diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-02-02 16:52:31 +0100 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2025-02-12 06:25:37 -0800 |
| commit | b60e852b743596695180c02ba4503207f4c703d4 (patch) | |
| tree | 67b0a2f5d434b94d87acac66462fae96ec1557e0 | |
| parent | bfc9fc4a4857c561d656ff5d6c10473fd1e8492a (diff) | |
| download | poky-b60e852b743596695180c02ba4503207f4c703d4.tar.gz | |
glibc: stable 2.39 branch updates
Solves CVE-2025-0395
git log:
662516aca8 stdlib: Test using setenv with updated environ [BZ #32588]
1432850ad8 malloc: obscure calloc use in tst-calloc
c1f7bfbe08 Hide all malloc functions from compiler [BZ #32366]
808a84a8b8 Fix underallocation of abort_msg_s struct (CVE-2025-0395)
994b129a35 x86/string: Fixup alignment of main loop in str{n}cmp-evex [BZ #32212]
61daaa7639 x86: Improve large memset perf with non-temporal stores [RHEL-29312]
2c8a7f14fa x86: Avoid integer truncation with large cache sizes (bug 32470)
2c882bf9c1 math: Exclude internal math symbols for tests [BZ #32414]
51da74a97e malloc: add indirection for malloc(-like) functions in tests [BZ #32366]
aa8768999e Pass -nostdlib -nostartfiles together with -r [BZ #31753]
350db28393 nptl: initialize cpu_id_start prior to rseq registration
9a0e174a39 nptl: initialize rseq area prior to registration
test results:
Before After Diff
FAIL 208 210 +2
PASS 4906 4905 -1
UNSUPPORTED 230 230 0
XFAIL 16 16 0
XPASS 4 4 0
failed test changes:
- nptl/tst-mutexpi8-static
- stdlib/tst-qsort4
+ malloc/tst-dynarray-fail-mem
+ malloc/tst-malloc_info
+ malloc/tst-malloc_info-malloc-check
+ malloc/tst-malloc_info-malloc-hugetlb2
(From OE-Core rev: 54181d6ca63a720dcebb241892e76e9cdd75260c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
| -rw-r--r-- | meta/recipes-core/glibc/glibc-version.inc | 2 | ||||
| -rw-r--r-- | meta/recipes-core/glibc/glibc_2.39.bb | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index b3b21bd07d..da9227ccca 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc | |||
| @@ -1,6 +1,6 @@ | |||
| 1 | SRCBRANCH ?= "release/2.39/master" | 1 | SRCBRANCH ?= "release/2.39/master" |
| 2 | PV = "2.39+git" | 2 | PV = "2.39+git" |
| 3 | SRCREV_glibc ?= "dcaf51b41e259387602774829c45222d0507f90a" | 3 | SRCREV_glibc ?= "662516aca8b6bf6aa6555f471055d5eb512b1ddc" |
| 4 | SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc" | 4 | SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc" |
| 5 | 5 | ||
| 6 | GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" | 6 | GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https" |
diff --git a/meta/recipes-core/glibc/glibc_2.39.bb b/meta/recipes-core/glibc/glibc_2.39.bb index 2484ae1cd9..8373db2c4f 100644 --- a/meta/recipes-core/glibc/glibc_2.39.bb +++ b/meta/recipes-core/glibc/glibc_2.39.bb | |||
| @@ -17,7 +17,7 @@ Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, m | |||
| 17 | easier access for another. 'ASLR bypass itself is not a vulnerability.'" | 17 | easier access for another. 'ASLR bypass itself is not a vulnerability.'" |
| 18 | 18 | ||
| 19 | CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS" | 19 | CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS" |
| 20 | CVE_STATUS_STABLE_BACKPORTS = "CVE-2024-2961 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602" | 20 | CVE_STATUS_STABLE_BACKPORTS = "CVE-2024-2961 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 CVE-2025-0395" |
| 21 | CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash" | 21 | CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash" |
| 22 | 22 | ||
| 23 | DEPENDS += "gperf-native bison-native" | 23 | DEPENDS += "gperf-native bison-native" |