64: Convert fork.c to arch-fork.h
      SH: Convert fork.c to arch-fork.h
      IA64: Convert fork.c to arch-fork.h
      tile: Convert fork.c to arch-fork.h
      SH: Consolidate NPTL/non versions of clone
      m68k: Convert fork.c to arch-fork.h
      SH: Consolidate NPTL/non versions of vfork
      Move NPTL public ABI headers for SH to sysdeps/sh/nptl/.
      Start cleaning up TLS initial value for pthread_create.
      ARM: Define TLS_DEFINE_INIT_TP
      MIPS: Define TLS_DEFINE_INIT_TP
      HPPA: Define TLS_DEFINE_INIT_TP
      m68k: Define TLS_DEFINE_INIT_TP
      SH: Define TLS_DEFINE_INIT_TP
      AArch64: Define TLS_DEFINE_INIT_TP
      PowerPC: Define TLS_DEFINE_INIT_TP
      Alpha: Define TLS_DEFINE_INIT_TP
      S390: Define TLS_DEFINE_INIT_TP
      Tile: Define TLS_DEFINE_INIT_TP
      Move x86_64 code out of nptl/ subdirectory.
      Move SH code out of nptl/ subdirectory.
      Move i386 code out of nptl/ subdirectory.
      Consolidate NPTL sigprocmask.
      Get rid of nptl/sysdeps/pthread/ subdirectory
      Use list.h in posix-timer code.
      SPARC: Convert fork.c to arch-fork.h
      SPARC: Define TLS_DEFINE_INIT_TP
      Move SPARC code out of nptl/sysdeps/sparc/.
      Move SPARC public headers out of nptl/
      S390: Convert fork.c to arch-fork.h
      Move S390 code out of nptl/sysdeps/s390/.
      S390: Move NPTL public headers to sysdeps/s390/nptl/.
      Move remaining SPARC code out of nptl/.
      Missing new file from last commit.
      Move linux bits/ files out of nptl/.
      Clean up stack-coloring macros.
      Clean up HAVE_CONFIG_H and STDC_HEADERS.
      Remove unused file rtld-lowlevel.h.
      Move generic smp.h to nptl/
      SH: Consolidate nptl/ subdirectories under linux/.....
      m68k: Consolidate nptl/ subdirectories under linux/...
      MIPS: Move NPTL public headers to sysdeps/mips/nptl/.
      powerpc: Consolidate nptl/ subdirectories under linux/....
      Remove an unused variable in fstatvfs.
      Add missing #include in get-rounding-mode.h
      x86: Consolidate unnecessary nptl/ subdirectories.
      SPARC: Consolidate nptl/ subdirectories under linux/...
      SPARC: Consolidate unnecessary nptl/ subdirectories.
      MIPS: Consolidate NPTL/non versions of clone
      AArch64: Consolidate nptl/ subdirectories under linux/...
      S390: Consolidate NPTL/non versions of clone
      S390: Consolidate NPTL/non versions of vfork
      Move remaining S390 code out of nptl/.
      S390: Consolidate nptl/ subdirectories under linux/...
      Add missing #include in spawn_faction_addopen.c
      Add missing #include <fpu_control.h> to ARM fesetenv/feupdateenv.
      ARM: Move more aeabi routine magic out of Linux-specific directories
      MIPS: Consolidate NPTL/non versions of vfork
      MIPS: Consolidate nptl/ subdirectories under linux/...
      ARM: Split Linuxism out of sysdeps/arm/nptl/tls.h
      MicroBlaze: Convert fork.c to arch-fork.h
      MicroBlaze: Define TLS_DEFINE_INIT_TP
      MicroBlaze: Move NPTL public headers to sysdeps/microblaze/nptl/.
      MicroBlaze: Consolidate NPTL/non versions of vfork
      MicroBlaze: Consolidate nptl/ subdirectories under linux/...
      Add missing #include for MIN/MAX users.
      Add missing #include for MIN use in dl-sysdep.c.
      S390: Quash unused variable warning due to no-op THREAD_SET_POINTER_GUARD.
      Robustify Linux kernel headers configure checks
      Add missing #include in sysdeps/alpha/fpu/s_nearbyint.c
      Fix unwind.h configure check for bare environment.
      Fix ia64 build error in lll_futex_timed_wait_bitset
      Get rid of nptl/sysdeps/ entirely!
      NPTL is no longer an add-on!
      Remove old stub lowlevellock.h file.  It is not even useful as documentation.
      Get rid of lll_robust_trylock.
      Get rid of lll_robust_dead.
      ChangeLog fixup for last commit.
      Remove declarations of two nonexistent variables from nptl/pthreadP.h.
      Separate Linuxisms from lowlevellock.h, make a generic one
      Add generic/stub implementations of pthread_{kill,sigmask,sigqueue}.
      ARM: Clean up EABI-related configury
      Split nptl-signals.h out from pthreadP.h
      Use __builtin_trap for ABORT_INSTRUCTION.
      Add __safe_fatal and use it in __pthread_unwind forwarder fallback.
      ARM: Move PTR_MANGLE et al out of Linux-specific file.
      Remove sysdeps/unix/sysv/linux/arm/lowlevellock.h
      IA64: Consolidate NPTL/non versions of clone
      IA64: Consolidate NPTL/non versions of vfork
      IA64: Define TLS_DEFINE_INIT_TP
      IA64: Move NPTL public headers to sysdeps/ia64/nptl/.
      IA64: Consolidate nptl/ subdirectories under linux/...
      NEWS: Mention x86-64 ld.so use of Intel MPX instructions.

Sami Kerola (1):
      tzselect: use zonedir instead of current working directory

Samuel Thibault (5):
      hurd: Do not allow unmapping address 0
      hurd: Move dtv, dtv_t, tcbhead_t declaration to per-arch file.
      hurd: Add i386 fields to TLS structure
      Simplify atomicity of socket creation in bind.
      Fix hang on fork

Sean Anderson (1):
      malloc: fix comment typo

Serge Hallyn (1):
      misc/sys/xattr.h: guard against linux uapi header inclusion

Siddhesh Poyarekar (85):
      Minor formatting fix
      Fix sign of input to bsloww1 (BZ #16623)
      Fix ChangeLog formatting
      Fix missing ChangeLog
      nscd: Improved support for tracking startup failure in nscd service (BZ #16639)
      Separate ftell from fseek logic and avoid modifying FILE data (#16532)
      Use cached offset in ftell when reliable
      Fix up formatting
      Fix up formatting in tst-ftell-active-handler.c
      Mark nscd service as forking in systemd service file (BZ #16639)
      Provide correct buffer length to netgroup queries in nscd (BZ #16695)
      Get rid of __LT_SPINLOCK_INIT
      Fix up return codes for tests in tst-ftell-active-handler
      Fix offset caching for streams and use it for ftell (BZ #16680)
      Change offset in fdopen only if setting O_APPEND
      Fix -Wundef warnins for __FP_FAST_FMA*
      Implement benchmarking script in python
      ChangeLog formatting fix
      benchtests: Move bench.py to benchtests/scripts/
      Fix nscd lookup for innetgr when netgroup has wildcards (BZ #16758)
      Avoid overlapping addresses to stpcpy calls in nscd (BZ #16760)
      Return NULL for wildcard values in getnetgrent from nscd (BZ #16759)
      [benchtests] Use inputs file for modf
      Make bench.out in json format
      Detailed benchmark outputs for functions
      benchtests: Link against objects in build directory
      Include atomic.h in sem_wait.c and sem_trywait.c
      Use test-skeleton.c in tst-sem3 and tst-sem4
      Do not fail if one of the two responses to AF_UNSPEC fails (BZ #14308)
      Consolidate code to initialize nscd dataset header
      Initialize all of datahead structure in nscd (BZ #16791)
      Return EAI_AGAIN for AF_UNSPEC when herrno is TRY_AGAIN (BZ #16849)
      Fix formatting
      Fix date in ChangeLog
      Use NSS_STATUS_TRYAGAIN to indicate insufficient buffer (BZ #16878)
      benchtests: Add new directive for benchmark initialization hook
      Fix offset computation for append+ mode on switching from read (BZ #16724)
      Add mmap usage in malloc_info output
      Fix formatting in malloc_info
      Fix format specifier for n_mmaps
      Inline nested function check_list
      Validate bench.out against a JSON schema
      Remove unnecessary $(.)
      Fix ChangeLog and NEWS goof-up
      Print offending diff when check-abi fails
      Fix build warning in pthread_rwlock_*
      Fix namespace violation in pthreadtypes.h (BZ #17084)
      Add compat symbols for scalb* in i386
      Fix Wundef warning for SEPARATE_KEY
      Fix Wundef warning for ELF_MACHINE_NO_RELA
      Fix Wundef warning for WIDE_CHAR_VERSION
      Remove inline keyword from leapyear function
      Remove unnecessary include in memmove_chk
      Correctly attribute the mktime.c change to Paul Eggert
      Fix Wundef warning for MEMCPY_OK_FOR_FWD_MEMMOVE
      Remove MULTI_PTRS_ARE_ALIASES in dns-hosts.c
      Add comment to gethnamaddr.c to warn that the file is unmaintained
      Fix typo in macro name
      Fix typo and formatting in loadmsgcat.c
      Fix -Wundef warning on PAGE_COPY_THRESHOLD
      Don't use __glibc_unlikely in shared code
      Fix Wundef warning for __STDC_VERSION__
      Sync up loadmsgcat.c with gettext
      Restore subdir conditional for tst-timer dependency.
      Add comment for MEMCPY_OK_FOR_FWD_MEMMOVE
      Fix Wundef warning with SHOJI_IS_RIGHT
      Fix Wundef warning for ELF_MACHINE_NO_REL on i386
      Check value at resplen2 if it is not NULL
      Fix Wundef warning for __cplusplus
      Fix -Wmaybe-uninitialized warning in xdr.c
      Add comment about SIZE initialization in xdr.c
      Fix crash when system has no ipv6 address [BZ #17125]
      Fix -Wundef warning for HAVE_OBSTACK
      Fix -Wundef warning for HAVE_SYS_PARAM_H
      Fix Wundef warning for HAVE_STRFTIME
      Fix -Wundef warning for HAVE_LOCALTIME_R
      Sync up error.c with gnulib
      Fix -Wundef warnings in fnmatch.c
      Check if DEBUG is defined in regex_internal.c
      Fix -Wundef warnings in regex_internal.h
      Disable x87 inline functions for x86_64 and SSE [BZ #17262]
      Fix comment error that Jakub pointed out but I forgot to fix
      Remove unnecessary uses of NOT_IN_libc
      Remove redundant CPPFLAGS for some programs
      Remove NOT_IN_libc definition for pthread_atfork

Sihai Yao (1):
      Detect if AVX2 is usable

Stefan Liebler (24):
      S/390: Regenerate ULPs.
      S390: Fix -Wundef warning for __PTHREAD_MUTEX_HAVE_ELISION.
      Use += before-compile instead of a :=.
      S390: Correct type of sa_flags in struct sigaction for POSIX conformance
      S390: Define SIZE_MAX as unsigned long (BZ #16712).
      S390: Fix namespace violation in struct stat (BZ #16714).
      NEWS: Add 16712, 16713, 16714 to fixed bug list.
      S/390: Unify 31 and 64 bit configure.ac
      [BZ #16824] Fix failing y1 due to too large ulps in downward/upward rounding mode.
      [BZ #14770] S/390: Require Binutils >= 2.24 for target S/390.
      S/390: Regenerate ULPs
      [BZ #16823] Fix log1pl returning wrong infinity sign
      Mention BZ16823 in NEWS
      Fix typo in tst-mutex5 ifndef -> ifdef
      Disable lock elision for PTHREAD_MUTEX_NORMAL.
      S/390: Regenerate ULPs.
      posix_spawn_faction_addopen: Add missing string.h include directive
      Fix pthread.h in installed-headers list.
      Generate en_GB.UTF-8 during testing
      [BZ #6803] Set errno for scalbln, scalbn
      S/390: Regenerate ULPs
      S/390: Revert the jmp_buf/ucontext_t ABI change.
      S390: Fix remaining ONE_DIRECTION warning messages
      NEWS: Explain the s390 jmp_buf / ucontext_t ABI change reversal.

Steve Ellcey (7):
      Add macros and inline functions to mips math_private.h file.
      2014-04-29  Steve Ellcey  <sellcey@mips.com>
      2014-05-01  Steve Ellcey  <sellcey@mips.com>
      2014-05-01  Steve Ellcey  <sellcey@mips.com>
      2014-05-01  Steve Ellcey  <sellcey@mips.com>
      2014-05-07  Steve Ellcey  <sellcey@mips.com>
      Add 16922 to list of bugs fixed.

Tomas Dohnalek (1):
      Generate .test-result files for ordinary tests.

Torvald Riegel (2):
      benchtests: Add pthread_once common-case test.
      Fixed and unified pthread_once.

Venkataramanan Kumar (1):
      aarch64: Add setjmp and longjmp SystemTap probes

Vidya Ranganathan (4):
      PowerPC: strspn optimization for PPC64/POWER7
      PowerPC: strncpy/stpncpy optimization for PPC64/POWER7
      PowerPC: Optimized strcmp for PPC64/POWER7
      PowerPC: strcat optimization for PPC64/POWER7

Wilco (18):
      Add fenv test support for targets which don't have FP traps.
      ARM: Improve fenv implementation
      ARM: Improve fenv implementation
      [AArch64] Rewrite feupdateenv (BZ 17009).
      [AArch64] Remove ISB after FPCR write.
      [AArch64] Cleanup declarations in math_private.h.
      [AArch64] Switch from FE_TOWARDZERO to _FPU_FPCR_RM_MASK
      Add FE_NOMASK_ENV return value test.
      Use libc calls defined by fenv_private.h to implement several fenv functions
      Speed up the ARM fenv implementation by avoiding unnecessary FPSCR
      Rewrite feupdateenv
      Add bug 16918 to NEWS.
      Cleanup fenv implementation
      Remove an unused include.
      Add _FPU_MASK_RM and use it instead of FE_TOWARDZERO.
      Optimize fesetenv
      Add bug 16918 to NEWS.
      Fix performance issue in misaligned strcpy.

Wilco Dijkstra (3):
      [ARM] Add support for fenv_private on ARM.
      Add generic HAVE_RM_CTX implementation
      This patch adds new function libc_feholdsetround_noex_aarch64_ctx, enabling

Will Newton (49):
      malloc/mtrace.c: Cosmetic cleanup.
      include/stap-probe.h: Add comment about SystemTap argument format
      manual/probes.texi: Add documentation of setjmp/longjmp probes
      manual/probes.texi: Use "triggered" instead of "hit"
      ARM: Add SystemTap probes to longjmp and setjmp.
      manual/setjmp.texi: Improve clarity of Sys V context doc
      Fix __PTHREAD_MUTEX_HAVE_ELISION -Wundef warning
      Fix HP_SMALL_TIMING_AVAIL -Wundef warnings
      Fix _IO_JUMPS_OFFSET -Wundef warnings
      Fix __STRICT_ANSI__ -Wundef warnings
      Fix HAVE_RM_CTX -Wundef warnings
      Revert "Fix HAVE_RM_CTX -Wundef warnings"
      Revert "Fix _IO_JUMPS_OFFSET -Wundef warnings"
      Revert "Fix HP_SMALL_TIMING_AVAIL -Wundef warnings"
      Revert "Fix __PTHREAD_MUTEX_HAVE_ELISION -Wundef warning"
      aarch64: Remove inaccurate comment from sysdep.h
      benchtests/bench-strtod.c: Increase timeout value
      benchtests: Add benchtests for ffs and ffsll
      benchtests: Build ffs and ffsl benchtests with -fno-builtin
      elf/dl-lookup.c: Remove obsolete comment about nested function
      string: Cosmetic cleanup of string functions
      malloc: Fix MALLOC_DEBUG -Wundef warning
      benchtests: Improve readability of JSON output
      aarch64: Re-implement setcontext without rt_sigreturn syscall
      stdlib/tst-setcontext.c: Check for clobbering of signal stack
      manual/setjmp.texi: Clarify setcontext and signal handlers text
      ARM: Remove lowlevellock.c
      NEWS: Add 15119 to fixed bug list
      ARM: Add optimized ARMv7 strcmp implementation
      ARM: Allow auto-detection of linker relro feature
      malloc: Add mallopt test.
      stdlib/gmp-impl.h: Silence -Wundef warning for USE_STACK_ALLOC
      AArch64: Fix handling of nocancel syscall failures
      ARM: Fix handling of concurrent TLS descriptor resolution
      malloc/malloc.c: Avoid calling sbrk unnecessarily with zero
      test-skeleton.c: Use stdout for error messages
      elf/dl-lookup.c: Move STB_GNU_UNIQUE handling to a function
      elf/dl-lookup.c: Remove unnecessary static variable
      elf/dl-lookup.c: Use __glibc_likely and __glibc_unlikely
      sysdeps/posix/tempname.c: Merge from gnulib
      ARM: Add support for AT_HWCAP2 in _dl_procinfo
      malloc/obstack: Merge from gnulib
      ARM: Define ELF_MACHINE_NO_REL
      string/memchr.c: Merge from gnulib
      Fix -Wundef warnings for SHARED
      iconv/loop.c: Fix -Wundef warning with !_STRING_ARCH_unaligned
      ARM: Fix compiler warnings from atomic.h
      AArch64: Remove lowlevellock.h
      Add BZ #16892 to NEWS

Yang Yingliang (1):
      Fix lll_unlock twice in pthread_cond_broadcast

Yufeng Zhang (1):
      [AArch64] Use GCC builtins to count leading/tailing zeros.

