Home Explore Help
Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/{glibc, localedef}: security bump to 2.36-117

Fixes the following security issues:

CVE-2023-4527: If the system is configured in no-aaaa mode via
/etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address
family, and a DNS response is received over TCP that is larger than
2048 bytes, getaddrinfo may potentially disclose stack contents via
the returned address data, or crash.

CVE-2023-4806: When an NSS plugin only implements the
_gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use
memory that was freed during buffer resizing, potentially causing a
crash or read or write to arbitrary memory.

CVE-2023-5156: The fix for CVE-2023-4806 introduced a memory leak when
an application calls getaddrinfo for AF_INET6 with AI_CANONNAME,
AI_ALL and AI_V4MAPPED flags set.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Peter Korsgaard 1 year ago
parent
9cbf9db691
commit
7c3e9fbe12
3 changed files with 3 additions and 3 deletions
Split View Show Diff Stats
  1. 1 1
      package/glibc/glibc.hash
  2. 1 1
      package/glibc/glibc.mk
  3. 1 1
      package/localedef/localedef.mk

+ 1 - 1
package/glibc/glibc.hash
View File 

@@ -1,5 +1,5 @@
 
 # Locally calculated (fetched from Github)
 
-sha256  666482e657c319f7e139121121a0d97d303c65207b9f9730f42a3ee83c79f686  glibc-2.36-81-g4f4d7a13edfd2fdc57c9d76e1fd6d017fb47550c.tar.gz
 
+sha256  a4351e60a33e84236c1866c39eeab321f419dfdc274411b7d2615c9382ace351  glibc-2.36-117-g32957eb6a86acdbeec9f38a60a7d5a0ff32db03d.tar.gz
 
 
 # Hashes for license files
 
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING

+ 1 - 1
package/glibc/glibc.mk
View File 

@@ -7,7 +7,7 @@
 
 # Generate version string using:
 
 #   git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master | cut -d '-' -f 2-
 
 # When updating the version, please also update localedef
 
-GLIBC_VERSION = 2.36-81-g4f4d7a13edfd2fdc57c9d76e1fd6d017fb47550c
 
+GLIBC_VERSION = 2.36-117-g32957eb6a86acdbeec9f38a60a7d5a0ff32db03d
 
 # Upstream doesn't officially provide an https download link.
 
 # There is one (https://sourceware.org/git/glibc.git) but it's not reliable,
 
 # sometimes the connection times out. So use an unofficial github mirror.

+ 1 - 1
package/localedef/localedef.mk
View File 

@@ -7,7 +7,7 @@
 
 # Use the same VERSION and SITE as target glibc
 
 # As in glibc.mk, generate version string using:
 
 #   git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master | cut -d '-' -f 2-
 
-LOCALEDEF_VERSION = 2.36-81-g4f4d7a13edfd2fdc57c9d76e1fd6d017fb47550c
 
+LOCALEDEF_VERSION = 2.36-117-g32957eb6a86acdbeec9f38a60a7d5a0ff32db03d
 
 LOCALEDEF_SOURCE = glibc-$(LOCALEDEF_VERSION).tar.gz
 
 LOCALEDEF_SITE = $(call github,bminor,glibc,$(LOCALEDEF_VERSION))
 
 HOST_LOCALEDEF_DL_SUBDIR = glibc