[OpenWrt-Devel] [PATCH] CC: toolchain: use latest glibc 2.21 revision

John Crispin john at phrozen.org
Wed Mar 16 06:23:40 EDT 2016



On 16/03/2016 11:21, Michael Marley wrote:
> When I originally posted this patch, GLIBC 2.23 had not yet been
> released.  Additionally, this was a patch to fix the issue for the
> stable release (CC), so I didn't figure bumping the GLIBC version would
> be a good idea.  The issue is fixed because the patch was backported to
> the 2.21 branch, which is why this patch switched from the 2.21 release
> to the head of the 2.21 branch.
> 
> Michael
> 
> 

i was just about to post the same. happy to include a patch for the
latest version though

	John

> On 03/16/16 05:14, Naresh Kumar Mehta wrote:
>> From http://www.gnu.org/software/libc/, it seems CVE-2015-7547 was fixed in
>> v2.23. How come using v2.21 will fix this issue?
>>
>> -----Original Message-----
>> From: openwrt-devel [mailto:openwrt-devel-bounces at lists.openwrt.org] On
>> Behalf Of Michael Marley
>> Sent: Wednesday, February 17, 2016 7:46 PM
>> To: openwrt-devel at lists.openwrt.org
>> Subject: [OpenWrt-Devel] [PATCH] CC: toolchain: use latest glibc 2.21
>> revision
>>
>> Fixes "CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow"
>>
>> Signed-off-by: Michael Marley <michael at michaelmarley.com>
>> ---
>>  toolchain/glibc/Config.version                             |  6 ------
>>  toolchain/glibc/common.mk                                  | 12
>> +++++++++++-
>>  toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch |  2 +-
>>  3 files changed, 12 insertions(+), 8 deletions(-)
>>
>> diff --git a/toolchain/glibc/Config.version b/toolchain/glibc/Config.version
>> index 2ac01d7..4ceed09 100644
>> --- a/toolchain/glibc/Config.version
>> +++ b/toolchain/glibc/Config.version
>> @@ -12,12 +12,6 @@ config EGLIBC_VERSION_2_19  config GLIBC_VERSION_2_21
>>  	bool
>>  
>> -config GLIBC_REVISION
>> -	string
>> -	default "25243" if EGLIBC_VERSION_2_19
>> -	default "4e42b5b8f8" if GLIBC_VERSION_2_21
>> -	default ""
>> -
>>  endif
>>  
>>  menu "eglibc configuration"
>> diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk index
>> 7487ca2..3d680bb 100644
>> --- a/toolchain/glibc/common.mk
>> +++ b/toolchain/glibc/common.mk
>> @@ -6,9 +6,19 @@
>>  #
>>  include $(TOPDIR)/rules.mk
>>  
>> +
>> +MD5SUM_2.19 = 42dad4edd3bcb38006d13b5640b00b38
>> +REVISION_2.19 = 25243
>> +
>> +MD5SUM_2.21 = 76050a65c444d58b5c4aa0d6034736ed
>> +REVISION_2.21 = 16d0a0c
>> +
>> +
>>  PKG_NAME:=glibc
>>  PKG_VERSION:=$(call qstrip,$(CONFIG_GLIBC_VERSION)) -PKG_REVISION:=$(call
>> qstrip,$(CONFIG_GLIBC_REVISION))
>> +
>> +PKG_REVISION:=$(REVISION_$(PKG_VERSION))
>> +PKG_MIRROR_MD5SUM:=$(MD5SUM_$(PKG_VERSION))
>>  
>>  PKG_SOURCE_PROTO:=git
>>  PKG_SOURCE_URL:=git://sourceware.org/git/glibc.git
>> diff --git a/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch
>> b/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch
>> index a6200f7..070f938 100644
>> --- a/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch
>> +++ b/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch
>> @@ -2,7 +2,7 @@ add /usr/lib to default search path for the dynamic linker
>>  
>>  --- a/Makeconfig
>>  +++ b/Makeconfig
>> -@@ -501,6 +501,9 @@ else
>> +@@ -499,6 +499,9 @@ else
>>   default-rpath = $(libdir)
>>   endif
>>   
>> --
>> 2.7.1
>> _______________________________________________
>> openwrt-devel mailing list
>> openwrt-devel at lists.openwrt.org
>> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
> 
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list