[Buildroot] [PATCH-2018.02.x] glibc: bump version for post-2.26 security fixes

Peter Korsgaard peter at korsgaard.com
Mon Dec 3 22:27:07 UTC 2018


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security vulnerability:
 >   CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
 >   denial of service due to resource exhaustion when processing getaddrinfo
 >   calls with crafted host names.  Reported by Guido Vranken.

 > Adhemerval Zanella (2):
 >       Fix misreported errno on preadv2/pwritev2 (BZ#23579)
 >       x86: Fix Haswell CPU string flags (BZ#23709)

 > Alexandra Hájková (1):
 >       Add an additional test to resolv/tst-resolv-network.c

 > Andreas Schwab (1):
 >       libanl: properly cleanup if first helper thread creation failed (bug 22927)

 > Florian Weimer (3):
 >       preadv2/pwritev2: Handle offset == -1 [BZ #22753]
 >       conform: XFAIL siginfo_t si_band test on sparc64
 >       CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]

 > Ilya Yu. Malakhov (1):
 >       signal: Use correct type for si_band in siginfo_t [BZ #23562]

 > Martin Kuchta (1):
 >       pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]

 > Stefan Liebler (2):
 >       Fix segfault in maybe_script_execute.
 >       Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP [BZ #23275]

 > Szabolcs Nagy (1):
 >       i64: fix missing exp2f, log2f and powf symbols in libm.a [BZ #23822]

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2018.02.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list