From: Peter Marko <[email protected]> Adresses CVEs: CVE-2024-33599, CVE-2024-33600, CVE-2024-33601, CVE-2024-33602
Changes: 54a666dc5c elf: Disable some subtests of ifuncmain1, ifuncmain5 for !PIE 3a38600cc7 malloc: Exit early on test failure in tst-realloc 924a98402a nscd: Use time_t for return type of addgetnetgrentX 396f065496 login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701) 77d8f49058 login: Check default sizes of structs utmp, utmpx, lastlog 8e7f0eba01 sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574) 55771aba9d elf: Also compile dl-misc.os with $(rtld-early-cflags) 7a5864cac6 CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680) bafadc589f CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678) 4370bef52b CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678) 7a95873543 CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677) Since glibc introduced file sysdeps/arm/bits/wordsize.h our multilib patch needed to be updated. Signed-off-by: Peter Marko <[email protected]> Signed-off-by: Steve Sakoman <[email protected]> --- meta/recipes-core/glibc/glibc-version.inc | 2 +- ...y-the-header-between-arm-and-aarch64.patch | 64 +++++++++++-------- meta/recipes-core/glibc/glibc_2.35.bb | 5 +- 3 files changed, 41 insertions(+), 30 deletions(-) diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index cd8c7ecf94..1a8d51ef63 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.35/master" PV = "2.35" -SRCREV_glibc ?= "36280d1ce5e245aabefb877fe4d3c6cff95dabfa" +SRCREV_glibc ?= "54a666dc5c94897dab63856ba264ab2c53503303" SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" diff --git a/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch b/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch index 3b2d638b5f..789d2edf23 100644 --- a/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch +++ b/meta/recipes-core/glibc/glibc/0018-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch @@ -11,16 +11,15 @@ Upstream-Status: Inappropriate [ OE-Specific ] Signed-off-by: Khem Raj <[email protected]> --- - sysdeps/aarch64/bits/wordsize.h | 8 ++++++-- - sysdeps/{aarch64 => arm}/bits/wordsize.h | 10 +++++++--- - 2 files changed, 13 insertions(+), 5 deletions(-) - copy sysdeps/{aarch64 => arm}/bits/wordsize.h (80%) + sysdeps/aarch64/bits/wordsize.h | 11 +++++++++-- + sysdeps/arm/bits/wordsize.h | 16 +++++++++++++++- + 2 files changed, 24 insertions(+), 3 deletions(-) diff --git a/sysdeps/aarch64/bits/wordsize.h b/sysdeps/aarch64/bits/wordsize.h -index 4635431f0e..5ef0ed21f3 100644 +index 4635431f0e..1639bcb063 100644 --- a/sysdeps/aarch64/bits/wordsize.h +++ b/sysdeps/aarch64/bits/wordsize.h -@@ -17,12 +17,16 @@ +@@ -17,12 +17,19 @@ License along with the GNU C Library; if not, see <https://www.gnu.org/licenses/>. */ @@ -33,38 +32,47 @@ index 4635431f0e..5ef0ed21f3 100644 # define __WORDSIZE32_SIZE_ULONG 1 # define __WORDSIZE32_PTRDIFF_LONG 1 +#else -+# define __WORDSIZE 32 -+# define __WORDSIZE32_SIZE_ULONG 0 -+# define __WORDSIZE32_PTRDIFF_LONG 0 ++#define __WORDSIZE 32 ++#define __WORDSIZE_TIME64_COMPAT32 1 ++#define __WORDSIZE32_SIZE_ULONG 0 ++#define __WORDSIZE32_PTRDIFF_LONG 0 #endif ++#ifdef __aarch64__ #define __WORDSIZE_TIME64_COMPAT32 0 -diff --git a/sysdeps/aarch64/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h -similarity index 80% -copy from sysdeps/aarch64/bits/wordsize.h -copy to sysdeps/arm/bits/wordsize.h -index 4635431f0e..34fcdef1f1 100644 ---- a/sysdeps/aarch64/bits/wordsize.h ++#endif +diff --git a/sysdeps/arm/bits/wordsize.h b/sysdeps/arm/bits/wordsize.h +index 6ecbfe7c86..1639bcb063 100644 +--- a/sysdeps/arm/bits/wordsize.h +++ b/sysdeps/arm/bits/wordsize.h -@@ -17,12 +17,16 @@ +@@ -1,4 +1,6 @@ +-/* Copyright (C) 1999-2024 Free Software Foundation, Inc. ++/* Determine the wordsize from the preprocessor defines. ++ ++ Copyright (C) 2016-2022 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or +@@ -15,7 +17,19 @@ License along with the GNU C Library; if not, see <https://www.gnu.org/licenses/>. */ --#ifdef __LP64__ +#if defined (__aarch64__) && defined (__LP64__) - # define __WORDSIZE 64 --#else ++# define __WORDSIZE 64 +#elif defined (__aarch64__) - # define __WORDSIZE 32 - # define __WORDSIZE32_SIZE_ULONG 1 - # define __WORDSIZE32_PTRDIFF_LONG 1 -+#else +# define __WORDSIZE 32 -+# define __WORDSIZE32_SIZE_ULONG 0 -+# define __WORDSIZE32_PTRDIFF_LONG 0 - #endif - - #define __WORDSIZE_TIME64_COMPAT32 0 ++# define __WORDSIZE32_SIZE_ULONG 1 ++# define __WORDSIZE32_PTRDIFF_LONG 1 ++#else + #define __WORDSIZE 32 + #define __WORDSIZE_TIME64_COMPAT32 1 + #define __WORDSIZE32_SIZE_ULONG 0 + #define __WORDSIZE32_PTRDIFF_LONG 0 ++#endif ++ ++#ifdef __aarch64__ ++#define __WORDSIZE_TIME64_COMPAT32 0 ++#endif -- 2.34.1 diff --git a/meta/recipes-core/glibc/glibc_2.35.bb b/meta/recipes-core/glibc/glibc_2.35.bb index 74d7f753d8..9400e1e920 100644 --- a/meta/recipes-core/glibc/glibc_2.35.bb +++ b/meta/recipes-core/glibc/glibc_2.35.bb @@ -24,7 +24,10 @@ CVE_CHECK_IGNORE += "CVE-2019-1010025" CVE_CHECK_IGNORE += "CVE-2023-4527" # To avoid these in cve-check reports since the recipe version did not change -CVE_CHECK_IGNORE += "CVE-2023-0687 CVE-2023-4813 CVE-2023-4806 CVE-2023-4911 CVE-2023-5156 CVE-2024-2961" +CVE_CHECK_IGNORE += " \ + CVE-2023-0687 CVE-2023-4813 CVE-2023-4806 CVE-2023-4911 CVE-2023-5156 \ + CVE-2024-2961 CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 \ +" DEPENDS += "gperf-native bison-native" -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#199238): https://lists.openembedded.org/g/openembedded-core/message/199238 Mute This Topic: https://lists.openembedded.org/mt/106071154/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
