archlinuxarm/PKGBUILDs
1
0
Fork 0
mirror of https://github.com/archlinuxarm/PKGBUILDs.git synced 2024-11-08 22:45:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

core/glibc to 2.21-3

Browse source
This commit is contained in:
Kevin Mihelich 2015-04-23 12:13:34 +00:00
parent 5e8c222233
commit 4376706138
2 changed files with 38 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
core/glibc/PKGBUILD
View file

@ -16,13 +16,13 @@ noautobuild=1
pkgname=glibc pkgname=glibc
pkgver=2.21 pkgver=2.21
pkgrel=2 pkgrel=3
pkgdesc="GNU C Library" pkgdesc="GNU C Library"
arch=('i686' 'x86_64') arch=('i686' 'x86_64')
url="http://www.gnu.org/software/libc" url="http://www.gnu.org/software/libc"
license=('GPL' 'LGPL') license=('GPL' 'LGPL')
groups=('base') groups=('base')
depends=('linux-api-headers>=3.16' 'tzdata' 'filesystem>=2013.01') depends=('linux-api-headers>=3.18' 'tzdata' 'filesystem')
makedepends=('gcc>=4.9') makedepends=('gcc>=4.9')
backup=(etc/gai.conf backup=(etc/gai.conf
etc/locale.gen etc/locale.gen
@ -36,7 +36,7 @@ source=(http://ftp.gnu.org/gnu/libc/${pkgname}-${pkgver}.tar.xz{,.sig}
locale-gen) locale-gen)
md5sums=('9cb398828e8f84f57d1f7d5588cf40cd' md5sums=('9cb398828e8f84f57d1f7d5588cf40cd'
'SKIP' 'SKIP'
'bf9d96b11c76b113606aae102da63d9d' 'feb826d5f4965e9892ee6e851fec43a9'
'905370139382428ef2b97b247c0970bf' '905370139382428ef2b97b247c0970bf'
'07ac979b6ab5eeb778d55f041529d623' '07ac979b6ab5eeb778d55f041529d623'
'476e9113489f93b348b21e144b6a8fcf') '476e9113489f93b348b21e144b6a8fcf')
@ -45,7 +45,7 @@ validpgpkeys=('F37CDAB708E65EA183FD1AF625EF0A436C2A4AFF') # Carlos O'Donell
prepare() { prepare() {
cd ${srcdir}/${pkgname}-${pkgver} cd ${srcdir}/${pkgname}-${pkgver}
# glibc-2.21..75adf430 # glibc-2.21..01b07c70
patch -p1 -i $srcdir/glibc-2.21-roundup.patch patch -p1 -i $srcdir/glibc-2.21-roundup.patch
# ALARM: patch for hard-float ld-linux soname # ALARM: patch for hard-float ld-linux soname

41
core/glibc/glibc-2.21-roundup.patch
View file

@ -1,8 +1,14 @@
diff --git a/ChangeLog b/ChangeLog diff --git a/ChangeLog b/ChangeLog
index dc1ed1b..45579de 100644 index dc1ed1b..26feb07 100644
--- a/ChangeLog --- a/ChangeLog
+++ b/ChangeLog +++ b/ChangeLog
@@ -1,3 +1,9 @@ @@ -1,3 +1,15 @@
+2015-04-21 Arjun Shankar <arjun.is@lostca.se>
+
+ [BZ #18287]
+ * resolv/nss_dns/dns-host.c (getanswer_r): Adjust buffer length
+ based on padding. (CVE-2015-1781)
+
+2015-02-10 Evangelos Foutras <evangelos@foutrelis.com> +2015-02-10 Evangelos Foutras <evangelos@foutrelis.com>
+ +
+ [BZ #17949] + [BZ #17949]
@ -12,7 +18,7 @@ index dc1ed1b..45579de 100644
2015-02-06 Carlos O'Donell <carlos@systemhalted.org> 2015-02-06 Carlos O'Donell <carlos@systemhalted.org>
* version.h (RELEASE): Set to "stable". * version.h (RELEASE): Set to "stable".
@@ -7,6 +13,7 @@ @@ -7,6 +19,7 @@
* sysdeps/unix/sysv/linux/hppa/pthread.h: Sync with pthread.h. * sysdeps/unix/sysv/linux/hppa/pthread.h: Sync with pthread.h.
2015-02-05 Paul Pluzhnikov <ppluzhnikov@google.com> 2015-02-05 Paul Pluzhnikov <ppluzhnikov@google.com>
@ -21,10 +27,10 @@ index dc1ed1b..45579de 100644
[BZ #16618] [BZ #16618]
* stdio-common/tst-sscanf.c (main): Test for buffer overflow. * stdio-common/tst-sscanf.c (main): Test for buffer overflow.
diff --git a/NEWS b/NEWS diff --git a/NEWS b/NEWS
index 617cdbb..ff79f0d 100644 index 617cdbb..c9f6b58 100644
--- a/NEWS --- a/NEWS
+++ b/NEWS +++ b/NEWS
@@ -5,6 +5,12 @@ See the end for copying conditions. @@ -5,6 +5,19 @@ See the end for copying conditions.
Please send GNU C library bug reports via <http://sourceware.org/bugzilla/> Please send GNU C library bug reports via <http://sourceware.org/bugzilla/>
using `glibc' in the "product" field. using `glibc' in the "product" field.
@ -32,12 +38,19 @@ index 617cdbb..ff79f0d 100644
+ +
+* The following bugs are resolved with this release: +* The following bugs are resolved with this release:
+ +
+ 17949. + 17949, 18287.
+
+* A buffer overflow in gethostbyname_r and related functions performing DNS
+ requests has been fixed. If the NSS functions were called with a
+ misaligned buffer, the buffer length change due to pointer alignment was
+ not taken into account. This could result in application crashes or,
+ potentially arbitrary code execution, using crafted, but syntactically
+ valid DNS responses. (CVE-2015-1781)
+ +
Version 2.21 Version 2.21
* The following bugs are resolved with this release: * The following bugs are resolved with this release:
@@ -21,10 +27,11 @@ Version 2.21 @@ -21,10 +34,11 @@ Version 2.21
17801, 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885, 17801, 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885,
17892. 17892.
@ -53,6 +66,20 @@ index 617cdbb..ff79f0d 100644
* A new semaphore algorithm has been implemented in generic C code for all * A new semaphore algorithm has been implemented in generic C code for all
machines. Previous custom assembly implementations of semaphore were machines. Previous custom assembly implementations of semaphore were
diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
index f715ab0..40069a7 100644
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -615,7 +615,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
int have_to_map = 0;
uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
buffer += pad;
- if (__glibc_unlikely (buflen < sizeof (struct host_data) + pad))
+ buflen = buflen > pad ? buflen - pad : 0;
+ if (__glibc_unlikely (buflen < sizeof (struct host_data)))
{
/* The buffer is too small. */
too_small:
diff --git a/sysdeps/i386/i686/multiarch/mempcpy_chk.S b/sysdeps/i386/i686/multiarch/mempcpy_chk.S diff --git a/sysdeps/i386/i686/multiarch/mempcpy_chk.S b/sysdeps/i386/i686/multiarch/mempcpy_chk.S
index 207b648..b6fa202 100644 index 207b648..b6fa202 100644
--- a/sysdeps/i386/i686/multiarch/mempcpy_chk.S --- a/sysdeps/i386/i686/multiarch/mempcpy_chk.S