subject:"\[OE\-core\]\[kirkstone\]\[PATCH 1\/1\] glibc\: Update to latest on stable 2.35 branch"

Re: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 branch

2023-09-27 Thread Peter Marko via lists.openembedded.org

-Original Message-
From: openembedded-core@lists.openembedded.org 
 On Behalf Of Peter Marko via 
lists.openembedded.org
Sent: Wednesday, September 27, 2023 16:21
To: soumya.sa...@windriver.com
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 
2.35 branch

> -Original Message-
> From: openembedded-core@lists.openembedded.org 
>  On Behalf Of Soumya via 
> lists.openembedded.org
> Sent: Wednesday, September 27, 2023 9:46
> To: openembedded-core@lists.openembedded.org
> Subject: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 
> 2.35 branch
>
> > From: Soumya Sambu 
> >
> > Adresses CVE-2023-4813, CVE-2023-4806
>
> Could you also add these to CVE_CHECK_IGNORE?
> Otherwise they will stay in cve-check reports since the recipe version did 
> not change.

Additionally, this fixes CVE-2023-5156

>
> Thanks,
> Peter

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188328): 
https://lists.openembedded.org/g/openembedded-core/message/188328
Mute This Topic: https://lists.openembedded.org/mt/101613417/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 branch

2023-09-27 Thread Soumya via lists.openembedded.org

Sure, will send v2.

Regards,
Soumya


From: Marko, Peter 
Sent: Wednesday, September 27, 2023 7:50 PM
To: Sambu, Soumya 
Cc: openembedded-core@lists.openembedded.org 

Subject: RE: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 
2.35 branch

CAUTION: This email comes from a non Wind River email account!
Do not click links or open attachments unless you recognize the sender and know 
the content is safe.

-Original Message-
From: openembedded-core@lists.openembedded.org 
 On Behalf Of Soumya via 
lists.openembedded.org
Sent: Wednesday, September 27, 2023 9:46
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 
branch

> From: Soumya Sambu 
>
> Adresses CVE-2023-4813, CVE-2023-4806

Could you also add these to CVE_CHECK_IGNORE?
Otherwise they will stay in cve-check reports since the recipe version did not 
change.

Thanks,
Peter

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188327): 
https://lists.openembedded.org/g/openembedded-core/message/188327
Mute This Topic: https://lists.openembedded.org/mt/101613417/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 branch

2023-09-27 Thread Peter Marko via lists.openembedded.org

-Original Message-
From: openembedded-core@lists.openembedded.org 
 On Behalf Of Soumya via 
lists.openembedded.org
Sent: Wednesday, September 27, 2023 9:46
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 
branch

> From: Soumya Sambu 
>
> Adresses CVE-2023-4813, CVE-2023-4806

Could you also add these to CVE_CHECK_IGNORE?
Otherwise they will stay in cve-check reports since the recipe version did not 
change.

Thanks,
Peter

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188326): 
https://lists.openembedded.org/g/openembedded-core/message/188326
Mute This Topic: https://lists.openembedded.org/mt/101613417/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 branch

2023-09-27 Thread Soumya via lists.openembedded.org

From: Soumya Sambu 

Adresses CVE-2023-4813, CVE-2023-4806

These are the complete list of changes this brings

* 73d4ce728a Document CVE-2023-4806 and CVE-2023-5156 in NEWS
* 17092c0311 Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 
[BZ #30843]*
* 762a747fae io: Fix record locking contants for powerpc64 with 
__USE_FILE_OFFSET64
* e3ccb230a9 getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806)
* 1b9087dcec gethosts: Return EAI_MEMORY on allocation failure
* f5f88f142a gaih_inet: Split result generation into its own function
* a6da106892 gaih_inet: split loopback lookup into its own function
* 8b70d97b08 gaih_inet: make gethosts into a function
* 9098deb96a gaih_inet: separate nss lookup loop into its own function
* ce64e72b7d gaih_inet: Split nscd lookup code into its own function.
* 4897bf7968 gaih_inet: Split simple gethostbyname into its own function
* 571c531b3b gaih_inet: make numeric lookup a separate routine
* 9aad91abe6 gaih_inet: Simplify service resolution
* d02808dee9 getaddrinfo: Fix leak with AI_ALL [BZ #28852]
* f366eaa608 gaih_inet: Simplify canon name resolution
* b126325fc7 nss: Sort tests and tests-container and put one test per line
* 6e867146ee Simplify allocations and fix merge and continue actions [BZ #28931]
* 59ee83b0c2 elf: Move l_init_called_next to old place of l_text_end in link map
* 34b07bdbdd elf: Remove unused l_text_end field from struct link_map
* 02a67e102f elf: Always call destructors in reverse constructor order (bug 
30785)
* aeea91fd15 elf: Do not run constructors for proxy objects
* 1d828d5855 elf: Introduce to _dl_call_fini

Signed-off-by: Soumya Sambu 
---
 meta/recipes-core/glibc/glibc-version.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/recipes-core/glibc/glibc-version.inc 
b/meta/recipes-core/glibc/glibc-version.inc
index f23ceb5a25..c23a43576c 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.35/master"
 PV = "2.35"
-SRCREV_glibc ?= "561e9dadc02f46a7ba2190c0a04259583479f6c9"
+SRCREV_glibc ?= "73d4ce728a59deb2fd18969e559769b3f590fac9"
 SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87"
 
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
-- 
2.40.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#188294): 
https://lists.openembedded.org/g/openembedded-core/message/188294
Mute This Topic: https://lists.openembedded.org/mt/101613417/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 branch

Re: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 branch

Re: [OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 branch

[OE-core][kirkstone][PATCH 1/1] glibc: Update to latest on stable 2.35 branch

4 matches

Site Navigation

Mail list logo

Footer information