diff options
author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-10-03 22:19:45 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-10-04 13:00:33 +0100 |
commit | e444d2bed0ea140a574414fcd5a689867e8ba312 (patch) | |
tree | 7918043a337e91d5987e0f2880bd9460dccb5e22 /meta/recipes-core/glibc | |
parent | 8c4bb95c1c472f9eb5235b848e57febcac53aa59 (diff) | |
download | poky-e444d2bed0ea140a574414fcd5a689867e8ba312.tar.gz |
glibc: Pull in stable branch fixes
Pull in stable branch fixes including:
* tunables: Terminate if end of input is reached (CVE-2023-4911)
* Propagate GLIBC_TUNABLES in setxid binaries
* Document CVE-2023-4806 and CVE-2023-5156 in NEWS
* Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843]
Also set CVE_STATUS accordingly for the fixes pulled in.
(From OE-Core rev: 7d77bce6158bf11a2de0944f75589382f153bb91)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/glibc')
-rw-r--r-- | meta/recipes-core/glibc/glibc-version.inc | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index f5ebbb2ee6..19b98bc11a 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc | |||
@@ -1,8 +1,13 @@ | |||
1 | SRCBRANCH ?= "release/2.38/master" | 1 | SRCBRANCH ?= "release/2.38/master" |
2 | PV = "2.38+git" | 2 | PV = "2.38+git" |
3 | SRCREV_glibc ?= "0e1ef6779a90bc0f8a05bc367796df2793deecaa" | 3 | SRCREV_glibc ?= "750a45a783906a19591fb8ff6b7841470f1f5701" |
4 | SRCREV_localedef ?= "e0eca29583b9e0f62645c4316ced93cf4e4e26e1" | 4 | SRCREV_localedef ?= "e0eca29583b9e0f62645c4316ced93cf4e4e26e1" |
5 | 5 | ||
6 | GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" | 6 | GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" |
7 | 7 | ||
8 | UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+(\.(?!90)\d+)*)" | 8 | UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+(\.(?!90)\d+)*)" |
9 | |||
10 | CVE_STATUS[CVE-2023-4527] = "fixed-version: Fixed in stable branch updates" | ||
11 | CVE_STATUS[CVE-2023-4911] = "fixed-version: Fixed in stable branch updates" | ||
12 | CVE_STATUS[CVE-2023-4806] = "fixed-version: Fixed in stable branch updates" | ||
13 | CVE_STATUS[CVE-2023-4527] = "fixed-version: Fixed in stable branch updates" | ||