glibc: stable 2.39 branch updates

git log --oneline 58cbbd43fe82910cf8ae9008351b0b0665104500..ce65d944e38a20cb70af2a48a4b8aa5d8fabe1cc ce65d944e3 (HEAD -> release/2.39/master, origin/release/2.39/master) posix: Reset wordexp_t fields with WRDE_REUSE (CVE-2025-15281 / BZ 33814) 831f63b94c resolv: Fix NSS DNS backend for getnetbyaddr (CVE-2026-0915) fb22fd3f5b memalign: reinstate alignment overflow check (CVE-2026-0861) 10c0bcb3d3 support: Exit on consistency check failure in resolv_response_add_name f47dd22366 support: Fix FILE * leak in check_for_unshare_hints in test-container 4a53354eaf sprof: fix -Wformat warnings on 32-bit hosts beb8267909 sprof: check pread size and offset for overflow c07002038f getaddrinfo.c: Avoid uninitialized pointer access [BZ #32465] ae5fb93559 nptl: Optimize trylock for high cache contention workloads (BZ #33704) efff7cb659 ppc64le: Power 10 rawmemchr clobbers v20 (bug #33091) f6becd8ae8 ppc64le: Restore optimized strncmp for power10 0daa4e46b8 ppc64le: Restore optimized strcmp for power10 28c1de6580 AArch64: Fix instability in AdvSIMD tan 03d0393343 AArch64: Optimise SVE scalar callbacks 0d05a895f1 aarch64: fix includes in SME tests c1dc4412f8 aarch64: fix cfi directives around __libc_arm_za_disable d60f15dc89 aarch64: tests for SME d1d0d09e9e aarch64: clear ZA state of SME before clone and clone3 syscalls dbe1904b7c aarch64: define macro for calling __libc_arm_za_disable 58cf4aa421 aarch64: update tests for SME 1b3bd9a9a6 aarch64: Disable ZA state of SME in setjmp and sigsetjmp 38942a336b linux: Also check pkey_get for ENOSYS on tst-pkey (BZ 31996) c74d59a656 aarch64: Do not link conform tests with -Wl,-z,force-bti (bug 33601) 323ad087a1 x86: fix wmemset ifunc stray '!' (bug 33542) Testing Results: Before After Diff PASS 4926 4921 -5 XPASS 4 4 0 FAIL 223 229 +6 XFAIL 16 16 0 UNSUPPORTED 224 224 0 Changes in failed testcases: testcase-name before after elf/tst-audit21 PASS FAIL malloc/tst-malloc-too-large PASS FAIL malloc/tst-malloc-too-large-malloc-check PASS FAIL malloc/tst-malloc-too-large-malloc-hugetlb1 PASS FAIL malloc/tst-malloc-too-large-malloc-hugetlb2 PASS FAIL malloc/tst-malloc-too-large-mcheck PASS FAIL (From OE-Core rev: a49b898ed6d571391d90cc3ba150a0421642be23) Signed-off-by: Peter Marko <peter.marko@siemens.com> [Yoann: When run on the autobuilder, all those new FAIL tests are PASS: https://valkyrie.yocto.io/pub/non-release/20260209-10/testresults/qemux86-64-tc/testresults.json] Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-04-25 06:32:12 +02:00 · 2026-01-25 17:16:23 +01:00
parent b617f833e5
commit af8b964e9b
2 changed files with 2 additions and 2 deletions
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.39/master"
 PV = "2.39+git"
-SRCREV_glibc ?= "58cbbd43fe82910cf8ae9008351b0b0665104500"
+SRCREV_glibc ?= "ce65d944e38a20cb70af2a48a4b8aa5d8fabe1cc"
 SRCREV_localedef ?= "cba02c503d7c853a38ccfb83c57e343ca5ecd7e5"

 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"
--- a/meta/recipes-core/glibc/glibc_2.39.bb
+++ b/meta/recipes-core/glibc/glibc_2.39.bb
@@ -18,7 +18,7 @@ easier access for another. 'ASLR bypass itself is not a vulnerability.'"

 CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS"
 CVE_STATUS_STABLE_BACKPORTS = "CVE-2024-2961 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 CVE-2025-0395 \
-    CVE-2025-4802 CVE-2025-5702 CVE-2025-8058"
+    CVE-2025-4802 CVE-2025-5702 CVE-2025-8058 CVE-2025-15281 CVE-2026-0861 CVE-2026-0915"
 CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash"

 DEPENDS += "gperf-native bison-native"