core/glibc to 2.22-1

This commit is contained in:
Kevin Mihelich 2015-08-12 12:11:11 +00:00
parent c4b37a144b
commit 17829721a0
3 changed files with 21 additions and 115 deletions

View file

@ -15,28 +15,26 @@
noautobuild=1 noautobuild=1
pkgname=glibc pkgname=glibc
pkgver=2.21 pkgver=2.22
pkgrel=4 pkgrel=1
pkgdesc="GNU C Library" pkgdesc="GNU C Library"
arch=('i686' 'x86_64') arch=('i686' 'x86_64')
url="http://www.gnu.org/software/libc" url="http://www.gnu.org/software/libc"
license=('GPL' 'LGPL') license=('GPL' 'LGPL')
groups=('base') groups=('base')
depends=('linux-api-headers>=4.0' 'tzdata' 'filesystem') depends=('linux-api-headers>=4.1' 'tzdata' 'filesystem')
makedepends=('gcc>=4.9') makedepends=('gcc>=5.2')
backup=(etc/gai.conf backup=(etc/gai.conf
etc/locale.gen etc/locale.gen
etc/nscd.conf) etc/nscd.conf)
options=('!strip' 'staticlibs' '!distcc') options=('!strip' 'staticlibs' '!distcc')
install=glibc.install install=glibc.install
source=(http://ftp.gnu.org/gnu/libc/${pkgname}-${pkgver}.tar.xz{,.sig} source=(http://ftp.gnu.org/gnu/libc/${pkgname}-${pkgver}.tar.xz{,.sig}
glibc-2.21-roundup.patch
local-soname-hack.diff local-soname-hack.diff
locale.gen.txt locale.gen.txt
locale-gen) locale-gen)
md5sums=('9cb398828e8f84f57d1f7d5588cf40cd' md5sums=('e51e02bf552a0a1fbbdc948fb2f5e83c'
'SKIP' 'SKIP'
'feb826d5f4965e9892ee6e851fec43a9'
'905370139382428ef2b97b247c0970bf' '905370139382428ef2b97b247c0970bf'
'07ac979b6ab5eeb778d55f041529d623' '07ac979b6ab5eeb778d55f041529d623'
'476e9113489f93b348b21e144b6a8fcf') '476e9113489f93b348b21e144b6a8fcf')
@ -46,7 +44,7 @@ prepare() {
cd ${srcdir}/${pkgname}-${pkgver} cd ${srcdir}/${pkgname}-${pkgver}
# glibc-2.21..01b07c70 # glibc-2.21..01b07c70
patch -p1 -i $srcdir/glibc-2.21-roundup.patch #patch -p1 -i $srcdir/glibc-2.21-roundup.patch
# ALARM: patch for hard-float ld-linux soname # ALARM: patch for hard-float ld-linux soname
if [[ $CARCH == "armv6h" || $CARCH == "armv7h" ]]; then if [[ $CARCH == "armv6h" || $CARCH == "armv7h" ]]; then
@ -106,12 +104,9 @@ build() {
} }
check() { check() {
# the linker commands need to be reordered - fixed in 2.19
LDFLAGS=${LDFLAGS/--as-needed,/}
cd ${srcdir}/glibc-build cd ${srcdir}/glibc-build
# tst-cleanupx4 failure on i686 is "expected" # some failures are "expected"
make check || true make check || true
} }
@ -144,6 +139,9 @@ package() {
# libc, libdl, libm and libpthread are required for toolchain testsuites # libc, libdl, libm and libpthread are required for toolchain testsuites
# in addition libcrypt appears widely required # in addition libcrypt appears widely required
rm $pkgdir/usr/lib/lib{anl,BrokenLocale,nsl,resolv,rt,util}.a rm $pkgdir/usr/lib/lib{anl,BrokenLocale,nsl,resolv,rt,util}.a
if [[ $CARCH = "x86_64" ]]; then
rm $pkgdir/usr/lib/libmvec.a
fi
# ALARM: symlink ld-linux.so.3 for hard-float # ALARM: symlink ld-linux.so.3 for hard-float
[[ $CARCH == "armv6h" || $CARCH == "armv7h" ]] && ln -s /lib/ld-${pkgver}.so ${pkgdir}/usr/lib/ld-linux.so.3 [[ $CARCH == "armv6h" || $CARCH == "armv7h" ]] && ln -s /lib/ld-${pkgver}.so ${pkgdir}/usr/lib/ld-linux.so.3
@ -160,13 +158,18 @@ package() {
usr/bin/{ldconfig,locale,localedef,nscd,makedb} \ usr/bin/{ldconfig,locale,localedef,nscd,makedb} \
usr/bin/{pcprofiledump,pldd,rpcgen,sln,sprof} \ usr/bin/{pcprofiledump,pldd,rpcgen,sln,sprof} \
usr/lib/getconf/* usr/lib/getconf/*
[[ $CARCH = "i686" ]] && strip $STRIP_BINARIES usr/bin/lddlibc4 if [[ $CARCH = "i686" ]]; then
strip $STRIP_BINARIES usr/bin/lddlibc4
fi
strip $STRIP_STATIC usr/lib/*.a strip $STRIP_STATIC usr/lib/*.a
strip $STRIP_SHARED usr/lib/{libanl,libBrokenLocale,libcidn,libcrypt}-*.so \ strip $STRIP_SHARED usr/lib/lib{anl,BrokenLocale,cidn,crypt}-*.so \
usr/lib/libnss_{compat,db,dns,files,hesiod,nis,nisplus}-*.so \ usr/lib/libnss_{compat,db,dns,files,hesiod,nis,nisplus}-*.so \
usr/lib/{libdl,libm,libnsl,libresolv,librt,libutil}-*.so \ usr/lib/lib{dl,m,nsl,resolv,rt,util}-*.so \
usr/lib/{libmemusage,libpcprofile,libSegFault}.so \ usr/lib/lib{memusage,pcprofile,SegFault}.so \
usr/lib/{audit,gconv}/*.so usr/lib/{audit,gconv}/*.so || true
if [[ $CARCH = "x86_64" ]]; then
strip $STRIP_SHARED usr/lib/libmvec-*.so
fi
} }