Yury Gribov (1):
      Update ARM ulps for VFPv4 (bug 16600).

Yvan Roux (1):
      AArch64: Remove asm/ptrace.h inclusion in sys/user.h and sys/procfs.h

-----------------------------------------------------------------------
Comment 8 Sourceware Commits 2015-01-16 16:58:50 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, ibm/2.16/master has been created
        at  dfc25d72984eb5a3354e104612d0ca0129af3f98 (commit)

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dfc25d72984eb5a3354e104612d0ca0129af3f98

commit dfc25d72984eb5a3354e104612d0ca0129af3f98
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Sep 25 13:43:04 2013 -0500

    PowerPC: Fix POINTER_CHK_GUARD thread register for PPC64

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1442655ba419867ce1a045a97cdd7904ac1ad516

commit 1442655ba419867ce1a045a97cdd7904ac1ad516
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Jan 20 12:29:51 2014 -0600

    PowerPC: Fix gettimeofday ifunc selection
    
    The IFUNC selector for gettimeofday runs before _libc_vdso_platform_setup where
    __vdso_gettimeofday is set. The selector then sets __gettimeofday (the internal
    version used within GLIBC) to use the system call version instead of the vDSO one.
    This patch changes the check if vDSO is available to get its value directly
    instead of rely on __vdso_gettimeofday.
    
    This patch changes it by getting the vDSO value directly.
    
    It fixes BZ#16431.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1bdb6daceb10307543599df3b118afd2109d2ec8

commit 1bdb6daceb10307543599df3b118afd2109d2ec8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Jan 16 06:53:18 2014 -0600

    PowerPC: Fix ftime gettimeofday internal call returning bogus data
    
    This patches fixes BZ#16430 by setting a different symbol for internal
    GLIBC calls that points to ifunc resolvers. For PPC32, if the symbol
    is defined as hidden (which is the case for gettimeofday and time) the
    compiler will create local branches (symbol@local) and linker will not
    create PLT calls (required for IFUNC). This will leads to internal symbol
    calling the IFUNC resolver instead of the resolved symbol.
    For PPC64 this behavior does not occur because a call to a function in
    another translation unit might use a different toc pointer thus requiring
    a PLT call.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e3008132765936162552b15a77fe348c01074310

commit e3008132765936162552b15a77fe348c01074310
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Nov 7 05:34:22 2013 -0600

    PowerPC: Fix vDSO missing ODP entries
    
    This patch fixes the vDSO symbol used directed in IFUNC resolver where
    they do not have an associated ODP entry leading to undefined behavior
    in some cases. It adds an artificial OPD static entry to such cases
    and set its TOC to non 0 to avoid triggering lazy resolutions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6ff69e1eb81719ee907642f615cef889d5bf8b2c

commit 6ff69e1eb81719ee907642f615cef889d5bf8b2c
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Wed Nov 19 11:44:12 2014 -0500

    CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
    
    The function wordexp() fails to properly handle the WRDE_NOCMD
    flag when processing arithmetic inputs in the form of "$((... ``))"
    where "..." can be anything valid. The backticks in the arithmetic
    epxression are evaluated by in a shell even if WRDE_NOCMD forbade
    command substitution. This allows an attacker to attempt to pass
    dangerous commands via constructs of the above form, and bypass
    the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
    in exec_comm(), the only place that can execute a shell. All other
    checks for WRDE_NOCMD are superfluous and removed.
    
    We expand the testsuite and add 3 new regression tests of roughly
    the same form but with a couple of nested levels.
    
    On top of the 3 new tests we add fork validation to the WRDE_NOCMD
    testing. If any forks are detected during the execution of a wordexp()
    call with WRDE_NOCMD, the test is marked as failed. This is slightly
    heuristic since vfork might be used in the future, but it provides a
    higher level of assurance that no shells were executed as part of
    command substitution with WRDE_NOCMD in effect. In addition it doesn't
    require libpthread or libdl, instead we use the public implementation
    namespace function __register_atfork (already part of the public ABI
    for libpthread).
    
    Tested on x86_64 with no regressions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3ded3d365f0237e92e8af90c878b233f265d7b4a

commit 3ded3d365f0237e92e8af90c878b233f265d7b4a
Author: Allan McRae <allan@archlinux.org>
Date:   Thu Dec 18 11:01:43 2014 +1000

    Label CVE-2014-9402 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c7093fd0fedd8a0b4ed5b01347e3798219ba22ec

commit c7093fd0fedd8a0b4ed5b01347e3798219ba22ec
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Dec 15 17:41:13 2014 +0100

    Avoid infinite loop in nss_dns getnetbyname [BZ #17630]

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c9b43ec3890d5c750a5127a543a55cd94aa73c94

commit c9b43ec3890d5c750a5127a543a55cd94aa73c94
Author: Jeff Law <law@redhat.com>
Date:   Mon Dec 15 10:09:32 2014 +0100

    CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
    
    A larger number of format specifiers coudld cause a stack overflow,
    potentially allowing to bypass _FORTIFY_SOURCE format string
    protection.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3b6ac4b1093333f364698ca3bb812c80b11c2f77

commit 3b6ac4b1093333f364698ca3bb812c80b11c2f77
Author: Allan McRae <allan@archlinux.org>
Date:   Sat Jun 21 17:23:55 2014 +1000

    Mention CVE-2014-4043 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f7865ec21e8ad32929509796497fa3b44c3ef826

commit f7865ec21e8ad32929509796497fa3b44c3ef826
Author: Florian Weimer <fweimer@redhat.com>
Date:   Thu Jan 15 15:16:54 2015 -0500

    posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
    
    POSIX requires that we make a copy, so we allocate a new string
    and free it in posix_spawn_file_actions_destroy.
    
    Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz.  This bug
    may have security implications.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c7a91d241b095855e06e0bd00287968df2f6d87e

commit c7a91d241b095855e06e0bd00287968df2f6d87e
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon May 12 15:24:12 2014 +0200

    _nl_find_locale: Improve handling of crafted locale names [BZ #17137]
    
    Prevent directory traversal in locale-related environment variables
    (CVE-2014-0475).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=588b214bc7fa3e54d6b679ed4b755e6d1310e61d

commit 588b214bc7fa3e54d6b679ed4b755e6d1310e61d
Author: Florian Weimer <fweimer@redhat.com>
Date:   Tue Aug 26 19:38:59 2014 +0200

    __gconv_translit_find: Disable function [BZ #17187]
    
    This functionality has never worked correctly, and the implementation
    contained a security vulnerability (CVE-2014-5119).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bd51e93f9305e37aa17e08dbdb86a2e146c09eff

commit bd51e93f9305e37aa17e08dbdb86a2e146c09eff
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Sep 3 19:45:43 2014 +0200

    CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
    
    These changes are based on the fix for BZ #14134 in commit
    6e230d11837f3ae7b375ea69d7905f0d18eb79e5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=97ef0b2223e10fe3053494defd8a008d7dd9d6d8

commit 97ef0b2223e10fe3053494defd8a008d7dd9d6d8
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Sep 13 09:26:02 2013 +0100

    Add CVE-2013-4332 to NEWS.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733

commit ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Aug 16 12:54:29 2013 +0100

    malloc: Check for integer overflow in memalign.
    
    A large bytes parameter to memalign could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15857]
    	* malloc/malloc.c (__libc_memalign): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f1292792799a507711ce24b497e40f8fea8f9c9c

commit f1292792799a507711ce24b497e40f8fea8f9c9c
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Aug 16 11:59:37 2013 +0100

    malloc: Check for integer overflow in valloc.
    
    A large bytes parameter to valloc could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15856]
    	* malloc/malloc.c (__libc_valloc): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b1e934aed5170eb8948e0f3c6618c9431d6810ad

commit b1e934aed5170eb8948e0f3c6618c9431d6810ad
Author: Will Newton <will.newton@linaro.org>
Date:   Mon Aug 12 15:08:02 2013 +0100

    malloc: Check for integer overflow in pvalloc.
    
    A large bytes parameter to pvalloc could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15855]
    	* malloc/malloc.c (__libc_pvalloc): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bcd619797e785f90cc9fd67208267c26c8e4b40d

commit bcd619797e785f90cc9fd67208267c26c8e4b40d
Author: Florian Weimer <fweimer@redhat.com>
Date:   Fri Aug 16 09:38:52 2013 +0200

    CVE-2013-4237, BZ #14699: Buffer overflow in readdir_r
    
    	* sysdeps/posix/dirstream.h (struct __dirstream): Add errcode
    	member.
    	* sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode
    	member.
    	* sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member.
    	* sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit.
    	Return delayed error code.  Remove GETDENTS_64BIT_ALIGNED
    	conditional.
    	* sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define
    	GETDENTS_64BIT_ALIGNED.
    	* sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise.
    	* manual/filesys.texi (Reading/Closing Directory): Document
    	ENAMETOOLONG return value of readdir_r.  Recommend readdir more
    	strongly.
    	* manual/conf.texi (Limits for Files): Add portability note to
    	NAME_MAX, PATH_MAX.
    	(Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6fd8e941423354e6c7a951d37a60d2f1424d568e

commit 6fd8e941423354e6c7a951d37a60d2f1424d568e
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Mon Sep 23 00:52:09 2013 -0400

    BZ #15754: CVE-2013-4788
    
    The pointer guard used for pointer mangling was not initialized for
    static applications resulting in the security feature being disabled.
    The pointer guard is now correctly initialized to a random value for
    static applications. Existing static applications need to be
    recompiled to take advantage of the fix.
    
    The test tst-ptrguard1-static and tst-ptrguard1 add regression
    coverage to ensure the pointer guards are sufficiently random
    and initialized to a default value.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a243b1a0797180e142d525d1325a173c758c3714

commit a243b1a0797180e142d525d1325a173c758c3714
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon Sep 23 11:24:30 2013 +0530

    Check for integer overflow in cache size computation in strcoll
    
    strcoll is implemented using a cache for indices and weights of
    collation sequences in the strings so that subsequent passes do not
    have to search through collation data again.  For very large string
    inputs, the cache size computation could overflow.  In such a case,
    use the fallback function that does not cache indices and weights of
    collation sequences.
    
    Fixes CVE-2012-4412.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c1132021659d22753104762a074d6339ae6cbd01

commit c1132021659d22753104762a074d6339ae6cbd01
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon Sep 23 11:20:02 2013 +0530

    Fall back to non-cached sequence traversal and comparison on malloc fail
    
    strcoll currently falls back to alloca if malloc fails, resulting in a
    possible stack overflow.  This patch implements sequence traversal and
    comparison without caching indices and rules.
    
    Fixes CVE-2012-4424.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2dc811b78adc97b5f5d951716df30053a24da1a1

commit 2dc811b78adc97b5f5d951716df30053a24da1a1
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Tue Aug 20 08:40:05 2013 +0530

    Simplify strcoll implementation
    
    Break up strcoll into simpler functions so that the logic is easier to
    follow and maintain.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9b951f59aa3c2f2d58d398aab146951216f9ff8d

commit 9b951f59aa3c2f2d58d398aab146951216f9ff8d
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Fri Oct 25 10:22:12 2013 +0530

    Fix stack overflow due to large AF_INET6 requests
    
    Resolves #16072 (CVE-2013-4458).
    
    This patch fixes another stack overflow in getaddrinfo when it is
    called with AF_INET6.  The AF_UNSPEC case was fixed as CVE-2013-1914,
    but the AF_INET6 case went undetected back then.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=302c61e2d3536a6ff99d518499771afd6a951b0c

commit 302c61e2d3536a6ff99d518499771afd6a951b0c
Author: Andreas Schwab <schwab@suse.de>
Date:   Tue Jan 29 14:45:15 2013 +0100

    Fix buffer overrun in regexp matcher

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b7e0492e183efc24e5658c860ca5711e00524dd7

commit b7e0492e183efc24e5658c860ca5711e00524dd7
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Fri Jul 19 02:42:03 2013 -0400

    CVE-2013-2207, BZ #15755: Disable pt_chown.
    
    The helper binary pt_chown tricked into granting access to another
    user's pseudo-terminal.
    
    Pre-conditions for the attack:
    
     * Attacker with local user account
     * Kernel with FUSE support
     * "user_allow_other" in /etc/fuse.conf
     * Victim with allocated slave in /dev/pts
    
    Using the setuid installed pt_chown and a weak check on whether a file
    descriptor is a tty, an attacker could fake a pty check using FUSE and
    trick pt_chown to grant ownership of a pty descriptor that the current
    user does not own.  It cannot access /dev/pts/ptmx however.
    
    In most modern distributions pt_chown is not needed because devpts
    is enabled by default. The fix for this CVE is to disable building
    and using pt_chown by default. We still provide a configure option
    to enable hte use of pt_chown but distributions do so at their own
    risk.
    
    Cherry-pick of e4608715e6e1dd2adc91982fd151d5ba4f761d69.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=02a002fe9c0b65532643a88b01253e95ba8ba8c6

commit 02a002fe9c0b65532643a88b01253e95ba8ba8c6
Author: Jeff Law <law@redhat.com>
Date:   Wed Nov 28 14:12:28 2012 -0700

           [BZ #14889]
            * sunrpc/rpc/svc.h (__svc_accept_failed): New prototype.
            * sunrpc/svc.c: Include time.h.
            (__svc_accept_failed): New function.
            * sunrpc/svc_tcp.c (rendezvous_request): If the accept fails for
            any reason other than EINTR, call __svc_accept_failed.
            * sunrpc/svc_udp.c (svcudp_recv): Similarly.
            * sunrpc/svc_unix.c (rendezvous_request): Similarly.
    
    Cherry-pick of 14bc93a967e62abf8cf2704725b6f76619399f83

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3b498440aac70e994f32f45a31102964313af690

commit 3b498440aac70e994f32f45a31102964313af690
Author: Andreas Schwab <schwab@suse.de>
Date:   Wed Nov 28 10:24:06 2012 +0100

    Properly handle indirect functions in ABI check on powerpc64

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8282b7f2aa6380e8a91515f748d4693d8151fc4f

commit 8282b7f2aa6380e8a91515f748d4693d8151fc4f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Apr 26 13:00:56 2013 -0500

    PowerPC: modf optimization fix
    
    This patch fix the 3c0265394d9ffedff2b0de508602dc52e077ce5c commits
    by correctly setting minimum architecture for modf PPC optimization
    to power5+ instead of power5 (since only on power5+ round/ceil will
    be inline to inline assembly).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=17e599d2613c2a2e4cb6d5c3f9d5f626879aa63f

commit 17e599d2613c2a2e4cb6d5c3f9d5f626879aa63f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 25 16:10:06 2013 -0500

    PowerPC: modf optimization
    
    This patch implements modf/modff optimization for POWER by focus
    on FP operations instead of relying in integer ones.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=60dc6d12c5c61b05013cb15f63349dd3d343f26d

commit 60dc6d12c5c61b05013cb15f63349dd3d343f26d
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Mar 13 10:46:08 2013 -0300

    PowerPC: Change sched_getcpu to use vDSO getcpu instead of syscall.
    
    Backport of d5e0b9bd6e296f3ec5263fa296d39f3fed9b8fa2.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cc328ae264f5b97d2811a95d84112bb1c6c7cae3

commit cc328ae264f5b97d2811a95d84112bb1c6c7cae3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 4 22:02:41 2013 -0300

    PowerPC: gettimeofday optimization by using IFUNC

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=36016f626e72f5d1cb6107deeab29768d82ff7e3

commit 36016f626e72f5d1cb6107deeab29768d82ff7e3
Merge: 4e1f97c 043c748
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Mar 1 16:20:18 2013 -0600

    Merge remote branch 'remotes/origin/release/2.16/master' into local_ibm_2.16

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4e1f97ccdcc257eba262667f7a3179a7d530330d

commit 4e1f97ccdcc257eba262667f7a3179a7d530330d
Author: Mike Frysinger <vapier@gentoo.org>
Date:   Wed Nov 28 23:04:32 2012 -0500

    byteswap.h: fix gcc ver test for __builtin_bswap{32,64}
    
    The __builtin_bswap* functions were introduced in gcc-4.3, not gcc-4.2.
    Fix the __GNUC_PREREQ tests to reflect this.
    
