From ab012b3b94a3369988dc4aedbc9abe958cb04bca Mon Sep 17 00:00:00 2001 From: Steve Sakoman Date: Thu, 4 Feb 2021 10:34:51 -1000 Subject: glibc: update to latest release/2.32/master branch Remove patches for CVE-2019-25013 and CVE-2020-27618 since they are present in the branch now. Add both CVEs to CVE_CHECK_WHITELIST. 760e1d28782 gconv: Fix assertion failure in ISO-2022-JP-3 module (bug 27256) d3cb8f6222a aarch64: fix static PIE start code for BTI [BZ #27068] 082798622d8 __vfscanf_internal: fix aliasing violation (bug 26690) 33dc30bc838 aarch64: Use mmap to add PROT_BTI instead of mprotect [BZ #26831] 46e1e64fe3e elf: Pass the fd to note processing b6eae83717d elf: Move note processing after l_phdr is updated c6090dcebd1 aarch64: align address for BTI protection [BZ #26988] 610e2c51504 aarch64: Fix missing BTI protection from dependencies [BZ #26926] 4c619b3eed5 x86: Check IFUNC definition in unrelocated executable [BZ #20019] 87450ecf8a8 x86: Set header.feature_1 in TCB for always-on CET [BZ #27177] 2b4f67c2b33 Update for [BZ #27130] fix 1a24bbd43e4 x86-64: Avoid rep movsb with short distance [BZ #27130] 0d9793e82a1 Fix buffer overrun in EUC-KR conversion module (bz #24973) 1d49bede4d8 tests-mcheck: New variable to run tests with MALLOC_CHECK_=3 050022910be iconv: Accept redundant shift sequences in IBM1364 [BZ #26224] ac0a6929c5d sh: Add sh4 fpu Implies folder 3ea24955bff struct _Unwind_Exception alignment should not depend on compiler flags 5c36293f067 resolv: Serialize processing in resolv/tst-resolv-txnid-collision 2dfa659a66f resolv: Handle transaction ID collisions in parallel queries (bug 26600) 05c025abca1 support: Provide a way to clear the RA bit in DNS server responses f688bcd83de support: Provide a way to reorder responses within the DNS test server eba0ce60588 Remove __warndecl 5337b2af4b8 Remove __warn_memset_zero_len [BZ #25399] c6e794640c3 aarch64: Add unwind information to _start (bug 26853) 70ee5e8b573 aarch64: Fix DT_AARCH64_VARIANT_PCS handling [BZ #26798] 8813b2682e4 x86: Optimizing memcpy for AMD Zen architecture. e61a8fd8fad Reversing calculation of __x86_shared_non_temporal_threshold 0b9460d22e2 sysvipc: Fix IPC_INFO and SHM_INFO handling [BZ #26636] c4aeedea598 sysvipc: Fix IPC_INFO and MSG_INFO handling [BZ #26639] 9b139b6b81a sysvipc: Fix SEM_STAT_ANY kernel argument pass [BZ #26637] 81c5484d93a AArch64: Use __memcpy_simd on Neoverse N2/V1 0f8f0ed25c1 AArch64: Improve backwards memmove performance 23482f78866 Set version.h RELEASE to "stable" (Bug 26700) 69beb5cbf85 string: Fix strerrorname_np return value [BZ #26555] fe62c4d173f intl: Handle translation output codesets with suffixes [BZ #26383] 386543bc449 NEWS: Update for [BZ #26534] fix cebc01cbfd6 x86-64: Fix FMA4 detection in ifunc [BZ #26534] (From OE-Core rev: 8d05c277c5350c4d968eb488788eac7978968ef7) Signed-off-by: Steve Sakoman Signed-off-by: Richard Purdie --- meta/recipes-core/glibc/glibc/CVE-2020-27618.patch | 91 ---------------------- 1 file changed, 91 deletions(-) delete mode 100644 meta/recipes-core/glibc/glibc/CVE-2020-27618.patch (limited to 'meta/recipes-core/glibc/glibc/CVE-2020-27618.patch') diff --git a/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch b/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch deleted file mode 100644 index bf32238357..