glibc: Update to latest on stable 2.35 branch

Adresses CVEs: CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602 Changes: 54a666dc5c elf: Disable some subtests of ifuncmain1, ifuncmain5 for !PIE 3a38600cc7 malloc: Exit early on test failure in tst-realloc 924a98402a nscd: Use time_t for return type of addgetnetgrentX 396f065496 login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701) 77d8f49058 login: Check default sizes of structs utmp, utmpx, lastlog 8e7f0eba01 sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574) 55771aba9d elf: Also compile dl-misc.os with $(rtld-early-cflags) 7a5864cac6 CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680) bafadc589f CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678) 4370bef52b CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678) 7a95873543 CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677) Since glibc introduced file sysdeps/arm/bits/wordsize.h our multilib patch needed to be updated. (From OE-Core rev: 10b57ae56e6205414a44531728f691fda59a16c7) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
2026-04-26 00:32:12 +02:00 · 2024-05-04 21:05:17 +02:00
parent bb39884146
commit 3b038cab56
3 changed files with 41 additions and 30 deletions
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.35/master"
 PV = "2.35"
-SRCREV_glibc ?= "36280d1ce5e245aabefb877fe4d3c6cff95dabfa"
+SRCREV_glibc ?= "54a666dc5c94897dab63856ba264ab2c53503303"
 SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87"

 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
--- a/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
+++ b/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch
@@ -11,16 +11,15 @@ Upstream-Status: Inappropriate [ OE-Specific ]

 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 ---
- sysdeps/aarch64/bits/wordsize.h          |  8 ++++++--
- sysdeps/{aarch64 => arm}/bits/wordsize.h | 10 +++++++---
- 2 files changed, 13 insertions(+), 5 deletions(-)
- copy sysdeps/{aarch64 => arm}/bits/wordsize.h (80%)
+ sysdeps/aarch64/bits/wordsize.h | 11 +++++++++--
+ sysdeps/arm/bits/wordsize.h     | 16 +++++++++++++++-
+ 2 files changed, 24 insertions(+), 3 deletions(-)

 diff --git a/sysdeps/aarch64/bits/wordsize.h b/sysdeps/aarch64/bits/wordsize.h
-index 4635431f0e..5ef0ed21f3 100644
+index 4635431f0e..1639bcb063 100644
 --- a/sysdeps/aarch64/bits/wordsize.h
 +++ b/sysdeps/aarch64/bits/wordsize.h
-@@ -17,12 +17,16 @@
+@@ -17,12 +17,19 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
@@ -33,38 +32,47 @@ index 4635431f0e..5ef0ed21f3 100644
 # define __WORDSIZE32_SIZE_ULONG	1
 # define __WORDSIZE32_PTRDIFF_LONG	1
 +#else
-+# define __WORDSIZE			32
-+# define __WORDSIZE32_SIZE_ULONG	0
-+# define __WORDSIZE32_PTRDIFF_LONG	0
+#define __WORDSIZE			32
+#define __WORDSIZE_TIME64_COMPAT32	1
+#define __WORDSIZE32_SIZE_ULONG		0
+#define __WORDSIZE32_PTRDIFF_LONG	0
 #endif
 
+#ifdef __aarch64__
 #define __WORDSIZE_TIME64_COMPAT32	0
-diff --git a/sysdeps/aarch64/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h
-similarity index 80%
-copy from sysdeps/aarch64/bits/wordsize.h
-copy to sysdeps/arm/bits/wordsize.h
-index 4635431f0e..34fcdef1f1 100644
--- a/sysdeps/aarch64/bits/wordsize.h
+#endif
+diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h
+index 6ecbfe7c86..1639bcb063 100644
+--- a/sysdeps/arm/bits/wordsize.h
 +++ b/sysdeps/arm/bits/wordsize.h
-@@ -17,12 +17,16 @@
+@@ -1,4 +1,6 @@
+-/* Copyright (C) 1999-2024 Free Software Foundation, Inc.
+/* Determine the wordsize from the preprocessor defines.
+
+   Copyright (C) 2016-2022 Free Software Foundation, Inc.
+    This file is part of the GNU C Library.
+ 
+    The GNU C Library is free software; you can redistribute it and/or
+@@ -15,7 +17,19 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
-#ifdef __LP64__
 +#if defined (__aarch64__) && defined (__LP64__)
- # define __WORDSIZE			64
-#else
+# define __WORDSIZE			64
 +#elif defined (__aarch64__)
- # define __WORDSIZE			32
- # define __WORDSIZE32_SIZE_ULONG	1
- # define __WORDSIZE32_PTRDIFF_LONG	1
-+#else
 +# define __WORDSIZE			32
-+# define __WORDSIZE32_SIZE_ULONG	0
-+# define __WORDSIZE32_PTRDIFF_LONG	0
- #endif
- 
- #define __WORDSIZE_TIME64_COMPAT32	0
+# define __WORDSIZE32_SIZE_ULONG	1
+# define __WORDSIZE32_PTRDIFF_LONG	1
+#else
+ #define __WORDSIZE			32
+ #define __WORDSIZE_TIME64_COMPAT32	1
+ #define __WORDSIZE32_SIZE_ULONG		0
+ #define __WORDSIZE32_PTRDIFF_LONG	0
+#endif
+
+#ifdef __aarch64__
+#define __WORDSIZE_TIME64_COMPAT32	0
+#endif
 -- 
 2.34.1

--- a/meta/recipes-core/glibc/glibc_2.35.bb
+++ b/meta/recipes-core/glibc/glibc_2.35.bb
@@ -24,7 +24,10 @@ CVE_CHECK_IGNORE += "CVE-2019-1010025"
 CVE_CHECK_IGNORE += "CVE-2023-4527"

 # To avoid these in cve-check reports since the recipe version did not change
-CVE_CHECK_IGNORE += "CVE-2023-0687 CVE-2023-4813 CVE-2023-4806 CVE-2023-4911 CVE-2023-5156 CVE-2024-2961"
+CVE_CHECK_IGNORE += " \
+    CVE-2023-0687 CVE-2023-4813 CVE-2023-4806 CVE-2023-4911 CVE-2023-5156 \
+    CVE-2024-2961 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 \
+"

 DEPENDS += "gperf-native bison-native"