    Otherwise trying to compile code with gcc-4.2 falls down:
    In file included from /usr/include/endian.h:60,
                     from /usr/include/ctype.h:40,
    /usr/include/bits/byteswap.h: In function 'unsigned int __bswap_32(unsigned int)':
    /usr/include/bits/byteswap.h:46: error: '__builtin_bswap32' was not declared in this scope
    /usr/include/bits/byteswap.h: In function 'long long unsigned int __bswap_64(long long unsigned int)':
    /usr/include/bits/byteswap.h:110: error: '__builtin_bswap64' was not declared in this scope
    
    Signed-off-by: Mike Frysinger <vapier@gentoo.org>
    (cherry picked from commit c9d6789ebe028a260d3e5be0c26b7d02fdfe99fe)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=025b233a88a30f5f0474ff2c6051313eb33e5689

commit 025b233a88a30f5f0474ff2c6051313eb33e5689
Author: Joseph Myers <joseph@codesourcery.com>
Date:   Tue Nov 20 00:04:45 2012 +0000

    Fix __bswap_64 return type in generic bits/byteswap.h.
    (cherry picked from commit ecd4caf9783c99fb068a100c35899a0c3a3c6d98)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2c739e2cffb65d80787cfa861f9f6c62de327ad6

commit 2c739e2cffb65d80787cfa861f9f6c62de327ad6
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Fri Oct 12 09:21:47 2012 -0700

    Use __uint64_t in x86 __bswap_64
    (cherry picked from commit d394eb742a3565d7fe7a4b02710a60b5f219ee64)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a24f8ac8e65b451efc81839dd653d0a0e95a23ab

commit a24f8ac8e65b451efc81839dd653d0a0e95a23ab
Author: Andreas Schwab <schwab@linux-m68k.org>
Date:   Tue May 1 17:10:10 2012 +0200

    Fix missing _mcount@GLIBC_2.0 on powerpc32
    (cherry picked from commit 261f485936b283f4327fc1f2fc8fd1705d805c12)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=94464655b576985fdd5f66f7f6126ee1f92a41cc

commit 94464655b576985fdd5f66f7f6126ee1f92a41cc
Author: Peter Bergner <bergner@vnet.ibm.com>
Date:   Fri Jul 6 13:24:49 2012 -0500

    Add AT_PLATFORM env variable to ld.so to override auxv AT_PLATFORM.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d846920271a0f4dc54c0dbbd56998228e75e776c

commit d846920271a0f4dc54c0dbbd56998228e75e776c
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Jul 6 13:03:09 2012 -0500

    Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.

-----------------------------------------------------------------------
Comment 9 Sourceware Commits 2015-01-16 17:02:04 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, ibm/2.19/master has been created
        at  88a8a351f3a6a95205a1499fd68b79fc3d0b9d19 (commit)

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=88a8a351f3a6a95205a1499fd68b79fc3d0b9d19

commit 88a8a351f3a6a95205a1499fd68b79fc3d0b9d19
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Wed Nov 19 11:44:12 2014 -0500

    CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
    
    The function wordexp() fails to properly handle the WRDE_NOCMD
    flag when processing arithmetic inputs in the form of "$((... ``))"
    where "..." can be anything valid. The backticks in the arithmetic
    epxression are evaluated by in a shell even if WRDE_NOCMD forbade
    command substitution. This allows an attacker to attempt to pass
    dangerous commands via constructs of the above form, and bypass
    the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
    in exec_comm(), the only place that can execute a shell. All other
    checks for WRDE_NOCMD are superfluous and removed.
    
    We expand the testsuite and add 3 new regression tests of roughly
    the same form but with a couple of nested levels.
    
    On top of the 3 new tests we add fork validation to the WRDE_NOCMD
    testing. If any forks are detected during the execution of a wordexp()
    call with WRDE_NOCMD, the test is marked as failed. This is slightly
    heuristic since vfork might be used in the future, but it provides a
    higher level of assurance that no shells were executed as part of
    command substitution with WRDE_NOCMD in effect. In addition it doesn't
    require libpthread or libdl, instead we use the public implementation
    namespace function __register_atfork (already part of the public ABI
    for libpthread).
    
    Tested on x86_64 with no regressions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=32404a33a03747951daafde164e3b14464c28fe9

commit 32404a33a03747951daafde164e3b14464c28fe9
Author: Allan McRae <allan@archlinux.org>
Date:   Thu Dec 18 11:01:43 2014 +1000

    Label CVE-2014-9402 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d2a6f3a27b791d91beec2ea91f293ec898080904

commit d2a6f3a27b791d91beec2ea91f293ec898080904
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Dec 15 17:41:13 2014 +0100

    Avoid infinite loop in nss_dns getnetbyname [BZ #17630]

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=39700792d4224af99ab52ea26e98a0a2a2ed6ac6

commit 39700792d4224af99ab52ea26e98a0a2a2ed6ac6
Author: Jeff Law <law@redhat.com>
Date:   Mon Dec 15 10:09:32 2014 +0100

    CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
    
    A larger number of format specifiers coudld cause a stack overflow,
    potentially allowing to bypass _FORTIFY_SOURCE format string
    protection.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5cefe3fc8f35b50eb84cbb740268539a40651173

commit 5cefe3fc8f35b50eb84cbb740268539a40651173
Author: Allan McRae <allan@archlinux.org>
Date:   Sat Jun 21 17:23:55 2014 +1000

    Mention CVE-2014-4043 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eece504424b59a1d8de7b4da9c64e24acaa6fbe0

commit eece504424b59a1d8de7b4da9c64e24acaa6fbe0
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Jun 11 23:12:52 2014 +0200

    posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
    
    POSIX requires that we make a copy, so we allocate a new string
    and free it in posix_spawn_file_actions_destroy.
    
    Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz.  This bug
    may have security implications.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dcf0cce30d91100005e9aeb002096236325648fb

commit dcf0cce30d91100005e9aeb002096236325648fb
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon May 12 15:24:12 2014 +0200

    _nl_find_locale: Improve handling of crafted locale names [BZ #17137]
    
    Prevent directory traversal in locale-related environment variables
    (CVE-2014-0475).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a5da5d74ff2e0a6ee267f283be8dbccc92cec59a

commit a5da5d74ff2e0a6ee267f283be8dbccc92cec59a
Author: Florian Weimer <fweimer@redhat.com>
Date:   Tue Aug 26 19:38:59 2014 +0200

    __gconv_translit_find: Disable function [BZ #17187]
    
    This functionality has never worked correctly, and the implementation
    contained a security vulnerability (CVE-2014-5119).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e6cbfc1fa2c64cad3c599f419dd154cec5af23cc

commit e6cbfc1fa2c64cad3c599f419dd154cec5af23cc
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Sep 3 19:45:43 2014 +0200

    CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
    
    These changes are based on the fix for BZ #14134 in commit
    6e230d11837f3ae7b375ea69d7905f0d18eb79e5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fa7cc069f4eb29c00ec3a833d73ec4a473b11c8a

commit fa7cc069f4eb29c00ec3a833d73ec4a473b11c8a
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 29 13:56:44 2014 -0500

    PowerPC: Fix gprof entry point for LE
    
    This patch fixes the ELFv2 gprof entry point since the ABI
    does not define function descriptors.  It fixes BZ#17213.
    
    This is a backport of a53fbd8e6cd2f69bdfa3431d616a5f332aea6664.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3c640c4acb9bc2c2cc7fa77d5ce1254953761dc1

commit 3c640c4acb9bc2c2cc7fa77d5ce1254953761dc1
Author: Alan Modra <amodra@gmail.com>
Date:   Mon Jul 14 21:14:50 2014 +0930

    Correct DT_PPC64_NUM
    
    	[BZ #17153]
    	* elf/elf.h (DT_PPC64_NUM): Correct value.
    	* NEWS: Add to fixed bug list.
    
    This is a backport of f6c44d475104e931bab2b4ffa499961088de673c.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=957afa3407c426969eaaa348981b9648d5191ae2

commit 957afa3407c426969eaaa348981b9648d5191ae2
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 8 08:54:09 2014 -0500

    PowerPC: Cleanup powerpc memmove
    
    Now that MEMCPY_OK_FOR_FWD_MEMMOVE should be define on memcopy.h there
    is no need to specialized powerpc memmove implementation.  This patch
    moves the define set to powerpc memcopy and cleanup its definition on
    powerpc code.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8d9513a103bdd202ffa4884bdedc2c3c0dbab210

commit 8d9513a103bdd202ffa4884bdedc2c3c0dbab210
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 8 08:49:54 2014 -0500

    PowerPC: Fix compiler warnings
    
    This patch fixes some compiler due trailing data in #undef directives
    and due missing prototypes.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b00ec143897f076ecbcedc7369b4b74e0c7f6d14

commit b00ec143897f076ecbcedc7369b4b74e0c7f6d14
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 8 08:35:44 2014 -0500

    PowerPC: Add ifunc tests for memmove
    
    This patch add the missing ifunc tests definition for memmove ppc32
    optimization patch (commit 07aedd7).
    
    This is a backport of 91f4b564bd7bedcd93e7047cad570ce292d6330b.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=565e3d6c8230affd7089bf5ebfcebbf72f32a27c

commit 565e3d6c8230affd7089bf5ebfcebbf72f32a27c
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Jun 25 11:54:31 2014 -0500

    PowerPC: Align power7 memcpy using VSX to quadword
    
    This patch changes power7 memcpy to use VSX instructions only when
    memory is aligned to quardword.  It is to avoid unaligned kernel traps
    on non-cacheable memory (for instance, memory-mapped I/O).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6fae3527af330c32399e3a4cdfac3958fc440eb8

commit 6fae3527af330c32399e3a4cdfac3958fc440eb8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jun 24 08:47:52 2014 -0500

    PowerPC: optimized memmove for POWER7/PPC32
    
    This patch adds a optimized memmove for power7 by using the optimized
    power7 memcpy for forward copying.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5d55f9b05ecb85b7a543f641829479cfb081f380

commit 5d55f9b05ecb85b7a543f641829479cfb081f380
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Jun 20 12:55:16 2014 -0500

    PowerPC: optimized memmove for POWER7/PPC64
    
    This patch adds an optimized memmove optimization for POWER7/powerpc64.
    Basically the idea is to use the memcpy for POWER7 on non-overlapped
    memory regions and a optimized backward memcpy for memory regions
    that overlap (similar to the idea of string/memmove.c).
    
    The backward memcpy algorithm used is similar the one use for memcpy for
    POWER7, with adjustments done for alignment.  The difference is memory
    is always aligned to 16 bytes before using VSX/altivec instructions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dde00e9914370ddd90c9bbc4f3f0e455efae4b47

commit dde00e9914370ddd90c9bbc4f3f0e455efae4b47
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jun 24 06:42:31 2014 -0500

    PowerPC: memmove default implementation cleanup
    
    This patch removes the powerpc specific logic in memmove and instead
    include default implementation with MEMCPY_OK_FOR_FWD_MEMMOVE defined.
    This lead in a increase performance, since the constraints to use
    memcpy in powerpc code are too restrictive and memcpy can be used for
    any forward memmove.
    
    This is a backport of d6f68bbef4427850c2901728a1d13efc0e687297.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9841a0850ed3be4310ec6b49c3349e39a6f0f481

commit 9841a0850ed3be4310ec6b49c3349e39a6f0f481
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date:   Wed Jun 11 22:21:20 2014 -0500

    PowerPC: strcat optimization for PPC64/POWER7
    
    This patch adds an ifunc power7 strcat symbol that uses the logic on
    sysdeps/powerpc/strcat.c but call power7 strlen/strcpy symbols instead
    of default ones.
    
    This is a backport of bc8ea38590070604006399e42469087e943fc8ec.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ded8852b37f673b8e66163b44f70504dc5af0985

commit ded8852b37f673b8e66163b44f70504dc5af0985
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Jun 23 09:38:47 2014 -0500

    PowerPC: sync hwcap.h capabilities
    
    Linux commit dd58a092c4202f2bd490adab7285b3ff77f8e467 added the
    PPC_FEATURE2_VEC_CRYPTO auvx capability to indicate whether to
    hardware supports vector crypto hardware instructions.  This patch
    adds its definition to powerpc hwcap bits.
    
    This is a backport of db22400947e1c82153e5270d23fed53fc1e3a659.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7e986751f5c05f3363c01c717972f87a681da0d0

commit 7e986751f5c05f3363c01c717972f87a681da0d0
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date:   Tue Jun 17 08:46:25 2014 -0500

    PowerPC: Fix nearbyintl failure for few inputs
    
    This patch fixes few failures in nearbyintl() where the fraction part is
    close to 0.5.i  The new tests added report few extra failures in
    nearbyint_downward and nearbyint_towardzero which is a known issue.
    
    Fixes #17031.
    
    This is a backport of 754c5a08aacb44895d1ab97c553ce424eb43f761.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2289a56644fc05786e2d5637c76d47afea7d38b9

commit 2289a56644fc05786e2d5637c76d47afea7d38b9
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date:   Fri Jun 6 07:56:07 2014 -0500

    PowerPC: Optimized strcmp for PPC64/POWER7
    
    Optimization is achieved on 8 byte aligned strings with double word
    comparison using cmpb instruction. On unaligned strings loop unrolling
    is applied for Power7 gain.
    
    It is a backport of e23d3d2690bf63207b1a47e83a94693daebbbfe5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=010c023685495f4cd907b7bf7d15375edcbe1ead

commit 010c023685495f4cd907b7bf7d15375edcbe1ead
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Jun 6 09:37:07 2014 -0500

    PowerPC: Fix optimized strncat strlen call
    
    This patch fixes the optimized ppc64/power7 strncat strlen call for
    static build without ifunc enabled.  The strlen symbol to call in such
    situation is just strlen, instead of __GI_strlen (since the __GI_
    alias is just created for shared objects).
    
    It is a backport of ed36bfa18faf9be457575568e64b8409e46caa22.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6f0aba1acab171bd853905b66c551336aa0adcf9

commit 6f0aba1acab171bd853905b66c551336aa0adcf9
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Apr 8 17:25:14 2014 -0500

    PowerPC: Fix --disable-multi-arch builds
    
    This patch fixes some powerpc32 and powerpc64 builds with
    --disable-multi-arch option along with different --with-cpu=powerN.
    It cleanups the Implies directories by removing the multiarch
    folder for non multiarch config and also fixing two assembly
    implementations: powerpc64/power7/strncat.S that is calling the
    wrong strlen; and power8/fpu/s_isnan.S that misses the hidden_def and
    weak_alias directives.
    
    It is a backport of de21c33c068c8e39afb5711613a7c083c11ce6a1.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e40df8c4677611afc48601472675593dfd087e4b

commit e40df8c4677611afc48601472675593dfd087e4b
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu May 22 14:48:38 2014 -0500

    PowerPC: Remove 64 bits instructions in PPC32 code
    
    This patch replaces the insrdi by insrwi in powerpc32 assembly.
    
    It is a backport of d298c41635ce7f2dc7c3eccc842fe3aa754c0c8e.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a448439dfffc0878121e0941be9717e05786b1fe

commit a448439dfffc0878121e0941be9717e05786b1fe
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu May 22 07:53:44 2014 -0500

    PowerPC: Fix memchr ifunc hidden symbol for PPC32
    
    This patch fixes a similar issue to
    736c304a1ab4cee36a2f3343f1698bc0abae4608, where for PPC32 if the symbol
    is defined as hidden (memchr) then compiler will create a local branc
    (symbol@local) and the linker will not create a required PLT call to
    make the ifunc work.  It changes the default hidden symbol (__GI_memchr)
    to default memchr symbol for powerpc32 (__memchr_ppc32).
    
    Backport of 3d2badacf185fac740a2992240a817fb2ca325af.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c725f80591aa98c5c0270feb80e857c5943c861a

commit c725f80591aa98c5c0270feb80e857c5943c861a
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon May 19 17:56:55 2014 -0500

    PowerPC: Fix multiarch hypotf PPC64 path
    
    This patch moves the hypotf multiarch implementation to correct path.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1db8c8c873e6112ee4ecddf1eff54f4abaab91a7

commit 1db8c8c873e6112ee4ecddf1eff54f4abaab91a7
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date:   Mon May 5 19:10:45 2014 -0500

    PowerPC: strncpy/stpncpy optimization for PPC64/POWER7
    
    The optimization is achieved by following techniques:
      > data alignment [gain from aligned memory access on read/write]
      > POWER7 gains performance with loop unrolling/unwinding
        [gain by reduction of branch penalty].
      > zero padding done by calling optimized memset

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=08111251bbd7275024d9c945f442f61b06d98910

commit 08111251bbd7275024d9c945f442f61b06d98910
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri May 2 12:00:36 2014 -0500

    PowerPC: ifunc improvement for internal calls
    
    This patch changes de default symbol redirection for internal call of
    memcpy, memset, memchr, and strlen to the IFUNC resolved ones.  The
    performance improvement is noticeable in algorithms that uses these
    symbols extensible, like the regex functions.
    
