mirrors/buildroot
0
0
Fork 0
mirror of https://git.busybox.net/buildroot.git synced 2024-11-23 13:33:28 +08:00
Code Issues Packages Projects Releases Wiki Activity
7389a01300
buildroot/package/glibc
History
Peter Korsgaard b54a3e5a3d package/glibc: security bump to 2.39-74 for post-2.39 security fixes 
Fixes the following security issues:

  GLIBC-SA-2024-0004:
    ISO-2022-CN-EXT: fix out-of-bound writes when writing escape
    sequence (CVE-2024-2961)

  GLIBC-SA-2024-0005:
    nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599)

  GLIBC-SA-2024-0006:
    nscd: Null pointer crash after notfound response (CVE-2024-33600)

  GLIBC-SA-2024-0007:
    nscd: netgroup cache may terminate daemon on memory allocation
    failure (CVE-2024-33601)

  GLIBC-SA-2024-0008:
    nscd: netgroup cache assumes NSS callback uses in-buffer strings
    (CVE-2024-33602)

In addition, the following bugs are fixed:

  [19622] network: Support aliasing with struct sockaddr
  [30701] time: getutxent misbehaves on 32-bit x86 when _TIME_BITS=64
  [30994] REP MOVSB performance suffers from page aliasing on Zen 4
  [31339] libc: arm32 loader crash after cleanup in 2.36
  [31325] mips: clone3 is wrong for o32
  [31335] math: Compile glibc with -march=x86-64-v3 should disable FMA4
    multi-arch version
  [31402] libc: clone (NULL, NULL, ...) clobbers %r7 register on
    s390{,x}
  [31479] libc: Missing #include <sys/rseq.h> in sched_getcpu.c may
    result in a loss of rseq acceleration
  [31316] build: Fails test misc/tst-dirname "Didn't expect signal from
    child: got `Illegal instruction'" on non SSE CPUs
  [31371] x86-64: APX and Tile registers aren't preserved in ld.so
    trampoline
  [31372] dynamic-link: _dl_tlsdesc_dynamic doesn't preserve all caller-
    saved registers
  [31429] build: Glibc failed to build with -march=x86-64-v3
  [31501] dynamic-link: _dl_tlsdesc_dynamic_xsavec may clobber %rbx
  [31640] dynamic-link: POWER10 ld.so crashes in
    elf_machine_load_address with GCC 14
  [31676] Configuring with CC="gcc -march=x86-64-v3"
    --with-rtld-early-cflags=-march=x86-64 results in linker failure
  [31677] nscd: nscd: netgroup cache: invalid memcpy under low
    memory/storage conditions
  [31678] nscd: nscd: Null pointer dereferences after failed netgroup
    cache insertion
  [31679] nscd: nscd: netgroup cache may terminate daemon on memory
    allocation failure
  [31680] nscd: nscd: netgroup cache assumes NSS callback uses in-buffer
    strings
  [31686] dynamic-link: Stack-based buffer overflow in
    parse_tunables_string
  [31719] dynamic-link: --enable-hardcoded-path-in-tests doesn't work
    with -Wl,--enable-new-dtags
  [31782] Test build failure with recent GCC trunk
    (x86/tst-cpu-features-supports.c:69:3: error: parameter to builtin
    not valid: avx5124fmaps)
  [31798] pidfd_getpid.c is miscompiled by GCC 6.4
  [31867] build: "CPU ISA level is lower than required" on SSE2-free
    CPUs
  [31883] build: ISA level support configure check relies on bashism /
    is otherwise broken for arithmetic

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7bfea9372f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-07-05 21:27:56 +02:00
..
Config.in package/glibc: enable for m68k with MMU 2023-10-01 12:03:12 +02:00
glibc.hash package/glibc: security bump to 2.39-74 for post-2.39 security fixes 2024-07-05 21:27:56 +02:00
glibc.mk package/glibc: security bump to 2.39-74 for post-2.39 security fixes 2024-07-05 21:27:56 +02:00
nsswitch.conf