View file

@ -1,97 +0,0 @@
diff --git a/ChangeLog b/ChangeLog
index dc1ed1b..26feb07 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+2015-04-21 Arjun Shankar <arjun.is@lostca.se>
+
+ [BZ #18287]
+ * resolv/nss_dns/dns-host.c (getanswer_r): Adjust buffer length
+ based on padding. (CVE-2015-1781)
+
+2015-02-10 Evangelos Foutras <evangelos@foutrelis.com>
+
+ [BZ #17949]
+ * sysdeps/i386/i686/multiarch/mempcpy_chk.S: Fix position of
+ jump label.
+
2015-02-06 Carlos O'Donell <carlos@systemhalted.org>
* version.h (RELEASE): Set to "stable".
@@ -7,6 +19,7 @@
* sysdeps/unix/sysv/linux/hppa/pthread.h: Sync with pthread.h.
2015-02-05 Paul Pluzhnikov <ppluzhnikov@google.com>
+ Paul Eggert <eggert@cs.ucla.edu>
[BZ #16618]
* stdio-common/tst-sscanf.c (main): Test for buffer overflow.
diff --git a/NEWS b/NEWS
index 617cdbb..c9f6b58 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,19 @@ See the end for copying conditions.
Please send GNU C library bug reports via <http://sourceware.org/bugzilla/>
using `glibc' in the "product" field.
+Version 2.21.1
+
+* The following bugs are resolved with this release:
+
+ 17949, 18287.
+
+* A buffer overflow in gethostbyname_r and related functions performing DNS
+ requests has been fixed. If the NSS functions were called with a
+ misaligned buffer, the buffer length change due to pointer alignment was
+ not taken into account. This could result in application crashes or,
+ potentially arbitrary code execution, using crafted, but syntactically
+ valid DNS responses. (CVE-2015-1781)
+
Version 2.21
* The following bugs are resolved with this release:
@@ -21,10 +34,11 @@ Version 2.21
17801, 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885,
17892.
-* CVE-2015-1472 Under certain conditions wscanf can allocate too little
- memory for the to-be-scanned arguments and overflow the allocated
- buffer. The implementation now correctly computes the required buffer
- size when using malloc.
+* CVE-2015-1472 CVE-2015-1473 Under certain conditions wscanf can allocate
+ too little memory for the to-be-scanned arguments and overflow the
+ allocated buffer. The implementation now correctly computes the required
+ buffer size when using malloc, and switches to malloc from alloca as
+ intended.
* A new semaphore algorithm has been implemented in generic C code for all
machines. Previous custom assembly implementations of semaphore were
diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
index f715ab0..40069a7 100644
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -615,7 +615,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
int have_to_map = 0;
uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
buffer += pad;
- if (__glibc_unlikely (buflen < sizeof (struct host_data) + pad))
+ buflen = buflen > pad ? buflen - pad : 0;
+ if (__glibc_unlikely (buflen < sizeof (struct host_data)))
{
/* The buffer is too small. */
too_small:
diff --git a/sysdeps/i386/i686/multiarch/mempcpy_chk.S b/sysdeps/i386/i686/multiarch/mempcpy_chk.S
index 207b648..b6fa202 100644
--- a/sysdeps/i386/i686/multiarch/mempcpy_chk.S
+++ b/sysdeps/i386/i686/multiarch/mempcpy_chk.S
@@ -36,8 +36,8 @@ ENTRY(__mempcpy_chk)
cmpl $0, KIND_OFFSET+__cpu_features@GOTOFF(%ebx)
jne 1f
call __init_cpu_features
- leal __mempcpy_chk_ia32@GOTOFF(%ebx), %eax
-1: testl $bit_SSE2, CPUID_OFFSET+index_SSE2+__cpu_features@GOTOFF(%ebx)
+1: leal __mempcpy_chk_ia32@GOTOFF(%ebx), %eax
+ testl $bit_SSE2, CPUID_OFFSET+index_SSE2+__cpu_features@GOTOFF(%ebx)
jz 2f
leal __mempcpy_chk_sse2_unaligned@GOTOFF(%ebx), %eax
testl $bit_Fast_Unaligned_Load, FEATURE_OFFSET+index_Fast_Unaligned_Load+__cpu_features@GOTOFF(%ebx)

View file

@ -4,7 +4,7 @@ filelist=(libc.info{,-1,-2,-3,-4,-5,-6,-7,-8,-9,-10,-11})
post_upgrade() { post_upgrade() {
ldconfig -r . ldconfig -r .
if [[ $(vercmp 2.20-2 $2) = 1 ]]; then if [[ $(vercmp 2.22-1 $2) = 1 ]]; then
locale-gen locale-gen
fi fi