    This is a backport of 19c4bec0f43599eecc2f32de96ae179cd7d64053.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a8050d789589b73e7908b806d5c929facf76cc6b

commit a8050d789589b73e7908b806d5c929facf76cc6b
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Apr 16 19:33:32 2014 +0930

    Correct IBM long double frexpl.
    
    Besides fixing the bugzilla, this also fixes corner-cases where the high
    and low double differ greatly in magnitude, and handles a denormal
    input without resorting to a fp rescale.
    
    	[BZ #16740]
    	[BZ #16619]
    	* sysdeps/ieee754/ldbl-128ibm/s_frexpl.c (__frexpl): Rewrite.
    	* math/libm-test.inc (frexp_test_data): Add tests.
    
    Backport of aa5f0ff11ad2cc85277c64cf65c723a9664e1149 and
    9860b0450275ad2b69cb9360fd01d5c122a65fc5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=154d4d95f48061d5ab890c85b6015221c1accc6e

commit 154d4d95f48061d5ab890c85b6015221c1accc6e
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Sun Apr 6 14:50:11 2014 -0500

    PowerPC: Fix nearbyint/nearbyintf result for FE_DOWNWARD
    
    This patch fixes the powerpc32 optimized nearbyint/nearbyintf bogus
    results for FE_DOWNWARD rounding mode.  This is due wrong instructions
    sequence used in the rounding calculation (two subtractions instead of
    adition and a subtraction).
    
    Fixes BZ#16815.
    
    Backport of 8bd70862e11023e7f827f240a5a214f847ae982d.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e266b71770050a4d0cb276f4afea1c5b05215184

commit e266b71770050a4d0cb276f4afea1c5b05215184
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Apr 2 13:46:19 2014 +1030

    Correct IBM long double nextafterl.
    
    Fix for values near a power of two, and some tidies.
    
    	[BZ #16739]
    	* sysdeps/ieee754/ldbl-128ibm/s_nextafterl.c (__nextafterl): Correct
    	output when value is near a power of two.  Use int64_t for lx and
    	remove casts.  Use decimal rather than hex exponent constants.
    	Don't use long double multiplication when double will suffice.
    	* math/libm-test.inc (nextafter_test_data): Add tests.
    	* NEWS: Add 16739 and 16786 to bug list.
    
    Backport of b0abbc21034f0e5edc49023d8fda0616173faf17.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b23fc92895aff0ce3d3134a91adaa253bffd187a

commit b23fc92895aff0ce3d3134a91adaa253bffd187a
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Apr 2 13:42:27 2014 +1030

    Correct prefetch hint in power7 memrchr.
    
    Typo fix.
    
    	* sysdeps/powerpc/powerpc64/power7/memrchr.S: Correct stream hint.
    
    Backport of af6b17973cbc07ac06cfb40eeab5cc2391fb489a.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=acd56f757b4e5ab8737b9564bd7a4ad1009acd8d

commit acd56f757b4e5ab8737b9564bd7a4ad1009acd8d
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Apr 2 13:40:21 2014 +1030

    Fix reference to toc symbol.
    
    https://sourceware.org/ml/binutils/2014-03/msg00033.html removes the
    "magic" treatment of symbols defined in a .toc section.
    
    	* sysdeps/powerpc/powerpc64/start.S: Add @toc to toc symbol reference.
    
    Backport of 483818d768ed99a5edf4114298a75ebedaee8d5c.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fd5100c480beef3d36c4bf74b6a23529695d036c

commit fd5100c480beef3d36c4bf74b6a23529695d036c
Author: Alan Modra <amodra@gmail.com>
Date:   Tue Apr 1 14:07:42 2014 +1030

    Fix s_copysign stack temp for PowerPC64 ELFv2
    
    	[BZ #16786]
    	* sysdeps/powerpc/powerpc64/fpu/s_copysign.S: Don't trash stack.
    
    Backport of c859b32e9d76afe8a3f20bb9528961a573c06937.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a51aafa398ed7dd2a0a846c1b2ed8a37909609eb

commit a51aafa398ed7dd2a0a846c1b2ed8a37909609eb
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 31 08:07:55 2014 -0500

    PowerPC: Fix little endian enconding for mfvsrd
    
    This patch fixes the MFVSRD_R3_V1 macro that encodes 'mfvsrd  r3,vs1'
    (to support old binutils) for little endian.
    
    Backport of 757d9dd5c3efa56fac75965abc014faaae7b7895.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=62caa3eed2a154a61a01df3a5f3dde3ff400f4d4

commit 62caa3eed2a154a61a01df3a5f3dde3ff400f4d4
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Mar 20 15:28:07 2014 -0500

    PowerPC: optimized strpbrk for POWER7
    
    This patch add an optimized strpbrk for POWER7 by using a different
    algorithm than default implementation: it constructs a table based on
    the 'accept' argument and use this table to check for any occurance on
    the input string. The idea is similar as x86_64 uses.
    For PowerPC some tunings were added, such as unroll loops and memory
    clear using VSX instructions.
    
    Backport of 6f23d0939e9651d8ac3c77a835fb6464b35a1dc4

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c0afc58657f482f4c31ccade06e7b059e761186c

commit c0afc58657f482f4c31ccade06e7b059e761186c
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Mar 20 11:24:52 2014 -0500

    PowerPC: optimized strcspn for PPC64/POWER7
    
    This patch add a optimized strcspn for POWER7 by using a different
    algorithm than default implementation: it constructs a table based on
    the 'accept' argument and use this table to check for any occurance
    on the input string. The idea is similar as x86_64 uses.
    For PowerPC some tunings were added, such as unroll loops and align
    stack memory to table to 16 bytes (so VSX clean can ran without
    alignment issues).
    
    Backport of 6eaf95cbfa0031ea267682dc2c9c17ed3e3dc167

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ac6d8452be2d582e4a2b14525c839c71b9351991

commit ac6d8452be2d582e4a2b14525c839c71b9351991
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 14 12:49:45 2014 -0500

    PowerPC: remove wrong roundl implementation for PowerPC64
    
    The roundl assembly implementation
    (sysdeps/powerpc/powerpc64/fpu/s_roundl.S)
    returns wrong results for some inputs where first double is a exact
    integer and the precision is determined by second long double.
    
    Checking on implementation comments and history, I am very confident the
    assembly implementation was based on a version before commit
    5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
    long double (ldbl-128ibm) rounding functions in glibc-2.4).
    
    By just removing the implementation and make the build select
    sysdeps/ieee754/ldbl-128ibm/s_roundl.c instead fixes the failing math.
    
    This fixes 16707.
    
    Backport of c7de50250367167d8c9f35594b264f6a0af8dd0c

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c5ac422010eb6b384c3b4e45ab0049172f0ad688

commit c5ac422010eb6b384c3b4e45ab0049172f0ad688
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 14 12:27:52 2014 -0500

    PowerPC: remove wrong nearbyintl implementation for PPC64
    
    The nearbyintl assembly implementation
    (sysdeps/powerpc/powerpc64/fpu/s_nearbyintl.S)
    returns wrong results for some inputs where first double is a exact
    integer and the precision is determined by second long double.
    
    Checking on implementation comments and history, I am very confident the
    assembly implementation was based on a version before commit
    5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
    long double (ldbl-128ibm) rounding functions in glibc-2.4).
    
    By just removing the implementation and make the build select
    sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c instead fixes the failing
    math.
    
    Fixes BZ#16706.
    
    Backport of 98fb27a373f37554232e0060eef1a5bb00a07eb0

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7986a2d12b7ea0653f0366200c703a3905edffd9

commit 7986a2d12b7ea0653f0366200c703a3905edffd9
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 14 07:35:43 2014 -0500

    PowerPC: remove wrong ceill implementation for PowerPC64
    
    The ceill assembly implementation (sysdeps/powerpc/powerpc64/fpu/s_ceill.S)
    returns wrong results for some inputs where first double is a exact
    integer and the precision is determined by second long double.
    
    Checking on implementation comments and history, I am very confident the
    assembly implementation was based on a version before commit
    5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
    long double (ldbl-128ibm) rounding functions in glibc-2.4).
    
    By just removing the implementation and make the build select
    sysdeps/ieee754/ldbl-128ibm/s_ceill.c instead fixes the failing math.
    
    Fixes BZ#16701.
    
    Backport of 374f7f61214967bb4e2257695aeeeecc2a77f369

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a56198dbb21767bde0003d3062d5ec7a8e1279f1

commit a56198dbb21767bde0003d3062d5ec7a8e1279f1
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 14 12:15:40 2014 -0500

    Add truncl tests related to BZ#16414
    
    Backport of 4655c291d1808c35b7c54236ae62be7a3aaa0a2d

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a52b3f7e4c4de8705370adda4b390293780dc768

commit a52b3f7e4c4de8705370adda4b390293780dc768
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Mar 12 08:55:50 2014 -0500

    PowerPC: Fix bzero definition for static libc for PPC32
    
    This patch fixes an issue for powerpc32-fpu static build which fails
    with an 'bzero' undefined reference. This patch adds bzero ifunc selector
    for static builds and fixes the '__bzero_ppc' reference to default
    memset symbol (since static memset build does not provide ifunc
    selector).
    
    Fixes BZ#16689.
    
    Backport of dd3946c615184e1957a0cb09352cac72be5d6d5b.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=09e09c2872ab52c8a42b907105343520019ca1d1

commit 09e09c2872ab52c8a42b907105343520019ca1d1
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Mar 11 16:17:50 2014 -0500

    PowerPC: Fix strspn for static build
    
    This patch makes the strspn ifunc selector build for static builds.
    
    This is a backport of 27c7220a483bda576533aa9a0a9b42175644b1a1

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f510d35c58d16c32ce988d053c9a525b8e38fe47

commit f510d35c58d16c32ce988d053c9a525b8e38fe47
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 10 15:26:20 2014 -0500

    PowerPC: Fix bzero definition for static libc for PPC64
    
    This patch fixes an issue for powerpc64[le] static build where __bzero
    is definied in multiple places (memset-ppc64.o and bzero.o). It is now
    defined only in bzero.o and memset-ppc64.o only defined __bzero_ppc for
    both dynamic and static library.
    
    Fixes BZ#16683.
    
    Backport of 4facea473059914983b7da8dd654c06b8e3dcc41

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=afd75351c2f3cae4a2daf88c50faad889e3a0f2b

commit afd75351c2f3cae4a2daf88c50faad889e3a0f2b
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date:   Mon Mar 10 12:20:36 2014 -0400

    PowerPC: strspn optimization for PPC64/POWER7
    
    The optimization is achieved by following techniques:
      > hashing of needle.
      > hashing avoids scanning of duplicate entries in needle across the string.
      > initializing the hash table with Vector instructions (VSX) by quadword access.
      > unrolling when scanning for character in string across hash table.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e5829d82c88117c9f4752cedfefc8516cb9ffdf7

commit e5829d82c88117c9f4752cedfefc8516cb9ffdf7
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 7 06:09:47 2014 -0600

    PowerPC: strncat optimization for PPC64
    
    The optimization is achieved by following techniques:
    1. Doubleword aligned memory access and compares using
       cmpb instruction.
    2. Loop unrolling for byte load/store.
    3. CPU pre-fetch to avoid cache miss.
    
    Backport of ba9cc0714e58a9e8fa73cf6b0e205cbf1e6b71f2

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e032058ea756e396c4ed1395a44d8b321e370b2f

commit e032058ea756e396c4ed1395a44d8b321e370b2f
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date:   Mon Mar 3 08:06:41 2014 -0600

    PowerPC: strrchr optimization for POWER7/PPC64
    
    This patch optimizes strrchr() for ppc64. It uses aligned memory
    access along with cmpb instruction and CPU prefetch to avoid
    cache misses for speed improvement.
    
    Backport of c7debbdfacbef150aaf9113eb05ccaf2b9e7af6c

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=54dd35c59cda5f59c2f3ae783468da4b94f30dff

commit 54dd35c59cda5f59c2f3ae783468da4b94f30dff
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Feb 17 10:44:08 2014 -0600

    PowerPC: llround/llroundf POWER8 optimization
    
    This patch add a optimized llround/llroundf implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport fe13a20c37578f08ce393ccaeb45caeb48815ca5

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b34f8e9fcd1274e69a9a59a28c270e2cada39c95

commit b34f8e9fcd1274e69a9a59a28c270e2cada39c95
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Feb 18 09:29:29 2014 -0500

    PowerPC: llrint/llrintf POWER8 optimization
    
    This patch add a optimized llrint/llrintf implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport of 1ad8950a3ea4056ed343d681b5146f4b4aa27e10

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c3241bcd73c47d2bcd2a5ffe84a21d4853c8c938

commit c3241bcd73c47d2bcd2a5ffe84a21d4853c8c938
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Feb 27 09:46:46 2014 -0600

    PowerPC: Optimized finite/finitef for POWER8
    
    This patch add a optimized finite/finitef implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport of cac626d60a863e48ab75417064984769e58c5719.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1cd3b05dda2dab30cb7658193cb1af8f594f52f3

commit 1cd3b05dda2dab30cb7658193cb1af8f594f52f3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Feb 27 09:45:41 2014 -0600

    PowerPC: Optimized isinf/isinff for POWER8
    
    This patch add a optimized isinf/isinff implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport of 4393fc119c34e97519b9b7a4fc94066b283be452

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=65c8daedb68b74eae860f91dca226215cd80e348

commit 65c8daedb68b74eae860f91dca226215cd80e348
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Feb 27 09:43:51 2014 -0600

    PowerPC: Optimized isnan/isnanf for POWER8
    
    This patch add a optimized isnan/isnanf implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport of 487972aea52004f604c2878c8c9d3e77670f2c32

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=55e71ccf31c29a7839344f03e0a7437ea0f5f211

commit 55e71ccf31c29a7839344f03e0a7437ea0f5f211
Author: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
Date:   Fri Nov 15 07:44:20 2013 -0600

    Partially revert commit 2663b74f8103a2a8a46b4896439b7a452480fc7c
    
    This change is necessary in order to avoid the issue documented at
    http://sourceware.org/ml/libc-alpha/2013-05/msg00350.html.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fbed4f13980bf4ebd7df59b0e52bd2a16875f0db

commit fbed4f13980bf4ebd7df59b0e52bd2a16875f0db
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Nov 15 07:42:33 2013 -0600

    Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.

-----------------------------------------------------------------------
Comment 10 Sourceware Commits 2015-01-29 18:46:00 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, ibm/2.16/master has been created
        at  ec36394743c15fedca294219f2254b180c4e327c (commit)

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ec36394743c15fedca294219f2254b180c4e327c

commit ec36394743c15fedca294219f2254b180c4e327c
Author: Andreas Schwab <schwab@suse.de>
Date:   Mon Jan 21 17:41:28 2013 +0100

    Fix parsing of numeric hosts in gethostbyname_r
    
    Conflicts:
    	ChangeLog
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=20ac5d44837b82c064dfabd3646ec1f4f6826263

commit 20ac5d44837b82c064dfabd3646ec1f4f6826263
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon Nov 19 13:01:43 2012 +0530

    Return EAI_SYSTEM if we're out of file descriptors
    
    Resolves BZ #14719.
    
    Conflicts:
    	ChangeLog
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dfc25d72984eb5a3354e104612d0ca0129af3f98

commit dfc25d72984eb5a3354e104612d0ca0129af3f98
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Sep 25 13:43:04 2013 -0500

    PowerPC: Fix POINTER_CHK_GUARD thread register for PPC64

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1442655ba419867ce1a045a97cdd7904ac1ad516

commit 1442655ba419867ce1a045a97cdd7904ac1ad516
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Jan 20 12:29:51 2014 -0600

    PowerPC: Fix gettimeofday ifunc selection
    
    The IFUNC selector for gettimeofday runs before _libc_vdso_platform_setup where
    __vdso_gettimeofday is set. The selector then sets __gettimeofday (the internal
    version used within GLIBC) to use the system call version instead of the vDSO one.
    This patch changes the check if vDSO is available to get its value directly
    instead of rely on __vdso_gettimeofday.
    
    This patch changes it by getting the vDSO value directly.
    
