[Buildroot] [PATCH] glibc: bump version for post-2.28 security fixes
Peter Korsgaard
peter at korsgaard.com
Fri Nov 30 09:05:57 UTC 2018
Fixes the following security vulnerability:
CVE-2018-19591: A file descriptor leak in if_nametoindex can lead to a
denial of service due to resource exhaustion when processing getaddrinfo
calls with crafted host names. Reported by Guido Vranken.
Adhemerval Zanella (2):
Fix misreported errno on preadv2/pwritev2 (BZ#23579)
x86: Fix Haswell CPU string flags (BZ#23709)
Alexandra Hájková (1):
Add an additional test to resolv/tst-resolv-network.c
Andreas Schwab (2):
Fix stack overflow in tst-setcontext9 (bug 23717)
libanl: properly cleanup if first helper thread creation failed (bug 22927)
DJ Delorie (2):
malloc: tcache double free check
malloc: tcache double free check
Florian Weimer (9):
conform: XFAIL siginfo_t si_band test on sparc64
stdlib/test-bz22786: Avoid spurious test failures using alias mappings
stdlib/test-bz22786: Avoid memory leaks in the test itself
support_blob_repeat: Call mkstemp directory for the backing file
stdlib/tst-strtod-overflow: Switch to support_blob_repeat
nscd: Fix use-after-free in addgetnetgrentX [BZ #23520]
support: Print timestamps in timeout handler
Revert "malloc: tcache double free check" [BZ #23907]
CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]
H.J. Lu (2):
i386: Use _dl_runtime_[resolve|profile]_shstk for SHSTK [BZ #23716]
Check multiple NT_GNU_PROPERTY_TYPE_0 notes [BZ #23509]
Ilya Yu. Malakhov (1):
signal: Use correct type for si_band in siginfo_t [BZ #23562]
Istvan Kurucsai (1):
malloc: Additional checks for unsorted bin integrity I.
Joseph Myers (2):
Update syscall-names.list for Linux 4.18.
Update kernel version in syscall-names.list to 4.19.
Moritz Eckert (1):
malloc: Mitigate null-byte overflow attacks
Paul Eggert (1):
Fix tzfile low-memory assertion failure
Paul Pluzhnikov (2):
Fix BZ#23400 (creating temporary files in source tree), and undefined behavior in test.
[BZ #20271] Add newlines in __libc_fatal calls.
Pochang Chen (1):
malloc: Verify size of top chunk.
Rafal Luzynski (1):
kl_GL: Fix spelling of Sunday, should be "sapaat" (bug 20209).
Stefan Liebler (2):
Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP [BZ #23275]
Test stdlib/test-bz22786 exits now with unsupported if malloc fails.
Szabolcs Nagy (2):
i64: fix missing exp2f, log2f and powf symbols in libm.a [BZ #23822]
Increase timeout of libio/tst-readline
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
.../0001-sysdeps-ieee754-soft-fp-ignore-maybe-uninitialized-w.patch | 0
.../glibc.hash | 2 +-
package/glibc/glibc.mk | 2 +-
3 files changed, 2 insertions(+), 2 deletions(-)
rename package/glibc/{glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab => glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa}/0001-sysdeps-ieee754-soft-fp-ignore-maybe-uninitialized-w.patch (100%)
rename package/glibc/{glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab => glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa}/glibc.hash (69%)
diff --git a/package/glibc/glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab/0001-sysdeps-ieee754-soft-fp-ignore-maybe-uninitialized-w.patch b/package/glibc/glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa/0001-sysdeps-ieee754-soft-fp-ignore-maybe-uninitialized-w.patch
similarity index 100%
rename from package/glibc/glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab/0001-sysdeps-ieee754-soft-fp-ignore-maybe-uninitialized-w.patch
rename to package/glibc/glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa/0001-sysdeps-ieee754-soft-fp-ignore-maybe-uninitialized-w.patch
diff --git a/package/glibc/glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab/glibc.hash b/package/glibc/glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa/glibc.hash
similarity index 69%
rename from package/glibc/glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab/glibc.hash
rename to package/glibc/glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa/glibc.hash
index a95c990c99..7429ab3809 100644
--- a/package/glibc/glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab/glibc.hash
+++ b/package/glibc/glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa/glibc.hash
@@ -1,5 +1,5 @@
# Locally calculated (fetched from Github)
-sha256 6e88cea4002efa7f78d86ea5e98eb92ed423d5a35068751517c4f00f56b8666c glibc-glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab.tar.gz
+sha256 b070f746f932cfce107bb9be2d59ded5b44b25ddafb480c9110c52b88cc2dec1 glibc-glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa.tar.gz
# Hashes for license files
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
diff --git a/package/glibc/glibc.mk b/package/glibc/glibc.mk
index 762c040688..88178d7eb9 100644
--- a/package/glibc/glibc.mk
+++ b/package/glibc/glibc.mk
@@ -10,7 +10,7 @@ GLIBC_SITE = $(call github,foss-for-synopsys-dwc-arc-processors,glibc,$(GLIBC_VE
else
# Generate version string using:
# git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master
-GLIBC_VERSION = glibc-2.28-18-g2339d6a55eb7a7e040ae888e906adc49eeb59eab
+GLIBC_VERSION = glibc-2.28-50-gb8dd0f42780a3133c02f064a2c0c5c4e7ab61aaa
# Upstream doesn't officially provide an https download link.
# There is one (https://sourceware.org/git/glibc.git) but it's not reliable,
# sometimes the connection times out. So use an unofficial github mirror.
--
2.11.0
More information about the buildroot
mailing list