From 29c296c3e109653a3a341a99cbac611cd6323029 Mon Sep 17 00:00:00 2001 From: Jan-Simon Möller Date: Wed, 28 Jun 2017 22:27:14 +0200 Subject: Fix for CVE-2017-1000366 in glibc MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This changeset fixes CVE-2017-1000366 by using the latest glibc revision from the 2.23 glibc git as of today which includes the needed fix. A few patch files included in poky had to be skipped as they're already included in this later version. Bug-AGL: SPEC-705 SPEC-706 Change-Id: Ie7ec64e524c68a4d5f2ca2a5363392c0588eb7d3 Signed-off-by: Jan-Simon Möller Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9935 Tested-by: Jenkins Job builder account ci-image-build: Jenkins Job builder account ci-image-boot-test: Jenkins Job builder account --- meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.23.bbappend | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.23.bbappend diff --git a/meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.23.bbappend b/meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.23.bbappend new file mode 100644 index 000000000..577552259 --- /dev/null +++ b/meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.23.bbappend @@ -0,0 +1,11 @@ +FILESEXTRAPATHS_prepend := "${THISDIR}/files:" + +# include fix for CVE-2017-1000366 +SRCREV = "d990d79610362f823292f9d869b84b4ec4491159" + +# already in above revision +SRC_URI_remove = "file://CVE-2016-3706.patch" +SRC_URI_remove = "file://CVE-2016-4429.patch" +SRC_URI_remove = "file://CVE-2016-1234.patch" +SRC_URI_remove = "file://CVE-2016-3075.patch" +SRC_URI_remove = "file://CVE-2016-5417.patch" -- cgit 1.2.3-korg