    It fixes BZ#16431.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1bdb6daceb10307543599df3b118afd2109d2ec8

commit 1bdb6daceb10307543599df3b118afd2109d2ec8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Jan 16 06:53:18 2014 -0600

    PowerPC: Fix ftime gettimeofday internal call returning bogus data
    
    This patches fixes BZ#16430 by setting a different symbol for internal
    GLIBC calls that points to ifunc resolvers. For PPC32, if the symbol
    is defined as hidden (which is the case for gettimeofday and time) the
    compiler will create local branches (symbol@local) and linker will not
    create PLT calls (required for IFUNC). This will leads to internal symbol
    calling the IFUNC resolver instead of the resolved symbol.
    For PPC64 this behavior does not occur because a call to a function in
    another translation unit might use a different toc pointer thus requiring
    a PLT call.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e3008132765936162552b15a77fe348c01074310

commit e3008132765936162552b15a77fe348c01074310
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Nov 7 05:34:22 2013 -0600

    PowerPC: Fix vDSO missing ODP entries
    
    This patch fixes the vDSO symbol used directed in IFUNC resolver where
    they do not have an associated ODP entry leading to undefined behavior
    in some cases. It adds an artificial OPD static entry to such cases
    and set its TOC to non 0 to avoid triggering lazy resolutions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6ff69e1eb81719ee907642f615cef889d5bf8b2c

commit 6ff69e1eb81719ee907642f615cef889d5bf8b2c
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Wed Nov 19 11:44:12 2014 -0500

    CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
    
    The function wordexp() fails to properly handle the WRDE_NOCMD
    flag when processing arithmetic inputs in the form of "$((... ``))"
    where "..." can be anything valid. The backticks in the arithmetic
    epxression are evaluated by in a shell even if WRDE_NOCMD forbade
    command substitution. This allows an attacker to attempt to pass
    dangerous commands via constructs of the above form, and bypass
    the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
    in exec_comm(), the only place that can execute a shell. All other
    checks for WRDE_NOCMD are superfluous and removed.
    
    We expand the testsuite and add 3 new regression tests of roughly
    the same form but with a couple of nested levels.
    
    On top of the 3 new tests we add fork validation to the WRDE_NOCMD
    testing. If any forks are detected during the execution of a wordexp()
    call with WRDE_NOCMD, the test is marked as failed. This is slightly
    heuristic since vfork might be used in the future, but it provides a
    higher level of assurance that no shells were executed as part of
    command substitution with WRDE_NOCMD in effect. In addition it doesn't
    require libpthread or libdl, instead we use the public implementation
    namespace function __register_atfork (already part of the public ABI
    for libpthread).
    
    Tested on x86_64 with no regressions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3ded3d365f0237e92e8af90c878b233f265d7b4a

commit 3ded3d365f0237e92e8af90c878b233f265d7b4a
Author: Allan McRae <allan@archlinux.org>
Date:   Thu Dec 18 11:01:43 2014 +1000

    Label CVE-2014-9402 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c7093fd0fedd8a0b4ed5b01347e3798219ba22ec

commit c7093fd0fedd8a0b4ed5b01347e3798219ba22ec
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Dec 15 17:41:13 2014 +0100

    Avoid infinite loop in nss_dns getnetbyname [BZ #17630]

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c9b43ec3890d5c750a5127a543a55cd94aa73c94

commit c9b43ec3890d5c750a5127a543a55cd94aa73c94
Author: Jeff Law <law@redhat.com>
Date:   Mon Dec 15 10:09:32 2014 +0100

    CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
    
    A larger number of format specifiers coudld cause a stack overflow,
    potentially allowing to bypass _FORTIFY_SOURCE format string
    protection.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3b6ac4b1093333f364698ca3bb812c80b11c2f77

commit 3b6ac4b1093333f364698ca3bb812c80b11c2f77
Author: Allan McRae <allan@archlinux.org>
Date:   Sat Jun 21 17:23:55 2014 +1000

    Mention CVE-2014-4043 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f7865ec21e8ad32929509796497fa3b44c3ef826

commit f7865ec21e8ad32929509796497fa3b44c3ef826
Author: Florian Weimer <fweimer@redhat.com>
Date:   Thu Jan 15 15:16:54 2015 -0500

    posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
    
    POSIX requires that we make a copy, so we allocate a new string
    and free it in posix_spawn_file_actions_destroy.
    
    Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz.  This bug
    may have security implications.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c7a91d241b095855e06e0bd00287968df2f6d87e

commit c7a91d241b095855e06e0bd00287968df2f6d87e
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon May 12 15:24:12 2014 +0200

    _nl_find_locale: Improve handling of crafted locale names [BZ #17137]
    
    Prevent directory traversal in locale-related environment variables
    (CVE-2014-0475).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=588b214bc7fa3e54d6b679ed4b755e6d1310e61d

commit 588b214bc7fa3e54d6b679ed4b755e6d1310e61d
Author: Florian Weimer <fweimer@redhat.com>
Date:   Tue Aug 26 19:38:59 2014 +0200

    __gconv_translit_find: Disable function [BZ #17187]
    
    This functionality has never worked correctly, and the implementation
    contained a security vulnerability (CVE-2014-5119).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bd51e93f9305e37aa17e08dbdb86a2e146c09eff

commit bd51e93f9305e37aa17e08dbdb86a2e146c09eff
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Sep 3 19:45:43 2014 +0200

    CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
    
    These changes are based on the fix for BZ #14134 in commit
    6e230d11837f3ae7b375ea69d7905f0d18eb79e5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=97ef0b2223e10fe3053494defd8a008d7dd9d6d8

commit 97ef0b2223e10fe3053494defd8a008d7dd9d6d8
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Sep 13 09:26:02 2013 +0100

    Add CVE-2013-4332 to NEWS.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733

commit ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Aug 16 12:54:29 2013 +0100

    malloc: Check for integer overflow in memalign.
    
    A large bytes parameter to memalign could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15857]
    	* malloc/malloc.c (__libc_memalign): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f1292792799a507711ce24b497e40f8fea8f9c9c

commit f1292792799a507711ce24b497e40f8fea8f9c9c
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Aug 16 11:59:37 2013 +0100

    malloc: Check for integer overflow in valloc.
    
    A large bytes parameter to valloc could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15856]
    	* malloc/malloc.c (__libc_valloc): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b1e934aed5170eb8948e0f3c6618c9431d6810ad

commit b1e934aed5170eb8948e0f3c6618c9431d6810ad
Author: Will Newton <will.newton@linaro.org>
Date:   Mon Aug 12 15:08:02 2013 +0100

    malloc: Check for integer overflow in pvalloc.
    
    A large bytes parameter to pvalloc could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15855]
    	* malloc/malloc.c (__libc_pvalloc): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bcd619797e785f90cc9fd67208267c26c8e4b40d

commit bcd619797e785f90cc9fd67208267c26c8e4b40d
Author: Florian Weimer <fweimer@redhat.com>
Date:   Fri Aug 16 09:38:52 2013 +0200

    CVE-2013-4237, BZ #14699: Buffer overflow in readdir_r
    
    	* sysdeps/posix/dirstream.h (struct __dirstream): Add errcode
    	member.
    	* sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode
    	member.
    	* sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member.
    	* sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit.
    	Return delayed error code.  Remove GETDENTS_64BIT_ALIGNED
    	conditional.
    	* sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define
    	GETDENTS_64BIT_ALIGNED.
    	* sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise.
    	* manual/filesys.texi (Reading/Closing Directory): Document
    	ENAMETOOLONG return value of readdir_r.  Recommend readdir more
    	strongly.
    	* manual/conf.texi (Limits for Files): Add portability note to
    	NAME_MAX, PATH_MAX.
    	(Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6fd8e941423354e6c7a951d37a60d2f1424d568e

commit 6fd8e941423354e6c7a951d37a60d2f1424d568e
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Mon Sep 23 00:52:09 2013 -0400

    BZ #15754: CVE-2013-4788
    
    The pointer guard used for pointer mangling was not initialized for
    static applications resulting in the security feature being disabled.
    The pointer guard is now correctly initialized to a random value for
    static applications. Existing static applications need to be
    recompiled to take advantage of the fix.
    
    The test tst-ptrguard1-static and tst-ptrguard1 add regression
    coverage to ensure the pointer guards are sufficiently random
    and initialized to a default value.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a243b1a0797180e142d525d1325a173c758c3714

commit a243b1a0797180e142d525d1325a173c758c3714
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon Sep 23 11:24:30 2013 +0530

    Check for integer overflow in cache size computation in strcoll
    
    strcoll is implemented using a cache for indices and weights of
    collation sequences in the strings so that subsequent passes do not
    have to search through collation data again.  For very large string
    inputs, the cache size computation could overflow.  In such a case,
    use the fallback function that does not cache indices and weights of
    collation sequences.
    
    Fixes CVE-2012-4412.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c1132021659d22753104762a074d6339ae6cbd01

commit c1132021659d22753104762a074d6339ae6cbd01
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon Sep 23 11:20:02 2013 +0530

    Fall back to non-cached sequence traversal and comparison on malloc fail
    
    strcoll currently falls back to alloca if malloc fails, resulting in a
    possible stack overflow.  This patch implements sequence traversal and
    comparison without caching indices and rules.
    
    Fixes CVE-2012-4424.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2dc811b78adc97b5f5d951716df30053a24da1a1

commit 2dc811b78adc97b5f5d951716df30053a24da1a1
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Tue Aug 20 08:40:05 2013 +0530

    Simplify strcoll implementation
    
    Break up strcoll into simpler functions so that the logic is easier to
    follow and maintain.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9b951f59aa3c2f2d58d398aab146951216f9ff8d

commit 9b951f59aa3c2f2d58d398aab146951216f9ff8d
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Fri Oct 25 10:22:12 2013 +0530

    Fix stack overflow due to large AF_INET6 requests
    
    Resolves #16072 (CVE-2013-4458).
    
    This patch fixes another stack overflow in getaddrinfo when it is
    called with AF_INET6.  The AF_UNSPEC case was fixed as CVE-2013-1914,
    but the AF_INET6 case went undetected back then.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=302c61e2d3536a6ff99d518499771afd6a951b0c

commit 302c61e2d3536a6ff99d518499771afd6a951b0c
Author: Andreas Schwab <schwab@suse.de>
Date:   Tue Jan 29 14:45:15 2013 +0100

    Fix buffer overrun in regexp matcher

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b7e0492e183efc24e5658c860ca5711e00524dd7

commit b7e0492e183efc24e5658c860ca5711e00524dd7
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Fri Jul 19 02:42:03 2013 -0400

    CVE-2013-2207, BZ #15755: Disable pt_chown.
    
    The helper binary pt_chown tricked into granting access to another
    user's pseudo-terminal.
    
    Pre-conditions for the attack:
    
     * Attacker with local user account
     * Kernel with FUSE support
     * "user_allow_other" in /etc/fuse.conf
     * Victim with allocated slave in /dev/pts
    
    Using the setuid installed pt_chown and a weak check on whether a file
    descriptor is a tty, an attacker could fake a pty check using FUSE and
    trick pt_chown to grant ownership of a pty descriptor that the current
    user does not own.  It cannot access /dev/pts/ptmx however.
    
    In most modern distributions pt_chown is not needed because devpts
    is enabled by default. The fix for this CVE is to disable building
    and using pt_chown by default. We still provide a configure option
    to enable hte use of pt_chown but distributions do so at their own
    risk.
    
    Cherry-pick of e4608715e6e1dd2adc91982fd151d5ba4f761d69.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=02a002fe9c0b65532643a88b01253e95ba8ba8c6

commit 02a002fe9c0b65532643a88b01253e95ba8ba8c6
Author: Jeff Law <law@redhat.com>
Date:   Wed Nov 28 14:12:28 2012 -0700

           [BZ #14889]
            * sunrpc/rpc/svc.h (__svc_accept_failed): New prototype.
            * sunrpc/svc.c: Include time.h.
            (__svc_accept_failed): New function.
            * sunrpc/svc_tcp.c (rendezvous_request): If the accept fails for
            any reason other than EINTR, call __svc_accept_failed.
            * sunrpc/svc_udp.c (svcudp_recv): Similarly.
            * sunrpc/svc_unix.c (rendezvous_request): Similarly.
    
    Cherry-pick of 14bc93a967e62abf8cf2704725b6f76619399f83

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3b498440aac70e994f32f45a31102964313af690

commit 3b498440aac70e994f32f45a31102964313af690
Author: Andreas Schwab <schwab@suse.de>
Date:   Wed Nov 28 10:24:06 2012 +0100

    Properly handle indirect functions in ABI check on powerpc64

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8282b7f2aa6380e8a91515f748d4693d8151fc4f

commit 8282b7f2aa6380e8a91515f748d4693d8151fc4f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Apr 26 13:00:56 2013 -0500

    PowerPC: modf optimization fix
    
    This patch fix the 3c0265394d9ffedff2b0de508602dc52e077ce5c commits
    by correctly setting minimum architecture for modf PPC optimization
    to power5+ instead of power5 (since only on power5+ round/ceil will
    be inline to inline assembly).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=17e599d2613c2a2e4cb6d5c3f9d5f626879aa63f

commit 17e599d2613c2a2e4cb6d5c3f9d5f626879aa63f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 25 16:10:06 2013 -0500

    PowerPC: modf optimization
    
    This patch implements modf/modff optimization for POWER by focus
    on FP operations instead of relying in integer ones.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=60dc6d12c5c61b05013cb15f63349dd3d343f26d

commit 60dc6d12c5c61b05013cb15f63349dd3d343f26d
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Mar 13 10:46:08 2013 -0300

    PowerPC: Change sched_getcpu to use vDSO getcpu instead of syscall.
    
    Backport of d5e0b9bd6e296f3ec5263fa296d39f3fed9b8fa2.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cc328ae264f5b97d2811a95d84112bb1c6c7cae3

commit cc328ae264f5b97d2811a95d84112bb1c6c7cae3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 4 22:02:41 2013 -0300

    PowerPC: gettimeofday optimization by using IFUNC

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=36016f626e72f5d1cb6107deeab29768d82ff7e3

commit 36016f626e72f5d1cb6107deeab29768d82ff7e3
Merge: 4e1f97c 043c748
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Mar 1 16:20:18 2013 -0600

    Merge remote branch 'remotes/origin/release/2.16/master' into local_ibm_2.16

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4e1f97ccdcc257eba262667f7a3179a7d530330d

commit 4e1f97ccdcc257eba262667f7a3179a7d530330d
Author: Mike Frysinger <vapier@gentoo.org>
Date:   Wed Nov 28 23:04:32 2012 -0500

    byteswap.h: fix gcc ver test for __builtin_bswap{32,64}
    
    The __builtin_bswap* functions were introduced in gcc-4.3, not gcc-4.2.
    Fix the __GNUC_PREREQ tests to reflect this.
    
    Otherwise trying to compile code with gcc-4.2 falls down:
    In file included from /usr/include/endian.h:60,
                     from /usr/include/ctype.h:40,
    /usr/include/bits/byteswap.h: In function 'unsigned int __bswap_32(unsigned int)':
    /usr/include/bits/byteswap.h:46: error: '__builtin_bswap32' was not declared in this scope
    /usr/include/bits/byteswap.h: In function 'long long unsigned int __bswap_64(long long unsigned int)':
    /usr/include/bits/byteswap.h:110: error: '__builtin_bswap64' was not declared in this scope
    
    Signed-off-by: Mike Frysinger <vapier@gentoo.org>
    (cherry picked from commit c9d6789ebe028a260d3e5be0c26b7d02fdfe99fe)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=025b233a88a30f5f0474ff2c6051313eb33e5689

commit 025b233a88a30f5f0474ff2c6051313eb33e5689
Author: Joseph Myers <joseph@codesourcery.com>
Date:   Tue Nov 20 00:04:45 2012 +0000

    Fix __bswap_64 return type in generic bits/byteswap.h.
    (cherry picked from commit ecd4caf9783c99fb068a100c35899a0c3a3c6d98)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2c739e2cffb65d80787cfa861f9f6c62de327ad6

commit 2c739e2cffb65d80787cfa861f9f6c62de327ad6
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Fri Oct 12 09:21:47 2012 -0700

    Use __uint64_t in x86 __bswap_64
    (cherry picked from commit d394eb742a3565d7fe7a4b02710a60b5f219ee64)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a24f8ac8e65b451efc81839dd653d0a0e95a23ab

commit a24f8ac8e65b451efc81839dd653d0a0e95a23ab
Author: Andreas Schwab <schwab@linux-m68k.org>
Date:   Tue May 1 17:10:10 2012 +0200

    Fix missing _mcount@GLIBC_2.0 on powerpc32
    (cherry picked from commit 261f485936b283f4327fc1f2fc8fd1705d805c12)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=94464655b576985fdd5f66f7f6126ee1f92a41cc

commit 94464655b576985fdd5f66f7f6126ee1f92a41cc
Author: Peter Bergner <bergner@vnet.ibm.com>
Date:   Fri Jul 6 13:24:49 2012 -0500

    Add AT_PLATFORM env variable to ld.so to override auxv AT_PLATFORM.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d846920271a0f4dc54c0dbbd56998228e75e776c

commit d846920271a0f4dc54c0dbbd56998228e75e776c
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Jul 6 13:03:09 2012 -0500

    Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.

