When I originally posted this patch, GLIBC 2.23 had not yet been released. Additionally, this was a patch to fix the issue for the stable release (CC), so I didn't figure bumping the GLIBC version would be a good idea. The issue is fixed because the patch was backported to the 2.21 branch, which is why this patch switched from the 2.21 release to the head of the 2.21 branch.
Michael On 03/16/16 05:14, Naresh Kumar Mehta wrote: > From http://www.gnu.org/software/libc/, it seems CVE-2015-7547 was fixed in > v2.23. How come using v2.21 will fix this issue? > > -----Original Message----- > From: openwrt-devel [mailto:[email protected]] On > Behalf Of Michael Marley > Sent: Wednesday, February 17, 2016 7:46 PM > To: [email protected] > Subject: [OpenWrt-Devel] [PATCH] CC: toolchain: use latest glibc 2.21 > revision > > Fixes "CVE-2015-7547 --- glibc getaddrinfo() stack-based buffer overflow" > > Signed-off-by: Michael Marley <[email protected]> > --- > toolchain/glibc/Config.version | 6 ------ > toolchain/glibc/common.mk | 12 > +++++++++++- > toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch | 2 +- > 3 files changed, 12 insertions(+), 8 deletions(-) > > diff --git a/toolchain/glibc/Config.version b/toolchain/glibc/Config.version > index 2ac01d7..4ceed09 100644 > --- a/toolchain/glibc/Config.version > +++ b/toolchain/glibc/Config.version > @@ -12,12 +12,6 @@ config EGLIBC_VERSION_2_19 config GLIBC_VERSION_2_21 > bool > > -config GLIBC_REVISION > - string > - default "25243" if EGLIBC_VERSION_2_19 > - default "4e42b5b8f8" if GLIBC_VERSION_2_21 > - default "" > - > endif > > menu "eglibc configuration" > diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk index > 7487ca2..3d680bb 100644 > --- a/toolchain/glibc/common.mk > +++ b/toolchain/glibc/common.mk > @@ -6,9 +6,19 @@ > # > include $(TOPDIR)/rules.mk > > + > +MD5SUM_2.19 = 42dad4edd3bcb38006d13b5640b00b38 > +REVISION_2.19 = 25243 > + > +MD5SUM_2.21 = 76050a65c444d58b5c4aa0d6034736ed > +REVISION_2.21 = 16d0a0c > + > + > PKG_NAME:=glibc > PKG_VERSION:=$(call qstrip,$(CONFIG_GLIBC_VERSION)) -PKG_REVISION:=$(call > qstrip,$(CONFIG_GLIBC_REVISION)) > + > +PKG_REVISION:=$(REVISION_$(PKG_VERSION)) > +PKG_MIRROR_MD5SUM:=$(MD5SUM_$(PKG_VERSION)) > > PKG_SOURCE_PROTO:=git > PKG_SOURCE_URL:=git://sourceware.org/git/glibc.git > diff --git a/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch > b/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch > index a6200f7..070f938 100644 > --- a/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch > +++ b/toolchain/glibc/patches/2.21/200-add-dl-search-paths.patch > @@ -2,7 +2,7 @@ add /usr/lib to default search path for the dynamic linker > > --- a/Makeconfig > +++ b/Makeconfig > -@@ -501,6 +501,9 @@ else > +@@ -499,6 +499,9 @@ else > default-rpath = $(libdir) > endif > > -- > 2.7.1 > _______________________________________________ > openwrt-devel mailing list > [email protected] > https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel > _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
