mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-04 23:02:22 +02:00
Code Issues Packages Projects Releases Wiki Activity

glibc: Update to latest on stable 2.35 branch

Browse Source 
Adresses CVE-2023-4813, CVE-2023-4806, CVE-2023-5156. Added these to CVE_CHECK_IGNORE
to avoid in cve-check reports since the recipe version did not change.

These are the complete list of changes this brings

* 73d4ce728a Document CVE-2023-4806 and CVE-2023-5156 in NEWS
* 17092c0311 Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]*
* 762a747fae io: Fix record locking contants for powerpc64 with __USE_FILE_OFFSET64
* e3ccb230a9 getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806)
* 1b9087dcec gethosts: Return EAI_MEMORY on allocation failure
* f5f88f142a gaih_inet: Split result generation into its own function
* a6da106892 gaih_inet: split loopback lookup into its own function
* 8b70d97b08 gaih_inet: make gethosts into a function
* 9098deb96a gaih_inet: separate nss lookup loop into its own function
* ce64e72b7d gaih_inet: Split nscd lookup code into its own function.
* 4897bf7968 gaih_inet: Split simple gethostbyname into its own function
* 571c531b3b gaih_inet: make numeric lookup a separate routine
* 9aad91abe6 gaih_inet: Simplify service resolution
* d02808dee9 getaddrinfo: Fix leak with AI_ALL [BZ #28852]
* f366eaa608 gaih_inet: Simplify canon name resolution
* b126325fc7 nss: Sort tests and tests-container and put one test per line
* 6e867146ee Simplify allocations and fix merge and continue actions [BZ #28931]
* 59ee83b0c2 elf: Move l_init_called_next to old place of l_text_end in link map
* 34b07bdbdd elf: Remove unused l_text_end field from struct link_map
* 02a67e102f elf: Always call destructors in reverse constructor order (bug 30785)
* aeea91fd15 elf: Do not run constructors for proxy objects
* 1d828d5855 elf: Introduce to _dl_call_fini

(From OE-Core rev: be0bca7eaa08948b6c4eabe63e68a6e14d8dad3b)

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This commit is contained in:
Soumya Sambu
2023-10-04 11:01:22 +00:00
committed by Steve Sakoman
parent c58c63d48f
commit 91c3fc996e
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
meta/recipes-core/glibc/glibc-version.inc
View File

@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.35/master"
PV = "2.35"
SRCREV_glibc ?= "561e9dadc02f46a7ba2190c0a04259583479f6c9"
SRCREV_glibc ?= "73d4ce728a59deb2fd18969e559769b3f590fac9"
SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"

3
meta/recipes-core/glibc/glibc_2.35.bb
View File

@@ -16,6 +16,9 @@ CVE_CHECK_IGNORE += "CVE-2019-1010022 CVE-2019-1010023 CVE-2019-1010024"
# Potential patch at https://sourceware.org/bugzilla/show_bug.cgi?id=22853
CVE_CHECK_IGNORE += "CVE-2019-1010025"
# To avoid these in cve-check reports since the recipe version did not change
CVE_CHECK_IGNORE += "CVE-2023-4813 CVE-2023-4806 CVE-2023-5156"
DEPENDS += "gperf-native bison-native"
NATIVESDKFIXES ?= ""