glibc: switch to 2.24 by default and remove old versions, fixes security issues
2.24 fixes the following CVEs compared to 2.23: - CVE-2016-3075 - CVE-2016-3706 - CVE-2016-1234 - CVE-2016-4429 - CVE-2016-5417 CVEs fixed in 2.23: - CVE-2015-8776 - CVE-2015-8777 - CVE-2015-8778 - CVE-2015-8779 - CVE-2014-9761 - CVE-2015-7547 Signed-off-by: Felix Fietkau <nbd@nbd.name>
This commit is contained in:
parent
8e0cb8f582
commit
4badb8a023
@ -1,14 +1,10 @@
|
||||
choice
|
||||
prompt "glibc version"
|
||||
depends on TOOLCHAINOPTS && USE_GLIBC
|
||||
default GLIBC_USE_VERSION_2_22
|
||||
default GLIBC_USE_VERSION_2_24
|
||||
help
|
||||
Select the version of glibc you wish to use.
|
||||
|
||||
config GLIBC_USE_VERSION_2_22
|
||||
bool "glibc 2.22"
|
||||
select GLIBC_VERSION_2_22
|
||||
|
||||
config GLIBC_USE_VERSION_2_24
|
||||
bool "glibc 2.24"
|
||||
select GLIBC_VERSION_2_24
|
||||
|
@ -2,14 +2,10 @@ if USE_GLIBC
|
||||
|
||||
config GLIBC_VERSION
|
||||
string
|
||||
default "2.22" if GLIBC_VERSION_2_22
|
||||
default "2.24" if GLIBC_VERSION_2_24
|
||||
|
||||
config GLIBC_VERSION_2_22
|
||||
config GLIBC_VERSION_2_24
|
||||
default y if !TOOLCHAINOPTS
|
||||
bool
|
||||
|
||||
config GLIBC_VERSION_2_24
|
||||
bool
|
||||
|
||||
endif
|
||||
|
@ -7,15 +7,6 @@
|
||||
include $(TOPDIR)/rules.mk
|
||||
|
||||
|
||||
MD5SUM_2.19 = 42dad4edd3bcb38006d13b5640b00b38
|
||||
REVISION_2.19 = 25243
|
||||
|
||||
MD5SUM_2.21 = 76050a65c444d58b5c4aa0d6034736ed
|
||||
REVISION_2.21 = 16d0a0c
|
||||
|
||||
MD5SUM_2.22 = b575850e77b37d70f96472285290b391
|
||||
REVISION_2.22 = b995d95
|
||||
|
||||
MD5SUM_2.24 = 5c5a6f1ac6fce866e37643c41ac116f3
|
||||
REVISION_2.24 = 8c716c2
|
||||
|
||||
|
@ -1,52 +0,0 @@
|
||||
--- a/sunrpc/rpc/types.h
|
||||
+++ b/sunrpc/rpc/types.h
|
||||
@@ -75,18 +75,23 @@ typedef unsigned long rpcport_t;
|
||||
#endif
|
||||
|
||||
#ifndef __u_char_defined
|
||||
-typedef __u_char u_char;
|
||||
-typedef __u_short u_short;
|
||||
-typedef __u_int u_int;
|
||||
-typedef __u_long u_long;
|
||||
-typedef __quad_t quad_t;
|
||||
-typedef __u_quad_t u_quad_t;
|
||||
-typedef __fsid_t fsid_t;
|
||||
+typedef unsigned char u_char;
|
||||
+typedef unsigned short u_short;
|
||||
+typedef unsigned int u_int;
|
||||
+typedef unsigned long u_long;
|
||||
+#if __WORDSIZE == 64
|
||||
+typedef long int quad_t;
|
||||
+typedef unsigned long int u_quad_t;
|
||||
+#elif defined __GLIBC_HAVE_LONG_LONG
|
||||
+typedef long long int quad_t;
|
||||
+typedef unsigned long long int u_quad_t;
|
||||
+#endif
|
||||
+typedef u_quad_t fsid_t;
|
||||
# define __u_char_defined
|
||||
#endif
|
||||
-#ifndef __daddr_t_defined
|
||||
-typedef __daddr_t daddr_t;
|
||||
-typedef __caddr_t caddr_t;
|
||||
+#if !defined(__daddr_t_defined) && defined(linux)
|
||||
+typedef long int daddr_t;
|
||||
+typedef char *caddr_t;
|
||||
# define __daddr_t_defined
|
||||
#endif
|
||||
|
||||
--- a/sunrpc/rpc_main.c
|
||||
+++ b/sunrpc/rpc_main.c
|
||||
@@ -958,9 +958,10 @@ mkfile_output (struct commandline *cmd)
|
||||
abort ();
|
||||
temp = rindex (cmd->infile, '.');
|
||||
cp = stpcpy (mkfilename, "Makefile.");
|
||||
- if (temp != NULL)
|
||||
- *((char *) stpncpy (cp, cmd->infile, temp - cmd->infile)) = '\0';
|
||||
- else
|
||||
+ if (temp != NULL) {
|
||||
+ strncpy(cp, cmd->infile, temp - cmd->infile);
|
||||
+ cp[temp - cmd->infile - 1] = 0;
|
||||
+ } else
|
||||
stpcpy (cp, cmd->infile);
|
||||
|
||||
}
|
@ -1,14 +0,0 @@
|
||||
add /usr/lib to default search path for the dynamic linker
|
||||
|
||||
--- a/Makeconfig
|
||||
+++ b/Makeconfig
|
||||
@@ -527,6 +527,9 @@ else
|
||||
default-rpath = $(libdir)
|
||||
endif
|
||||
|
||||
+# Add /usr/lib to default search path for the dynamic linker
|
||||
+user-defined-trusted-dirs := /usr/lib
|
||||
+
|
||||
ifndef link-extra-libs
|
||||
link-extra-libs = $(LDLIBS-$(@F))
|
||||
link-extra-libs-static = $(link-extra-libs)
|
Loading…
Reference in New Issue
Block a user