-----------------------------------------------------------------------
Comment 11 Sourceware Commits 2015-02-23 14:23:04 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, ibm/2.19/master has been created
        at  b5faf032c4c6a2260a9a93d8d4df611caa8b54cc (commit)

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b5faf032c4c6a2260a9a93d8d4df611caa8b54cc

commit b5faf032c4c6a2260a9a93d8d4df611caa8b54cc
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date:   Fri Feb 6 00:30:42 2015 -0500

    CVE-2015-1472: wscanf allocates too little memory
    
    BZ #16618
    
    Under certain conditions wscanf can allocate too little memory for the
    to-be-scanned arguments and overflow the allocated buffer.  The
    implementation now correctly computes the required buffer size when
    using malloc.
    
    A regression test was added to tst-sscanf.
    
    Conflicts:
    	ChangeLog
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=88a8a351f3a6a95205a1499fd68b79fc3d0b9d19

commit 88a8a351f3a6a95205a1499fd68b79fc3d0b9d19
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Wed Nov 19 11:44:12 2014 -0500

    CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
    
    The function wordexp() fails to properly handle the WRDE_NOCMD
    flag when processing arithmetic inputs in the form of "$((... ``))"
    where "..." can be anything valid. The backticks in the arithmetic
    epxression are evaluated by in a shell even if WRDE_NOCMD forbade
    command substitution. This allows an attacker to attempt to pass
    dangerous commands via constructs of the above form, and bypass
    the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
    in exec_comm(), the only place that can execute a shell. All other
    checks for WRDE_NOCMD are superfluous and removed.
    
    We expand the testsuite and add 3 new regression tests of roughly
    the same form but with a couple of nested levels.
    
    On top of the 3 new tests we add fork validation to the WRDE_NOCMD
    testing. If any forks are detected during the execution of a wordexp()
    call with WRDE_NOCMD, the test is marked as failed. This is slightly
    heuristic since vfork might be used in the future, but it provides a
    higher level of assurance that no shells were executed as part of
    command substitution with WRDE_NOCMD in effect. In addition it doesn't
    require libpthread or libdl, instead we use the public implementation
    namespace function __register_atfork (already part of the public ABI
    for libpthread).
    
    Tested on x86_64 with no regressions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=32404a33a03747951daafde164e3b14464c28fe9

commit 32404a33a03747951daafde164e3b14464c28fe9
Author: Allan McRae <allan@archlinux.org>
Date:   Thu Dec 18 11:01:43 2014 +1000

    Label CVE-2014-9402 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d2a6f3a27b791d91beec2ea91f293ec898080904

commit d2a6f3a27b791d91beec2ea91f293ec898080904
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Dec 15 17:41:13 2014 +0100

    Avoid infinite loop in nss_dns getnetbyname [BZ #17630]

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=39700792d4224af99ab52ea26e98a0a2a2ed6ac6

commit 39700792d4224af99ab52ea26e98a0a2a2ed6ac6
Author: Jeff Law <law@redhat.com>
Date:   Mon Dec 15 10:09:32 2014 +0100

    CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
    
    A larger number of format specifiers coudld cause a stack overflow,
    potentially allowing to bypass _FORTIFY_SOURCE format string
    protection.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5cefe3fc8f35b50eb84cbb740268539a40651173

commit 5cefe3fc8f35b50eb84cbb740268539a40651173
Author: Allan McRae <allan@archlinux.org>
Date:   Sat Jun 21 17:23:55 2014 +1000

    Mention CVE-2014-4043 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eece504424b59a1d8de7b4da9c64e24acaa6fbe0

commit eece504424b59a1d8de7b4da9c64e24acaa6fbe0
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Jun 11 23:12:52 2014 +0200

    posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
    
    POSIX requires that we make a copy, so we allocate a new string
    and free it in posix_spawn_file_actions_destroy.
    
    Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz.  This bug
    may have security implications.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dcf0cce30d91100005e9aeb002096236325648fb

commit dcf0cce30d91100005e9aeb002096236325648fb
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon May 12 15:24:12 2014 +0200

    _nl_find_locale: Improve handling of crafted locale names [BZ #17137]
    
    Prevent directory traversal in locale-related environment variables
    (CVE-2014-0475).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a5da5d74ff2e0a6ee267f283be8dbccc92cec59a

commit a5da5d74ff2e0a6ee267f283be8dbccc92cec59a
Author: Florian Weimer <fweimer@redhat.com>
Date:   Tue Aug 26 19:38:59 2014 +0200

    __gconv_translit_find: Disable function [BZ #17187]
    
    This functionality has never worked correctly, and the implementation
    contained a security vulnerability (CVE-2014-5119).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e6cbfc1fa2c64cad3c599f419dd154cec5af23cc

commit e6cbfc1fa2c64cad3c599f419dd154cec5af23cc
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Sep 3 19:45:43 2014 +0200

    CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
    
    These changes are based on the fix for BZ #14134 in commit
    6e230d11837f3ae7b375ea69d7905f0d18eb79e5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fa7cc069f4eb29c00ec3a833d73ec4a473b11c8a

commit fa7cc069f4eb29c00ec3a833d73ec4a473b11c8a
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 29 13:56:44 2014 -0500

    PowerPC: Fix gprof entry point for LE
    
    This patch fixes the ELFv2 gprof entry point since the ABI
    does not define function descriptors.  It fixes BZ#17213.
    
    This is a backport of a53fbd8e6cd2f69bdfa3431d616a5f332aea6664.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3c640c4acb9bc2c2cc7fa77d5ce1254953761dc1

commit 3c640c4acb9bc2c2cc7fa77d5ce1254953761dc1
Author: Alan Modra <amodra@gmail.com>
Date:   Mon Jul 14 21:14:50 2014 +0930

    Correct DT_PPC64_NUM
    
    	[BZ #17153]
    	* elf/elf.h (DT_PPC64_NUM): Correct value.
    	* NEWS: Add to fixed bug list.
    
    This is a backport of f6c44d475104e931bab2b4ffa499961088de673c.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=957afa3407c426969eaaa348981b9648d5191ae2

commit 957afa3407c426969eaaa348981b9648d5191ae2
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 8 08:54:09 2014 -0500

    PowerPC: Cleanup powerpc memmove
    
    Now that MEMCPY_OK_FOR_FWD_MEMMOVE should be define on memcopy.h there
    is no need to specialized powerpc memmove implementation.  This patch
    moves the define set to powerpc memcopy and cleanup its definition on
    powerpc code.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8d9513a103bdd202ffa4884bdedc2c3c0dbab210

commit 8d9513a103bdd202ffa4884bdedc2c3c0dbab210
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 8 08:49:54 2014 -0500

    PowerPC: Fix compiler warnings
    
    This patch fixes some compiler due trailing data in #undef directives
    and due missing prototypes.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b00ec143897f076ecbcedc7369b4b74e0c7f6d14

commit b00ec143897f076ecbcedc7369b4b74e0c7f6d14
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 8 08:35:44 2014 -0500

    PowerPC: Add ifunc tests for memmove
    
    This patch add the missing ifunc tests definition for memmove ppc32
    optimization patch (commit 07aedd7).
    
    This is a backport of 91f4b564bd7bedcd93e7047cad570ce292d6330b.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=565e3d6c8230affd7089bf5ebfcebbf72f32a27c

commit 565e3d6c8230affd7089bf5ebfcebbf72f32a27c
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Jun 25 11:54:31 2014 -0500

    PowerPC: Align power7 memcpy using VSX to quadword
    
    This patch changes power7 memcpy to use VSX instructions only when
    memory is aligned to quardword.  It is to avoid unaligned kernel traps
    on non-cacheable memory (for instance, memory-mapped I/O).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6fae3527af330c32399e3a4cdfac3958fc440eb8

commit 6fae3527af330c32399e3a4cdfac3958fc440eb8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jun 24 08:47:52 2014 -0500

    PowerPC: optimized memmove for POWER7/PPC32
    
    This patch adds a optimized memmove for power7 by using the optimized
    power7 memcpy for forward copying.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5d55f9b05ecb85b7a543f641829479cfb081f380

commit 5d55f9b05ecb85b7a543f641829479cfb081f380
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Jun 20 12:55:16 2014 -0500

    PowerPC: optimized memmove for POWER7/PPC64
    
    This patch adds an optimized memmove optimization for POWER7/powerpc64.
    Basically the idea is to use the memcpy for POWER7 on non-overlapped
    memory regions and a optimized backward memcpy for memory regions
    that overlap (similar to the idea of string/memmove.c).
    
    The backward memcpy algorithm used is similar the one use for memcpy for
    POWER7, with adjustments done for alignment.  The difference is memory
    is always aligned to 16 bytes before using VSX/altivec instructions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dde00e9914370ddd90c9bbc4f3f0e455efae4b47

commit dde00e9914370ddd90c9bbc4f3f0e455efae4b47
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jun 24 06:42:31 2014 -0500

    PowerPC: memmove default implementation cleanup
    
    This patch removes the powerpc specific logic in memmove and instead
    include default implementation with MEMCPY_OK_FOR_FWD_MEMMOVE defined.
    This lead in a increase performance, since the constraints to use
    memcpy in powerpc code are too restrictive and memcpy can be used for
    any forward memmove.
    
    This is a backport of d6f68bbef4427850c2901728a1d13efc0e687297.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9841a0850ed3be4310ec6b49c3349e39a6f0f481

commit 9841a0850ed3be4310ec6b49c3349e39a6f0f481
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date:   Wed Jun 11 22:21:20 2014 -0500

    PowerPC: strcat optimization for PPC64/POWER7
    
    This patch adds an ifunc power7 strcat symbol that uses the logic on
    sysdeps/powerpc/strcat.c but call power7 strlen/strcpy symbols instead
    of default ones.
    
    This is a backport of bc8ea38590070604006399e42469087e943fc8ec.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ded8852b37f673b8e66163b44f70504dc5af0985

commit ded8852b37f673b8e66163b44f70504dc5af0985
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Jun 23 09:38:47 2014 -0500

    PowerPC: sync hwcap.h capabilities
    
    Linux commit dd58a092c4202f2bd490adab7285b3ff77f8e467 added the
    PPC_FEATURE2_VEC_CRYPTO auvx capability to indicate whether to
    hardware supports vector crypto hardware instructions.  This patch
    adds its definition to powerpc hwcap bits.
    
    This is a backport of db22400947e1c82153e5270d23fed53fc1e3a659.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7e986751f5c05f3363c01c717972f87a681da0d0

commit 7e986751f5c05f3363c01c717972f87a681da0d0
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date:   Tue Jun 17 08:46:25 2014 -0500

    PowerPC: Fix nearbyintl failure for few inputs
    
    This patch fixes few failures in nearbyintl() where the fraction part is
    close to 0.5.i  The new tests added report few extra failures in
    nearbyint_downward and nearbyint_towardzero which is a known issue.
    
    Fixes #17031.
    
    This is a backport of 754c5a08aacb44895d1ab97c553ce424eb43f761.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2289a56644fc05786e2d5637c76d47afea7d38b9

commit 2289a56644fc05786e2d5637c76d47afea7d38b9
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date:   Fri Jun 6 07:56:07 2014 -0500

    PowerPC: Optimized strcmp for PPC64/POWER7
    
    Optimization is achieved on 8 byte aligned strings with double word
    comparison using cmpb instruction. On unaligned strings loop unrolling
    is applied for Power7 gain.
    
    It is a backport of e23d3d2690bf63207b1a47e83a94693daebbbfe5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=010c023685495f4cd907b7bf7d15375edcbe1ead

commit 010c023685495f4cd907b7bf7d15375edcbe1ead
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Jun 6 09:37:07 2014 -0500

    PowerPC: Fix optimized strncat strlen call
    
    This patch fixes the optimized ppc64/power7 strncat strlen call for
    static build without ifunc enabled.  The strlen symbol to call in such
    situation is just strlen, instead of __GI_strlen (since the __GI_
    alias is just created for shared objects).
    
    It is a backport of ed36bfa18faf9be457575568e64b8409e46caa22.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6f0aba1acab171bd853905b66c551336aa0adcf9

commit 6f0aba1acab171bd853905b66c551336aa0adcf9
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Apr 8 17:25:14 2014 -0500

    PowerPC: Fix --disable-multi-arch builds
    
    This patch fixes some powerpc32 and powerpc64 builds with
    --disable-multi-arch option along with different --with-cpu=powerN.
    It cleanups the Implies directories by removing the multiarch
    folder for non multiarch config and also fixing two assembly
    implementations: powerpc64/power7/strncat.S that is calling the
    wrong strlen; and power8/fpu/s_isnan.S that misses the hidden_def and
    weak_alias directives.
    
    It is a backport of de21c33c068c8e39afb5711613a7c083c11ce6a1.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e40df8c4677611afc48601472675593dfd087e4b

commit e40df8c4677611afc48601472675593dfd087e4b
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu May 22 14:48:38 2014 -0500

    PowerPC: Remove 64 bits instructions in PPC32 code
    
    This patch replaces the insrdi by insrwi in powerpc32 assembly.
    
    It is a backport of d298c41635ce7f2dc7c3eccc842fe3aa754c0c8e.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a448439dfffc0878121e0941be9717e05786b1fe

commit a448439dfffc0878121e0941be9717e05786b1fe
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu May 22 07:53:44 2014 -0500

    PowerPC: Fix memchr ifunc hidden symbol for PPC32
    
    This patch fixes a similar issue to
    736c304a1ab4cee36a2f3343f1698bc0abae4608, where for PPC32 if the symbol
    is defined as hidden (memchr) then compiler will create a local branc
    (symbol@local) and the linker will not create a required PLT call to
    make the ifunc work.  It changes the default hidden symbol (__GI_memchr)
    to default memchr symbol for powerpc32 (__memchr_ppc32).
    
    Backport of 3d2badacf185fac740a2992240a817fb2ca325af.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c725f80591aa98c5c0270feb80e857c5943c861a

commit c725f80591aa98c5c0270feb80e857c5943c861a
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon May 19 17:56:55 2014 -0500

    PowerPC: Fix multiarch hypotf PPC64 path
    
    This patch moves the hypotf multiarch implementation to correct path.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1db8c8c873e6112ee4ecddf1eff54f4abaab91a7

commit 1db8c8c873e6112ee4ecddf1eff54f4abaab91a7
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date:   Mon May 5 19:10:45 2014 -0500

    PowerPC: strncpy/stpncpy optimization for PPC64/POWER7
    
    The optimization is achieved by following techniques:
      > data alignment [gain from aligned memory access on read/write]
      > POWER7 gains performance with loop unrolling/unwinding
        [gain by reduction of branch penalty].
      > zero padding done by calling optimized memset

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=08111251bbd7275024d9c945f442f61b06d98910

commit 08111251bbd7275024d9c945f442f61b06d98910
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri May 2 12:00:36 2014 -0500

    PowerPC: ifunc improvement for internal calls
    
    This patch changes de default symbol redirection for internal call of
    memcpy, memset, memchr, and strlen to the IFUNC resolved ones.  The
    performance improvement is noticeable in algorithms that uses these
    symbols extensible, like the regex functions.
    
    This is a backport of 19c4bec0f43599eecc2f32de96ae179cd7d64053.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a8050d789589b73e7908b806d5c929facf76cc6b

commit a8050d789589b73e7908b806d5c929facf76cc6b
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Apr 16 19:33:32 2014 +0930

    Correct IBM long double frexpl.
    
    Besides fixing the bugzilla, this also fixes corner-cases where the high
    and low double differ greatly in magnitude, and handles a denormal
    input without resorting to a fp rescale.
    
    	[BZ #16740]
    	[BZ #16619]
    	* sysdeps/ieee754/ldbl-128ibm/s_frexpl.c (__frexpl): Rewrite.
    	* math/libm-test.inc (frexp_test_data): Add tests.
    
    Backport of aa5f0ff11ad2cc85277c64cf65c723a9664e1149 and
    9860b0450275ad2b69cb9360fd01d5c122a65fc5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=154d4d95f48061d5ab890c85b6015221c1accc6e

commit 154d4d95f48061d5ab890c85b6015221c1accc6e
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Sun Apr 6 14:50:11 2014 -0500

    PowerPC: Fix nearbyint/nearbyintf result for FE_DOWNWARD
    
    This patch fixes the powerpc32 optimized nearbyint/nearbyintf bogus
    results for FE_DOWNWARD rounding mode.  This is due wrong instructions
    sequence used in the rounding calculation (two subtractions instead of
    adition and a subtraction).
    
