diff options
| author | Gyorgy Sarvari <skandigraun@gmail.com> | 2025-10-06 22:35:46 +0200 |
|---|---|---|
| committer | Khem Raj <raj.khem@gmail.com> | 2025-10-06 14:14:37 -0700 |
| commit | 24ad0ea9105dbb678ee08e19221a67f174eb750d (patch) | |
| tree | bdffd094640c24badece219bf177de6aa5298998 /meta-oe/recipes-extended/redis/redis-7.2.11/0003-hack-to-force-use-of-libc-malloc.patch | |
| parent | 1a22715b82584696dec489914d8bb9ccf73b5600 (diff) | |
| download | meta-openembedded-master.tar.gz | |
Changelog:
(CVE-2025-49844) A Lua script may lead to remote code execution
(CVE-2025-46817) A Lua script may lead to integer overflow and potential RCE
(CVE-2025-46818) A Lua script can be executed in the context of another user
(CVE-2025-46819) LUA out-of-bound read
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe/recipes-extended/redis/redis-7.2.11/0003-hack-to-force-use-of-libc-malloc.patch')
| -rw-r--r-- | meta-oe/recipes-extended/redis/redis-7.2.11/0003-hack-to-force-use-of-libc-malloc.patch | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/meta-oe/recipes-extended/redis/redis-7.2.11/0003-hack-to-force-use-of-libc-malloc.patch b/meta-oe/recipes-extended/redis/redis-7.2.11/0003-hack-to-force-use-of-libc-malloc.patch new file mode 100644 index 0000000000..8991d2d9bc --- /dev/null +++ b/meta-oe/recipes-extended/redis/redis-7.2.11/0003-hack-to-force-use-of-libc-malloc.patch | |||
| @@ -0,0 +1,35 @@ | |||
| 1 | From 7a98e3ac480413ce7db3a5edd5dc70458b921b29 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Venture Research <tech@ventureresearch.com> | ||
| 3 | Date: Wed, 6 Feb 2013 20:51:02 -0600 | ||
| 4 | Subject: [PATCH] hack to force use of libc malloc | ||
| 5 | |||
| 6 | Hack to force libc usage as it seems the option to pass it in has been | ||
| 7 | removed in favor of magic. | ||
| 8 | |||
| 9 | Note that this of course doesn't allow tcmalloc and jemalloc, however | ||
| 10 | jemalloc wasn't building correctly. | ||
| 11 | |||
| 12 | Upstream-Status: Pending | ||
| 13 | |||
| 14 | Signed-off-by: Venture Research <tech@ventureresearch.com> | ||
| 15 | |||
| 16 | Update to work with 4.0.8 | ||
| 17 | Signed-off-by: Alistair Francis <alistair.francis@wdc.com> | ||
| 18 | --- | ||
| 19 | src/Makefile | 3 ++- | ||
| 20 | 1 file changed, 2 insertions(+), 1 deletion(-) | ||
| 21 | |||
| 22 | Index: redis-7.2.10/src/Makefile | ||
| 23 | =================================================================== | ||
| 24 | --- redis-7.2.10.orig/src/Makefile | ||
| 25 | +++ redis-7.2.10/src/Makefile | ||
| 26 | @@ -13,7 +13,8 @@ | ||
| 27 | # Just use 'make dep', but this is only needed by developers. | ||
| 28 | |||
| 29 | release_hdr := $(shell sh -c './mkreleasehdr.sh') | ||
| 30 | -uname_S := $(shell sh -c 'uname -s 2>/dev/null || echo not') | ||
| 31 | +# use fake uname option to force use of generic libc | ||
| 32 | +uname_S := "USE_LIBC_MALLOC" | ||
| 33 | uname_M := $(shell sh -c 'uname -m 2>/dev/null || echo not') | ||
| 34 | CLANG := $(findstring clang,$(shell sh -c '$(CC) --version | head -1')) | ||
| 35 | OPTIMIZATION?=-O3 | ||