[OE-core][dunfell 01/20] glibc: update to lastest 2.31 release HEAD

Thu, 03 Feb 2022 11:51:15 -0800 

Includes the following fixes:

3ef8be9b89 CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768)
e5c8da9826 <shlib-compat.h>: Support compat_symbol_reference for _ISOMAC
412aaf1522 sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542)
c4c833d3dd CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" 
(bug 22542)
547b63bf6d socket: Add the __sockaddr_un_set function
b061e95277 Revert "Fix __minimal_malloc segfaults in __mmap due to 
stack-protector"
95e206b67f Fix __minimal_malloc segfaults in __mmap due to stack-protector
e26a2db141 gconv: Do not emit spurious NUL character in ISO-2022-JP-3 (bug 
28524)
094618d401 x86_64: Remove unneeded static PIE check for undefined weak 
diagnostic

Also add CVE-2022-23218 and CVE-2022-23218 to ignore list since they are fixed
by the above changes.

Signed-off-by: Steve Sakoman <[email protected]>
---
 meta/recipes-core/glibc/glibc-version.inc | 2 +-
 meta/recipes-core/glibc/glibc_2.31.bb     | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc 
b/meta/recipes-core/glibc/glibc-version.inc
index aac0d9b3bf..68efd09ece 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.31/master"
 PV = "2.31+git${SRCPV}"
-SRCREV_glibc ?= "4f0a61f75385c9a5879cbe7202042e88f692a3c8"
+SRCREV_glibc ?= "3ef8be9b89ef98300951741f381eb79126ac029f"
 SRCREV_localedef ?= "cd9f958c4c94a638fa7b2b4e21627364f1a1a655"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc_2.31.bb 
b/meta/recipes-core/glibc/glibc_2.31.bb
index 4a545cb97d..0c37467fe4 100644
--- a/meta/recipes-core/glibc/glibc_2.31.bb
+++ b/meta/recipes-core/glibc/glibc_2.31.bb
@@ -3,6 +3,7 @@ require glibc-version.inc
 
 CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2020-6096 CVE-2016-10228 
CVE-2020-1751 CVE-2020-1752 \
                         CVE-2021-27645 CVE-2021-3326 CVE-2020-27618 
CVE-2020-29562 CVE-2019-25013 \
+                        CVE-2022-23218 CVE-2022-23219 \
 "
 
 # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#161296): 
https://lists.openembedded.org/g/openembedded-core/message/161296
Mute This Topic: https://lists.openembedded.org/mt/88891348/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to