    Fixes BZ#16815.
    
    Backport of 8bd70862e11023e7f827f240a5a214f847ae982d.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e266b71770050a4d0cb276f4afea1c5b05215184

commit e266b71770050a4d0cb276f4afea1c5b05215184
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Apr 2 13:46:19 2014 +1030

    Correct IBM long double nextafterl.
    
    Fix for values near a power of two, and some tidies.
    
    	[BZ #16739]
    	* sysdeps/ieee754/ldbl-128ibm/s_nextafterl.c (__nextafterl): Correct
    	output when value is near a power of two.  Use int64_t for lx and
    	remove casts.  Use decimal rather than hex exponent constants.
    	Don't use long double multiplication when double will suffice.
    	* math/libm-test.inc (nextafter_test_data): Add tests.
    	* NEWS: Add 16739 and 16786 to bug list.
    
    Backport of b0abbc21034f0e5edc49023d8fda0616173faf17.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b23fc92895aff0ce3d3134a91adaa253bffd187a

commit b23fc92895aff0ce3d3134a91adaa253bffd187a
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Apr 2 13:42:27 2014 +1030

    Correct prefetch hint in power7 memrchr.
    
    Typo fix.
    
    	* sysdeps/powerpc/powerpc64/power7/memrchr.S: Correct stream hint.
    
    Backport of af6b17973cbc07ac06cfb40eeab5cc2391fb489a.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=acd56f757b4e5ab8737b9564bd7a4ad1009acd8d

commit acd56f757b4e5ab8737b9564bd7a4ad1009acd8d
Author: Alan Modra <amodra@gmail.com>
Date:   Wed Apr 2 13:40:21 2014 +1030

    Fix reference to toc symbol.
    
    https://sourceware.org/ml/binutils/2014-03/msg00033.html removes the
    "magic" treatment of symbols defined in a .toc section.
    
    	* sysdeps/powerpc/powerpc64/start.S: Add @toc to toc symbol reference.
    
    Backport of 483818d768ed99a5edf4114298a75ebedaee8d5c.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fd5100c480beef3d36c4bf74b6a23529695d036c

commit fd5100c480beef3d36c4bf74b6a23529695d036c
Author: Alan Modra <amodra@gmail.com>
Date:   Tue Apr 1 14:07:42 2014 +1030

    Fix s_copysign stack temp for PowerPC64 ELFv2
    
    	[BZ #16786]
    	* sysdeps/powerpc/powerpc64/fpu/s_copysign.S: Don't trash stack.
    
    Backport of c859b32e9d76afe8a3f20bb9528961a573c06937.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a51aafa398ed7dd2a0a846c1b2ed8a37909609eb

commit a51aafa398ed7dd2a0a846c1b2ed8a37909609eb
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 31 08:07:55 2014 -0500

    PowerPC: Fix little endian enconding for mfvsrd
    
    This patch fixes the MFVSRD_R3_V1 macro that encodes 'mfvsrd  r3,vs1'
    (to support old binutils) for little endian.
    
    Backport of 757d9dd5c3efa56fac75965abc014faaae7b7895.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=62caa3eed2a154a61a01df3a5f3dde3ff400f4d4

commit 62caa3eed2a154a61a01df3a5f3dde3ff400f4d4
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Mar 20 15:28:07 2014 -0500

    PowerPC: optimized strpbrk for POWER7
    
    This patch add an optimized strpbrk for POWER7 by using a different
    algorithm than default implementation: it constructs a table based on
    the 'accept' argument and use this table to check for any occurance on
    the input string. The idea is similar as x86_64 uses.
    For PowerPC some tunings were added, such as unroll loops and memory
    clear using VSX instructions.
    
    Backport of 6f23d0939e9651d8ac3c77a835fb6464b35a1dc4

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c0afc58657f482f4c31ccade06e7b059e761186c

commit c0afc58657f482f4c31ccade06e7b059e761186c
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Mar 20 11:24:52 2014 -0500

    PowerPC: optimized strcspn for PPC64/POWER7
    
    This patch add a optimized strcspn for POWER7 by using a different
    algorithm than default implementation: it constructs a table based on
    the 'accept' argument and use this table to check for any occurance
    on the input string. The idea is similar as x86_64 uses.
    For PowerPC some tunings were added, such as unroll loops and align
    stack memory to table to 16 bytes (so VSX clean can ran without
    alignment issues).
    
    Backport of 6eaf95cbfa0031ea267682dc2c9c17ed3e3dc167

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ac6d8452be2d582e4a2b14525c839c71b9351991

commit ac6d8452be2d582e4a2b14525c839c71b9351991
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 14 12:49:45 2014 -0500

    PowerPC: remove wrong roundl implementation for PowerPC64
    
    The roundl assembly implementation
    (sysdeps/powerpc/powerpc64/fpu/s_roundl.S)
    returns wrong results for some inputs where first double is a exact
    integer and the precision is determined by second long double.
    
    Checking on implementation comments and history, I am very confident the
    assembly implementation was based on a version before commit
    5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
    long double (ldbl-128ibm) rounding functions in glibc-2.4).
    
    By just removing the implementation and make the build select
    sysdeps/ieee754/ldbl-128ibm/s_roundl.c instead fixes the failing math.
    
    This fixes 16707.
    
    Backport of c7de50250367167d8c9f35594b264f6a0af8dd0c

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c5ac422010eb6b384c3b4e45ab0049172f0ad688

commit c5ac422010eb6b384c3b4e45ab0049172f0ad688
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 14 12:27:52 2014 -0500

    PowerPC: remove wrong nearbyintl implementation for PPC64
    
    The nearbyintl assembly implementation
    (sysdeps/powerpc/powerpc64/fpu/s_nearbyintl.S)
    returns wrong results for some inputs where first double is a exact
    integer and the precision is determined by second long double.
    
    Checking on implementation comments and history, I am very confident the
    assembly implementation was based on a version before commit
    5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
    long double (ldbl-128ibm) rounding functions in glibc-2.4).
    
    By just removing the implementation and make the build select
    sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c instead fixes the failing
    math.
    
    Fixes BZ#16706.
    
    Backport of 98fb27a373f37554232e0060eef1a5bb00a07eb0

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7986a2d12b7ea0653f0366200c703a3905edffd9

commit 7986a2d12b7ea0653f0366200c703a3905edffd9
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 14 07:35:43 2014 -0500

    PowerPC: remove wrong ceill implementation for PowerPC64
    
    The ceill assembly implementation (sysdeps/powerpc/powerpc64/fpu/s_ceill.S)
    returns wrong results for some inputs where first double is a exact
    integer and the precision is determined by second long double.
    
    Checking on implementation comments and history, I am very confident the
    assembly implementation was based on a version before commit
    5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
    long double (ldbl-128ibm) rounding functions in glibc-2.4).
    
    By just removing the implementation and make the build select
    sysdeps/ieee754/ldbl-128ibm/s_ceill.c instead fixes the failing math.
    
    Fixes BZ#16701.
    
    Backport of 374f7f61214967bb4e2257695aeeeecc2a77f369

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a56198dbb21767bde0003d3062d5ec7a8e1279f1

commit a56198dbb21767bde0003d3062d5ec7a8e1279f1
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 14 12:15:40 2014 -0500

    Add truncl tests related to BZ#16414
    
    Backport of 4655c291d1808c35b7c54236ae62be7a3aaa0a2d

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a52b3f7e4c4de8705370adda4b390293780dc768

commit a52b3f7e4c4de8705370adda4b390293780dc768
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Mar 12 08:55:50 2014 -0500

    PowerPC: Fix bzero definition for static libc for PPC32
    
    This patch fixes an issue for powerpc32-fpu static build which fails
    with an 'bzero' undefined reference. This patch adds bzero ifunc selector
    for static builds and fixes the '__bzero_ppc' reference to default
    memset symbol (since static memset build does not provide ifunc
    selector).
    
    Fixes BZ#16689.
    
    Backport of dd3946c615184e1957a0cb09352cac72be5d6d5b.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=09e09c2872ab52c8a42b907105343520019ca1d1

commit 09e09c2872ab52c8a42b907105343520019ca1d1
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Mar 11 16:17:50 2014 -0500

    PowerPC: Fix strspn for static build
    
    This patch makes the strspn ifunc selector build for static builds.
    
    This is a backport of 27c7220a483bda576533aa9a0a9b42175644b1a1

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f510d35c58d16c32ce988d053c9a525b8e38fe47

commit f510d35c58d16c32ce988d053c9a525b8e38fe47
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 10 15:26:20 2014 -0500

    PowerPC: Fix bzero definition for static libc for PPC64
    
    This patch fixes an issue for powerpc64[le] static build where __bzero
    is definied in multiple places (memset-ppc64.o and bzero.o). It is now
    defined only in bzero.o and memset-ppc64.o only defined __bzero_ppc for
    both dynamic and static library.
    
    Fixes BZ#16683.
    
    Backport of 4facea473059914983b7da8dd654c06b8e3dcc41

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=afd75351c2f3cae4a2daf88c50faad889e3a0f2b

commit afd75351c2f3cae4a2daf88c50faad889e3a0f2b
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date:   Mon Mar 10 12:20:36 2014 -0400

    PowerPC: strspn optimization for PPC64/POWER7
    
    The optimization is achieved by following techniques:
      > hashing of needle.
      > hashing avoids scanning of duplicate entries in needle across the string.
      > initializing the hash table with Vector instructions (VSX) by quadword access.
      > unrolling when scanning for character in string across hash table.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e5829d82c88117c9f4752cedfefc8516cb9ffdf7

commit e5829d82c88117c9f4752cedfefc8516cb9ffdf7
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Mar 7 06:09:47 2014 -0600

    PowerPC: strncat optimization for PPC64
    
    The optimization is achieved by following techniques:
    1. Doubleword aligned memory access and compares using
       cmpb instruction.
    2. Loop unrolling for byte load/store.
    3. CPU pre-fetch to avoid cache miss.
    
    Backport of ba9cc0714e58a9e8fa73cf6b0e205cbf1e6b71f2

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e032058ea756e396c4ed1395a44d8b321e370b2f

commit e032058ea756e396c4ed1395a44d8b321e370b2f
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date:   Mon Mar 3 08:06:41 2014 -0600

    PowerPC: strrchr optimization for POWER7/PPC64
    
    This patch optimizes strrchr() for ppc64. It uses aligned memory
    access along with cmpb instruction and CPU prefetch to avoid
    cache misses for speed improvement.
    
    Backport of c7debbdfacbef150aaf9113eb05ccaf2b9e7af6c

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=54dd35c59cda5f59c2f3ae783468da4b94f30dff

commit 54dd35c59cda5f59c2f3ae783468da4b94f30dff
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Feb 17 10:44:08 2014 -0600

    PowerPC: llround/llroundf POWER8 optimization
    
    This patch add a optimized llround/llroundf implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport fe13a20c37578f08ce393ccaeb45caeb48815ca5

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b34f8e9fcd1274e69a9a59a28c270e2cada39c95

commit b34f8e9fcd1274e69a9a59a28c270e2cada39c95
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Feb 18 09:29:29 2014 -0500

    PowerPC: llrint/llrintf POWER8 optimization
    
    This patch add a optimized llrint/llrintf implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport of 1ad8950a3ea4056ed343d681b5146f4b4aa27e10

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c3241bcd73c47d2bcd2a5ffe84a21d4853c8c938

commit c3241bcd73c47d2bcd2a5ffe84a21d4853c8c938
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Feb 27 09:46:46 2014 -0600

    PowerPC: Optimized finite/finitef for POWER8
    
    This patch add a optimized finite/finitef implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport of cac626d60a863e48ab75417064984769e58c5719.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1cd3b05dda2dab30cb7658193cb1af8f594f52f3

commit 1cd3b05dda2dab30cb7658193cb1af8f594f52f3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Feb 27 09:45:41 2014 -0600

    PowerPC: Optimized isinf/isinff for POWER8
    
    This patch add a optimized isinf/isinff implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport of 4393fc119c34e97519b9b7a4fc94066b283be452

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=65c8daedb68b74eae860f91dca226215cd80e348

commit 65c8daedb68b74eae860f91dca226215cd80e348
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Feb 27 09:43:51 2014 -0600

    PowerPC: Optimized isnan/isnanf for POWER8
    
    This patch add a optimized isnan/isnanf implementation for POWER8
    using the new Move From VSR Doubleword instruction to gains some
    cycles from FP to GRP register move.
    
    Backport of 487972aea52004f604c2878c8c9d3e77670f2c32

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=55e71ccf31c29a7839344f03e0a7437ea0f5f211

commit 55e71ccf31c29a7839344f03e0a7437ea0f5f211
Author: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
Date:   Fri Nov 15 07:44:20 2013 -0600

    Partially revert commit 2663b74f8103a2a8a46b4896439b7a452480fc7c
    
    This change is necessary in order to avoid the issue documented at
    http://sourceware.org/ml/libc-alpha/2013-05/msg00350.html.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fbed4f13980bf4ebd7df59b0e52bd2a16875f0db

commit fbed4f13980bf4ebd7df59b0e52bd2a16875f0db
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Nov 15 07:42:33 2013 -0600

    Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.

-----------------------------------------------------------------------
Comment 12 Sourceware Commits 2015-02-23 15:02:17 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, ibm/2.16/master has been created
        at  627eabb20f2b70faa3698e2c0124094c6d51af8e (commit)

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=627eabb20f2b70faa3698e2c0124094c6d51af8e

commit 627eabb20f2b70faa3698e2c0124094c6d51af8e
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date:   Fri Feb 6 00:30:42 2015 -0500

    CVE-2015-1472: wscanf allocates too little memory
    
    BZ #16618
    
    Under certain conditions wscanf can allocate too little memory for the
    to-be-scanned arguments and overflow the allocated buffer.  The
    implementation now correctly computes the required buffer size when
    using malloc.
    
    A regression test was added to tst-sscanf.
    
    Conflicts:
    	ChangeLog
    	NEWS
    	stdio-common/tst-sscanf.c

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ec36394743c15fedca294219f2254b180c4e327c

commit ec36394743c15fedca294219f2254b180c4e327c
Author: Andreas Schwab <schwab@suse.de>
Date:   Mon Jan 21 17:41:28 2013 +0100

    Fix parsing of numeric hosts in gethostbyname_r
    
    Conflicts:
    	ChangeLog
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=20ac5d44837b82c064dfabd3646ec1f4f6826263

commit 20ac5d44837b82c064dfabd3646ec1f4f6826263
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon Nov 19 13:01:43 2012 +0530

    Return EAI_SYSTEM if we're out of file descriptors
    
    Resolves BZ #14719.
    
    Conflicts:
    	ChangeLog
    	NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dfc25d72984eb5a3354e104612d0ca0129af3f98

commit dfc25d72984eb5a3354e104612d0ca0129af3f98
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Sep 25 13:43:04 2013 -0500

    PowerPC: Fix POINTER_CHK_GUARD thread register for PPC64

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1442655ba419867ce1a045a97cdd7904ac1ad516

commit 1442655ba419867ce1a045a97cdd7904ac1ad516
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Jan 20 12:29:51 2014 -0600

    PowerPC: Fix gettimeofday ifunc selection
    
    The IFUNC selector for gettimeofday runs before _libc_vdso_platform_setup where
    __vdso_gettimeofday is set. The selector then sets __gettimeofday (the internal
    version used within GLIBC) to use the system call version instead of the vDSO one.
    This patch changes the check if vDSO is available to get its value directly
    instead of rely on __vdso_gettimeofday.
    
    This patch changes it by getting the vDSO value directly.
    
    It fixes BZ#16431.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1bdb6daceb10307543599df3b118afd2109d2ec8

commit 1bdb6daceb10307543599df3b118afd2109d2ec8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Jan 16 06:53:18 2014 -0600

    PowerPC: Fix ftime gettimeofday internal call returning bogus data
    
    This patches fixes BZ#16430 by setting a different symbol for internal
    GLIBC calls that points to ifunc resolvers. For PPC32, if the symbol
    is defined as hidden (which is the case for gettimeofday and time) the
    compiler will create local branches (symbol@local) and linker will not
    create PLT calls (required for IFUNC). This will leads to internal symbol
    calling the IFUNC resolver instead of the resolved symbol.
    For PPC64 this behavior does not occur because a call to a function in
    another translation unit might use a different toc pointer thus requiring
    a PLT call.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e3008132765936162552b15a77fe348c01074310

commit e3008132765936162552b15a77fe348c01074310
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Thu Nov 7 05:34:22 2013 -0600

    PowerPC: Fix vDSO missing ODP entries
    
    This patch fixes the vDSO symbol used directed in IFUNC resolver where
    they do not have an associated ODP entry leading to undefined behavior
    in some cases. It adds an artificial OPD static entry to such cases
    and set its TOC to non 0 to avoid triggering lazy resolutions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6ff69e1eb81719ee907642f615cef889d5bf8b2c

commit 6ff69e1eb81719ee907642f615cef889d5bf8b2c
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Wed Nov 19 11:44:12 2014 -0500

    CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
    
    The function wordexp() fails to properly handle the WRDE_NOCMD
    flag when processing arithmetic inputs in the form of "$((... ``))"
    where "..." can be anything valid. The backticks in the arithmetic
    epxression are evaluated by in a shell even if WRDE_NOCMD forbade
    command substitution. This allows an attacker to attempt to pass
    dangerous commands via constructs of the above form, and bypass
    the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
    in exec_comm(), the only place that can execute a shell. All other
    checks for WRDE_NOCMD are superfluous and removed.
    
