[OpenWrt-Devel] [PATCH] CC: toolchain: use latest glibc 2.21 revision

Michael Marley michael at michaelmarley.com
Wed Mar 16 06:21:13 EDT 2016


When I originally posted this patch, GLIBC 2.23 had not yet been
released.  Additionally, this was a patch to fix the issue for the
stable release (CC), so I didn't figure bumping the GLIBC version would
be a good idea.  The issue is fixed because the patch was backported to
the 2.21 branch, which is why this patch switched from the 2.21 release
to the head of the 2.21 branch.

Michael


On 03/16/16 05:14, Naresh Kumar Mehta wrote:
> From http://www.gnu.org/software/libc/, it seems CVE-2015-7547 was fixed in
> v2.23. How come using v2.21 will fix this issue?
>
> -----Original Message-----
> From: openwrt-devel [mailto:openwrt-devel-bounces at lists.openwrt.org] On
> Behalf Of Michael Marley
> Sent: Wednesday, February 17, 2016 7:46 PM
> To: openwrt-devel at lists.openwrt.org
> Subject: [OpenWrt-Devel] [PATCH] CC: toolchain: use latest glibc 2.21
> revision
>
> Fixes "CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow"
>
> Signed-off-by: Michael Marley <michael at michaelmarley.com>
> ---
>  toolchain/glibc/Config.version                             |  6 ------
>  toolchain/glibc/common.mk                                  | 12
> +++++++++++-
>  toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch |  2 +-
>  3 files changed, 12 insertions(+), 8 deletions(-)
>
> diff --git a/toolchain/glibc/Config.version b/toolchain/glibc/Config.version
> index 2ac01d7..4ceed09 100644
> --- a/toolchain/glibc/Config.version
> +++ b/toolchain/glibc/Config.version
> @@ -12,12 +12,6 @@ config EGLIBC_VERSION_2_19  config GLIBC_VERSION_2_21
>  	bool
>  
> -config GLIBC_REVISION
> -	string
> -	default "25243" if EGLIBC_VERSION_2_19
> -	default "4e42b5b8f8" if GLIBC_VERSION_2_21
> -	default ""
> -
>  endif
>  
>  menu "eglibc configuration"
> diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk index
> 7487ca2..3d680bb 100644
> --- a/toolchain/glibc/common.mk
> +++ b/toolchain/glibc/common.mk
> @@ -6,9 +6,19 @@
>  #
>  include $(TOPDIR)/rules.mk
>  
> +
> +MD5SUM_2.19 = 42dad4edd3bcb38006d13b5640b00b38
> +REVISION_2.19 = 25243
> +
> +MD5SUM_2.21 = 76050a65c444d58b5c4aa0d6034736ed
> +REVISION_2.21 = 16d0a0c
> +
> +
>  PKG_NAME:=glibc
>  PKG_VERSION:=$(call qstrip,$(CONFIG_GLIBC_VERSION)) -PKG_REVISION:=$(call
> qstrip,$(CONFIG_GLIBC_REVISION))
> +
> +PKG_REVISION:=$(REVISION_$(PKG_VERSION))
> +PKG_MIRROR_MD5SUM:=$(MD5SUM_$(PKG_VERSION))
>  
>  PKG_SOURCE_PROTO:=git
>  PKG_SOURCE_URL:=git://sourceware.org/git/glibc.git
> diff --git a/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch
> b/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch
> index a6200f7..070f938 100644
> --- a/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch
> +++ b/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch
> @@ -2,7 +2,7 @@ add /usr/lib to default search path for the dynamic linker
>  
>  --- a/Makeconfig
>  +++ b/Makeconfig
> -@@ -501,6 +501,9 @@ else
> +@@ -499,6 +499,9 @@ else
>   default-rpath = $(libdir)
>   endif
>   
> --
> 2.7.1
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
>
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel


More information about the openwrt-devel mailing list