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 20e6c868c29f5a6121cbb88f3387bb9b884a4206 Mon Sep 17 00:00:00 2001 -From: Arjun Shankar -Date: Wed, 4 Nov 2020 12:19:38 +0100 -Subject: [PATCH] iconv: Accept redundant shift sequences in IBM1364 [BZ - #26224] - -The IBM1364, IBM1371, IBM1388, IBM1390 and IBM1399 character sets -share converter logic (iconvdata/ibm1364.c) which would reject -redundant shift sequences when processing input in these character -sets. This led to a hang in the iconv program (CVE-2020-27618). - -This commit adjusts the converter to ignore redundant shift sequences -and adds test cases for iconv_prog hangs that would be triggered upon -their rejection. This brings the implementation in line with other -converters that also ignore redundant shift sequences (e.g. IBM930 -etc., fixed in commit 692de4b3960d). - -Reviewed-by: Carlos O'Donell - -Upstream-Status: Backport -[https://sourceware.org/git/?p=glibc.git;a=commit; -h=9a99c682144bdbd40792ebf822fe9264e0376fb5] - -CVE: CVE-2020-27618 -Signed-off-by: Yi Fan Yu ---- - iconv/tst-iconv_prog.sh | 16 ++++++++++------ - iconvdata/ibm1364.c | 14 ++------------ - 2 files changed, 12 insertions(+), 18 deletions(-) - -diff --git a/iconv/tst-iconv_prog.sh b/iconv/tst-iconv_prog.sh -index 8298136b7f..d8db7b335c 100644 ---- a/iconv/tst-iconv_prog.sh -+++ b/iconv/tst-iconv_prog.sh -@@ -102,12 +102,16 @@ hangarray=( - "\x00\x80;-c;IBM1161;UTF-8//TRANSLIT//IGNORE" - "\x00\xdb;-c;IBM1162;UTF-8//TRANSLIT//IGNORE" - "\x00\x70;-c;IBM12712;UTF-8//TRANSLIT//IGNORE" --# These are known hangs that are yet to be fixed: --# "\x00\x0f;-c;IBM1364;UTF-8" --# "\x00\x0f;-c;IBM1371;UTF-8" --# "\x00\x0f;-c;IBM1388;UTF-8" --# "\x00\x0f;-c;IBM1390;UTF-8" --# "\x00\x0f;-c;IBM1399;UTF-8" -+"\x00\x0f;-c;IBM1364;UTF-8" -+"\x0e\x0e;-c;IBM1364;UTF-8" -+"\x00\x0f;-c;IBM1371;UTF-8" -+"\x0e\x0e;-c;IBM1371;UTF-8" -+"\x00\x0f;-c;IBM1388;UTF-8" -+"\x0e\x0e;-c;IBM1388;UTF-8" -+"\x00\x0f;-c;IBM1390;UTF-8" -+"\x0e\x0e;-c;IBM1390;UTF-8" -+"\x00\x0f;-c;IBM1399;UTF-8" -+"\x0e\x0e;-c;IBM1399;UTF-8" - "\x00\x53;-c;IBM16804;UTF-8//TRANSLIT//IGNORE" - "\x00\x41;-c;IBM274;UTF-8//TRANSLIT//IGNORE" - "\x00\x41;-c;IBM275;UTF-8//TRANSLIT//IGNORE" -diff --git a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c -index 49e7267ab4..521f0825b7 100644 ---- a/iconvdata/ibm1364.c -+++ b/iconvdata/ibm1364.c -@@ -158,24 +158,14 @@ enum - \ - if (__builtin_expect (ch, 0) == SO) \ - { \ -- /* Shift OUT, change to DBCS converter. */ \ -- if (curcs == db) \ -- { \ -- result = __GCONV_ILLEGAL_INPUT; \ -- break; \ -- } \ -+ /* Shift OUT, change to DBCS converter (redundant escape okay). */ \ - curcs = db; \ - ++inptr; \ - continue; \ - } \ - if (__builtin_expect (ch, 0) == SI) \ - { \ -- /* Shift IN, change to SBCS converter. */ \ -- if (curcs == sb) \ -- { \ -- result = __GCONV_ILLEGAL_INPUT; \ -- break; \ -- } \ -+ /* Shift IN, change to SBCS converter (redundant escape okay). */ \ - curcs = sb; \ - ++inptr; \ - continue; \ --- -2.29.2 - -- cgit v1.2.3-54-g00ecf