    We expand the testsuite and add 3 new regression tests of roughly
    the same form but with a couple of nested levels.
    
    On top of the 3 new tests we add fork validation to the WRDE_NOCMD
    testing. If any forks are detected during the execution of a wordexp()
    call with WRDE_NOCMD, the test is marked as failed. This is slightly
    heuristic since vfork might be used in the future, but it provides a
    higher level of assurance that no shells were executed as part of
    command substitution with WRDE_NOCMD in effect. In addition it doesn't
    require libpthread or libdl, instead we use the public implementation
    namespace function __register_atfork (already part of the public ABI
    for libpthread).
    
    Tested on x86_64 with no regressions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3ded3d365f0237e92e8af90c878b233f265d7b4a

commit 3ded3d365f0237e92e8af90c878b233f265d7b4a
Author: Allan McRae <allan@archlinux.org>
Date:   Thu Dec 18 11:01:43 2014 +1000

    Label CVE-2014-9402 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c7093fd0fedd8a0b4ed5b01347e3798219ba22ec

commit c7093fd0fedd8a0b4ed5b01347e3798219ba22ec
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Dec 15 17:41:13 2014 +0100

    Avoid infinite loop in nss_dns getnetbyname [BZ #17630]

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c9b43ec3890d5c750a5127a543a55cd94aa73c94

commit c9b43ec3890d5c750a5127a543a55cd94aa73c94
Author: Jeff Law <law@redhat.com>
Date:   Mon Dec 15 10:09:32 2014 +0100

    CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
    
    A larger number of format specifiers coudld cause a stack overflow,
    potentially allowing to bypass _FORTIFY_SOURCE format string
    protection.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3b6ac4b1093333f364698ca3bb812c80b11c2f77

commit 3b6ac4b1093333f364698ca3bb812c80b11c2f77
Author: Allan McRae <allan@archlinux.org>
Date:   Sat Jun 21 17:23:55 2014 +1000

    Mention CVE-2014-4043 in NEWS

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f7865ec21e8ad32929509796497fa3b44c3ef826

commit f7865ec21e8ad32929509796497fa3b44c3ef826
Author: Florian Weimer <fweimer@redhat.com>
Date:   Thu Jan 15 15:16:54 2015 -0500

    posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
    
    POSIX requires that we make a copy, so we allocate a new string
    and free it in posix_spawn_file_actions_destroy.
    
    Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz.  This bug
    may have security implications.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c7a91d241b095855e06e0bd00287968df2f6d87e

commit c7a91d241b095855e06e0bd00287968df2f6d87e
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon May 12 15:24:12 2014 +0200

    _nl_find_locale: Improve handling of crafted locale names [BZ #17137]
    
    Prevent directory traversal in locale-related environment variables
    (CVE-2014-0475).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=588b214bc7fa3e54d6b679ed4b755e6d1310e61d

commit 588b214bc7fa3e54d6b679ed4b755e6d1310e61d
Author: Florian Weimer <fweimer@redhat.com>
Date:   Tue Aug 26 19:38:59 2014 +0200

    __gconv_translit_find: Disable function [BZ #17187]
    
    This functionality has never worked correctly, and the implementation
    contained a security vulnerability (CVE-2014-5119).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bd51e93f9305e37aa17e08dbdb86a2e146c09eff

commit bd51e93f9305e37aa17e08dbdb86a2e146c09eff
Author: Florian Weimer <fweimer@redhat.com>
Date:   Wed Sep 3 19:45:43 2014 +0200

    CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
    
    These changes are based on the fix for BZ #14134 in commit
    6e230d11837f3ae7b375ea69d7905f0d18eb79e5.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=97ef0b2223e10fe3053494defd8a008d7dd9d6d8

commit 97ef0b2223e10fe3053494defd8a008d7dd9d6d8
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Sep 13 09:26:02 2013 +0100

    Add CVE-2013-4332 to NEWS.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733

commit ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Aug 16 12:54:29 2013 +0100

    malloc: Check for integer overflow in memalign.
    
    A large bytes parameter to memalign could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15857]
    	* malloc/malloc.c (__libc_memalign): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f1292792799a507711ce24b497e40f8fea8f9c9c

commit f1292792799a507711ce24b497e40f8fea8f9c9c
Author: Will Newton <will.newton@linaro.org>
Date:   Fri Aug 16 11:59:37 2013 +0100

    malloc: Check for integer overflow in valloc.
    
    A large bytes parameter to valloc could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15856]
    	* malloc/malloc.c (__libc_valloc): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b1e934aed5170eb8948e0f3c6618c9431d6810ad

commit b1e934aed5170eb8948e0f3c6618c9431d6810ad
Author: Will Newton <will.newton@linaro.org>
Date:   Mon Aug 12 15:08:02 2013 +0100

    malloc: Check for integer overflow in pvalloc.
    
    A large bytes parameter to pvalloc could cause an integer overflow
    and corrupt allocator internals. Check the overflow does not occur
    before continuing with the allocation.
    
    ChangeLog:
    
    2013-09-11  Will Newton  <will.newton@linaro.org>
    
    	[BZ #15855]
    	* malloc/malloc.c (__libc_pvalloc): Check the value of bytes
    	does not overflow.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bcd619797e785f90cc9fd67208267c26c8e4b40d

commit bcd619797e785f90cc9fd67208267c26c8e4b40d
Author: Florian Weimer <fweimer@redhat.com>
Date:   Fri Aug 16 09:38:52 2013 +0200

    CVE-2013-4237, BZ #14699: Buffer overflow in readdir_r
    
    	* sysdeps/posix/dirstream.h (struct __dirstream): Add errcode
    	member.
    	* sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode
    	member.
    	* sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member.
    	* sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit.
    	Return delayed error code.  Remove GETDENTS_64BIT_ALIGNED
    	conditional.
    	* sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define
    	GETDENTS_64BIT_ALIGNED.
    	* sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise.
    	* manual/filesys.texi (Reading/Closing Directory): Document
    	ENAMETOOLONG return value of readdir_r.  Recommend readdir more
    	strongly.
    	* manual/conf.texi (Limits for Files): Add portability note to
    	NAME_MAX, PATH_MAX.
    	(Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6fd8e941423354e6c7a951d37a60d2f1424d568e

commit 6fd8e941423354e6c7a951d37a60d2f1424d568e
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Mon Sep 23 00:52:09 2013 -0400

    BZ #15754: CVE-2013-4788
    
    The pointer guard used for pointer mangling was not initialized for
    static applications resulting in the security feature being disabled.
    The pointer guard is now correctly initialized to a random value for
    static applications. Existing static applications need to be
    recompiled to take advantage of the fix.
    
    The test tst-ptrguard1-static and tst-ptrguard1 add regression
    coverage to ensure the pointer guards are sufficiently random
    and initialized to a default value.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a243b1a0797180e142d525d1325a173c758c3714

commit a243b1a0797180e142d525d1325a173c758c3714
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon Sep 23 11:24:30 2013 +0530

    Check for integer overflow in cache size computation in strcoll
    
    strcoll is implemented using a cache for indices and weights of
    collation sequences in the strings so that subsequent passes do not
    have to search through collation data again.  For very large string
    inputs, the cache size computation could overflow.  In such a case,
    use the fallback function that does not cache indices and weights of
    collation sequences.
    
    Fixes CVE-2012-4412.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c1132021659d22753104762a074d6339ae6cbd01

commit c1132021659d22753104762a074d6339ae6cbd01
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Mon Sep 23 11:20:02 2013 +0530

    Fall back to non-cached sequence traversal and comparison on malloc fail
    
    strcoll currently falls back to alloca if malloc fails, resulting in a
    possible stack overflow.  This patch implements sequence traversal and
    comparison without caching indices and rules.
    
    Fixes CVE-2012-4424.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2dc811b78adc97b5f5d951716df30053a24da1a1

commit 2dc811b78adc97b5f5d951716df30053a24da1a1
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Tue Aug 20 08:40:05 2013 +0530

    Simplify strcoll implementation
    
    Break up strcoll into simpler functions so that the logic is easier to
    follow and maintain.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9b951f59aa3c2f2d58d398aab146951216f9ff8d

commit 9b951f59aa3c2f2d58d398aab146951216f9ff8d
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date:   Fri Oct 25 10:22:12 2013 +0530

    Fix stack overflow due to large AF_INET6 requests
    
    Resolves #16072 (CVE-2013-4458).
    
    This patch fixes another stack overflow in getaddrinfo when it is
    called with AF_INET6.  The AF_UNSPEC case was fixed as CVE-2013-1914,
    but the AF_INET6 case went undetected back then.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=302c61e2d3536a6ff99d518499771afd6a951b0c

commit 302c61e2d3536a6ff99d518499771afd6a951b0c
Author: Andreas Schwab <schwab@suse.de>
Date:   Tue Jan 29 14:45:15 2013 +0100

    Fix buffer overrun in regexp matcher

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b7e0492e183efc24e5658c860ca5711e00524dd7

commit b7e0492e183efc24e5658c860ca5711e00524dd7
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Fri Jul 19 02:42:03 2013 -0400

    CVE-2013-2207, BZ #15755: Disable pt_chown.
    
    The helper binary pt_chown tricked into granting access to another
    user's pseudo-terminal.
    
    Pre-conditions for the attack:
    
     * Attacker with local user account
     * Kernel with FUSE support
     * "user_allow_other" in /etc/fuse.conf
     * Victim with allocated slave in /dev/pts
    
    Using the setuid installed pt_chown and a weak check on whether a file
    descriptor is a tty, an attacker could fake a pty check using FUSE and
    trick pt_chown to grant ownership of a pty descriptor that the current
    user does not own.  It cannot access /dev/pts/ptmx however.
    
    In most modern distributions pt_chown is not needed because devpts
    is enabled by default. The fix for this CVE is to disable building
    and using pt_chown by default. We still provide a configure option
    to enable hte use of pt_chown but distributions do so at their own
    risk.
    
    Cherry-pick of e4608715e6e1dd2adc91982fd151d5ba4f761d69.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=02a002fe9c0b65532643a88b01253e95ba8ba8c6

commit 02a002fe9c0b65532643a88b01253e95ba8ba8c6
Author: Jeff Law <law@redhat.com>
Date:   Wed Nov 28 14:12:28 2012 -0700

           [BZ #14889]
            * sunrpc/rpc/svc.h (__svc_accept_failed): New prototype.
            * sunrpc/svc.c: Include time.h.
            (__svc_accept_failed): New function.
            * sunrpc/svc_tcp.c (rendezvous_request): If the accept fails for
            any reason other than EINTR, call __svc_accept_failed.
            * sunrpc/svc_udp.c (svcudp_recv): Similarly.
            * sunrpc/svc_unix.c (rendezvous_request): Similarly.
    
    Cherry-pick of 14bc93a967e62abf8cf2704725b6f76619399f83

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3b498440aac70e994f32f45a31102964313af690

commit 3b498440aac70e994f32f45a31102964313af690
Author: Andreas Schwab <schwab@suse.de>
Date:   Wed Nov 28 10:24:06 2012 +0100

    Properly handle indirect functions in ABI check on powerpc64

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8282b7f2aa6380e8a91515f748d4693d8151fc4f

commit 8282b7f2aa6380e8a91515f748d4693d8151fc4f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Apr 26 13:00:56 2013 -0500

    PowerPC: modf optimization fix
    
    This patch fix the 3c0265394d9ffedff2b0de508602dc52e077ce5c commits
    by correctly setting minimum architecture for modf PPC optimization
    to power5+ instead of power5 (since only on power5+ round/ceil will
    be inline to inline assembly).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=17e599d2613c2a2e4cb6d5c3f9d5f626879aa63f

commit 17e599d2613c2a2e4cb6d5c3f9d5f626879aa63f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 25 16:10:06 2013 -0500

    PowerPC: modf optimization
    
    This patch implements modf/modff optimization for POWER by focus
    on FP operations instead of relying in integer ones.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=60dc6d12c5c61b05013cb15f63349dd3d343f26d

commit 60dc6d12c5c61b05013cb15f63349dd3d343f26d
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Mar 13 10:46:08 2013 -0300

    PowerPC: Change sched_getcpu to use vDSO getcpu instead of syscall.
    
    Backport of d5e0b9bd6e296f3ec5263fa296d39f3fed9b8fa2.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cc328ae264f5b97d2811a95d84112bb1c6c7cae3

commit cc328ae264f5b97d2811a95d84112bb1c6c7cae3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Mar 4 22:02:41 2013 -0300

    PowerPC: gettimeofday optimization by using IFUNC

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=36016f626e72f5d1cb6107deeab29768d82ff7e3

commit 36016f626e72f5d1cb6107deeab29768d82ff7e3
Merge: 4e1f97c 043c748
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Mar 1 16:20:18 2013 -0600

    Merge remote branch 'remotes/origin/release/2.16/master' into local_ibm_2.16

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4e1f97ccdcc257eba262667f7a3179a7d530330d

commit 4e1f97ccdcc257eba262667f7a3179a7d530330d
Author: Mike Frysinger <vapier@gentoo.org>
Date:   Wed Nov 28 23:04:32 2012 -0500

    byteswap.h: fix gcc ver test for __builtin_bswap{32,64}
    
    The __builtin_bswap* functions were introduced in gcc-4.3, not gcc-4.2.
    Fix the __GNUC_PREREQ tests to reflect this.
    
    Otherwise trying to compile code with gcc-4.2 falls down:
    In file included from /usr/include/endian.h:60,
                     from /usr/include/ctype.h:40,
    /usr/include/bits/byteswap.h: In function 'unsigned int __bswap_32(unsigned int)':
    /usr/include/bits/byteswap.h:46: error: '__builtin_bswap32' was not declared in this scope
    /usr/include/bits/byteswap.h: In function 'long long unsigned int __bswap_64(long long unsigned int)':
    /usr/include/bits/byteswap.h:110: error: '__builtin_bswap64' was not declared in this scope
    
    Signed-off-by: Mike Frysinger <vapier@gentoo.org>
    (cherry picked from commit c9d6789ebe028a260d3e5be0c26b7d02fdfe99fe)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=025b233a88a30f5f0474ff2c6051313eb33e5689

commit 025b233a88a30f5f0474ff2c6051313eb33e5689
Author: Joseph Myers <joseph@codesourcery.com>
Date:   Tue Nov 20 00:04:45 2012 +0000

    Fix __bswap_64 return type in generic bits/byteswap.h.
    (cherry picked from commit ecd4caf9783c99fb068a100c35899a0c3a3c6d98)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2c739e2cffb65d80787cfa861f9f6c62de327ad6

commit 2c739e2cffb65d80787cfa861f9f6c62de327ad6
Author: H.J. Lu <hjl.tools@gmail.com>
Date:   Fri Oct 12 09:21:47 2012 -0700

    Use __uint64_t in x86 __bswap_64
    (cherry picked from commit d394eb742a3565d7fe7a4b02710a60b5f219ee64)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a24f8ac8e65b451efc81839dd653d0a0e95a23ab

commit a24f8ac8e65b451efc81839dd653d0a0e95a23ab
Author: Andreas Schwab <schwab@linux-m68k.org>
Date:   Tue May 1 17:10:10 2012 +0200

    Fix missing _mcount@GLIBC_2.0 on powerpc32
    (cherry picked from commit 261f485936b283f4327fc1f2fc8fd1705d805c12)

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=94464655b576985fdd5f66f7f6126ee1f92a41cc

commit 94464655b576985fdd5f66f7f6126ee1f92a41cc
Author: Peter Bergner <bergner@vnet.ibm.com>
Date:   Fri Jul 6 13:24:49 2012 -0500

    Add AT_PLATFORM env variable to ld.so to override auxv AT_PLATFORM.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d846920271a0f4dc54c0dbbd56998228e75e776c

commit d846920271a0f4dc54c0dbbd56998228e75e776c
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Jul 6 13:03:09 2012 -0500

    Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.

-----------------------------------------------------------------------