From e3271cc87a23027991dc21a33c787f502ab0f6f4 Mon Sep 17 00:00:00 2001 From: Kevin Mihelich <kevin@archlinuxarm.org> Date: Tue, 10 Feb 2015 22:27:59 +0000 Subject: [PATCH] core/glibc to 2.21-2 --- core/glibc/PKGBUILD | 8 ++-- core/glibc/glibc-2.21-roundup.patch | 70 +++++++++++++++++++++++++++++ 2 files changed, 75 insertions(+), 3 deletions(-) create mode 100644 core/glibc/glibc-2.21-roundup.patch diff --git a/core/glibc/PKGBUILD b/core/glibc/PKGBUILD index 3fc41e1f4..1da12249d 100644 --- a/core/glibc/PKGBUILD +++ b/core/glibc/PKGBUILD @@ -16,7 +16,7 @@ noautobuild=1 pkgname=glibc pkgver=2.21 -pkgrel=1 +pkgrel=2 pkgdesc="GNU C Library" arch=('i686' 'x86_64') url="http://www.gnu.org/software/libc" @@ -30,11 +30,13 @@ backup=(etc/gai.conf options=('!strip' 'staticlibs' '!distcc') install=glibc.install source=(http://ftp.gnu.org/gnu/libc/${pkgname}-${pkgver}.tar.xz{,.sig} + glibc-2.21-roundup.patch local-soname-hack.diff locale.gen.txt locale-gen) md5sums=('9cb398828e8f84f57d1f7d5588cf40cd' 'SKIP' + 'bf9d96b11c76b113606aae102da63d9d' '905370139382428ef2b97b247c0970bf' '07ac979b6ab5eeb778d55f041529d623' '476e9113489f93b348b21e144b6a8fcf') @@ -43,8 +45,8 @@ validpgpkeys=('F37CDAB708E65EA183FD1AF625EF0A436C2A4AFF') # Carlos O'Donell prepare() { cd ${srcdir}/${pkgname}-${pkgver} - # glibc-2.21.. - #patch -p1 -i $srcdir/glibc-2.21-roundup.patch + # glibc-2.21..75adf430 + patch -p1 -i $srcdir/glibc-2.21-roundup.patch # ALARM: patch for hard-float ld-linux soname if [[ $CARCH == "armv6h" || $CARCH == "armv7h" ]]; then diff --git a/core/glibc/glibc-2.21-roundup.patch b/core/glibc/glibc-2.21-roundup.patch new file mode 100644 index 000000000..66d3454ee --- /dev/null +++ b/core/glibc/glibc-2.21-roundup.patch @@ -0,0 +1,70 @@ +diff --git a/ChangeLog b/ChangeLog +index dc1ed1b..45579de 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,3 +1,9 @@ ++2015-02-10 Evangelos Foutras <evangelos@foutrelis.com> ++ ++ [BZ #17949] ++ * sysdeps/i386/i686/multiarch/mempcpy_chk.S: Fix position of ++ jump label. ++ + 2015-02-06 Carlos O'Donell <carlos@systemhalted.org> + + * version.h (RELEASE): Set to "stable". +@@ -7,6 +13,7 @@ + * sysdeps/unix/sysv/linux/hppa/pthread.h: Sync with pthread.h. + + 2015-02-05 Paul Pluzhnikov <ppluzhnikov@google.com> ++ Paul Eggert <eggert@cs.ucla.edu> + + [BZ #16618] + * stdio-common/tst-sscanf.c (main): Test for buffer overflow. +diff --git a/NEWS b/NEWS +index 617cdbb..ff79f0d 100644 +--- a/NEWS ++++ b/NEWS +@@ -5,6 +5,12 @@ See the end for copying conditions. + Please send GNU C library bug reports via <http://sourceware.org/bugzilla/> + using `glibc' in the "product" field. + ++Version 2.21.1 ++ ++* The following bugs are resolved with this release: ++ ++ 17949. ++ + Version 2.21 + + * The following bugs are resolved with this release: +@@ -21,10 +27,11 @@ Version 2.21 + 17801, 17803, 17806, 17834, 17844, 17848, 17868, 17869, 17870, 17885, + 17892. + +-* CVE-2015-1472 Under certain conditions wscanf can allocate too little +- memory for the to-be-scanned arguments and overflow the allocated +- buffer. The implementation now correctly computes the required buffer +- size when using malloc. ++* CVE-2015-1472 CVE-2015-1473 Under certain conditions wscanf can allocate ++ too little memory for the to-be-scanned arguments and overflow the ++ allocated buffer. The implementation now correctly computes the required ++ buffer size when using malloc, and switches to malloc from alloca as ++ intended. + + * A new semaphore algorithm has been implemented in generic C code for all + machines. Previous custom assembly implementations of semaphore were +diff --git a/sysdeps/i386/i686/multiarch/mempcpy_chk.S b/sysdeps/i386/i686/multiarch/mempcpy_chk.S +index 207b648..b6fa202 100644 +--- a/sysdeps/i386/i686/multiarch/mempcpy_chk.S ++++ b/sysdeps/i386/i686/multiarch/mempcpy_chk.S +@@ -36,8 +36,8 @@ ENTRY(__mempcpy_chk) + cmpl $0, KIND_OFFSET+__cpu_features@GOTOFF(%ebx) + jne 1f + call __init_cpu_features +- leal __mempcpy_chk_ia32@GOTOFF(%ebx), %eax +-1: testl $bit_SSE2, CPUID_OFFSET+index_SSE2+__cpu_features@GOTOFF(%ebx) ++1: leal __mempcpy_chk_ia32@GOTOFF(%ebx), %eax ++ testl $bit_SSE2, CPUID_OFFSET+index_SSE2+__cpu_features@GOTOFF(%ebx) + jz 2f + leal __mempcpy_chk_sse2_unaligned@GOTOFF(%ebx), %eax + testl $bit_Fast_Unaligned_Load, FEATURE_OFFSET+index_Fast_Unaligned_Load+__cpu_features@GOTOFF(%ebx)