Commit 3d3af575 authored by Niels Breet's avatar Niels Breet

[glibc] Update to 2.28. Fixes JB#45154

Fixes CVE-2016-10739, CVE-2016-6261, CVE-2016-6263, CVE-2017-14062,
CVE-2017-18269, CVE-2018-11236, CVE-2018-11237, CVE-2018-19591,
CVE-2019-6488, CVE-2019-7309, CVE-2019-9169
parent 4c941e27
This diff is collapsed.
This diff is collapsed.
diff -ru glibc-2.13/nscd/nscd_stat.c glibc-2.13-no-timestamping/nscd/nscd_stat.c
--- glibc-2.13/nscd/nscd_stat.c 2011-08-24 07:43:18.419464199 +0200
+++ glibc-2.13-no-timestamping/nscd/nscd_stat.c 2011-08-24 07:43:52.837209224 +0200
@@ -38,7 +38,7 @@
/* We use this to make sure the receiver is the same. */
-static const char compilation[21] = __DATE__ " " __TIME__;
+static const char compilation[21] = "built on OBS";
/* Statistic data for one database. */
struct dbstat
--- glibc-2.25/bits/wordsize.h.bak 2018-11-08 15:12:14.756848932 +0200
+++ glibc-2.25/bits/wordsize.h 2018-11-08 15:13:00.505009458 +0200
@@ -1,27 +1,25 @@
-#error "This file must be written based on the data type sizes of the target"
diff --git a/bits/endian.h b/bits/endian.h
index 45afd4a..f49f6ab 100644
--- a/bits/endian.h
+++ b/bits/endian.h
@@ -1,13 +1,10 @@
-/* This file should define __BYTE_ORDER as appropriate for the machine
- in question. See string/endian.h for how to define it.
-
/* The following entries are a template for what defines should be in the
wordsize.h header file for a target. */
/* Size in bits of the 'long int' and pointer types. */
-#define __WORDSIZE
+#define __WORDSIZE 32
/* This should be set to 1 if __WORDSIZE is 32 and size_t is type
'unsigned long' instead of type 'unsigned int'. This will ensure
that SIZE_MAX is defined as an unsigned long constant instead of an
unsigned int constant. Set to 0 if __WORDSIZE is 32 and size_t is
'unsigned int' and leave undefined if __WORDSIZE is 64. */
-#define __WORDSIZE32_SIZE_ULONG
+#define __WORDSIZE32_SIZE_ULONG 0
/* This should be set to 1 if __WORDSIZE is 32 and ptrdiff_t is type 'long'
instead of type 'int'. This will ensure that PTRDIFF_MIN and PTRDIFF_MAX
are defined as long constants instead of int constants. Set to 0 if
__WORDSIZE is 32 and ptrdiff_t is type 'int' and leave undefined if
__WORDSIZE is 64. */
-#define __WORDSIZE32_PTRDIFF_LONG
+#define __WORDSIZE32_PTRDIFF_LONG 0
/* Set to 1 in order to force time types to be 32 bits instead of 64 bits in
struct lastlog and struct utmp{,x} on 64-bit ports. This may be done in
order to make 64-bit ports compatible with 32-bit ports. Set to 0 for
64-bit ports where the time types are 64-bits or for any 32-bit ports. */
-#define __WORDSIZE_TIME64_COMPAT32
+#define __WORDSIZE_TIME64_COMPAT32 0
--- glibc-2.25/bits/errno.h.bak 2018-11-08 14:32:39.009340807 +0200
+++ glibc-2.25/bits/errno.h 2018-11-08 14:43:21.450954354 +0200
@@ -1,4 +1,5 @@
-/* Copyright (C) 1991-2017 Free Software Foundation, Inc.
+/* Error constants. Linux specific version.
+ Copyright (C) 1996-2014 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -15,20 +16,51 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
- If only the stub bits/endian.h applies to a particular configuration,
- bytesex.h is generated by running a program on the host machine.
- So if cross-compiling to a machine with a different byte order,
- the bits/endian.h file for that machine must exist. */
-
#ifndef _ENDIAN_H
# error "Never use <bits/endian.h> directly; include <endian.h> instead."
#endif
-/* This file defines the `errno' constants. */
+#ifdef _ERRNO_H
-#error Machine byte order unknown.
+/* ARM can be either big or little endian. */
+#ifdef __ARMEB__
+#define __BYTE_ORDER __BIG_ENDIAN
+#else
+#define __BYTE_ORDER __LITTLE_ENDIAN
+#endif
diff --git a/bits/errno.h b/bits/errno.h
index 36c09f3..4eef942 100644
--- a/bits/errno.h
+++ b/bits/errno.h
@@ -25,26 +25,52 @@
# error "Never include <bits/errno.h> directly; use <errno.h> instead."
#endif
-#if !defined __Emath_defined && (defined _ERRNO_H || defined __need_Emath)
-#undef __need_Emath
-#define __Emath_defined 1
-#error "Generic bits/errno.h included -- port is incomplete."
-
-/* Authors of new ports of the GNU C Library must override this file
- with their own bits/errno.h in an appropriate subdirectory of
- sysdeps/. Its function is to define all of the error constants
- from C2011 and POSIX.1-2008, with values appropriate to the
- operating system, and any additional OS-specific error constants.
-
-# define EDOM XXX <--- fill in what is actually needed
-# define EILSEQ XXX <--- fill in what is actually needed
-# define ERANGE XXX <--- fill in what is actually needed
-#endif
- C2011 requires all error constants to be object-like macros that
- expand to "integer constant expressions with type int, positive
- values, and suitable for use in #if directives". Moreover, all of
- their names must begin with a capital E, followed immediately by
- either another capital letter, or a digit. It is OK to define
- macros that are not error constants, but only in the implementation
- namespace.
-
-#ifdef _ERRNO_H
-# error "Define here all the missing error messages for the port. These"
-# error "must match the numbers of the kernel."
-# define Exxxx XXX
-...
-#endif
+# undef EDOM
+# undef EILSEQ
+# undef ERANGE
- errno.h is sometimes included from assembly language. Therefore,
- when __ASSEMBLER__ is defined, bits/errno.h may only define macros;
- it may not make any other kind of C declaration or definition.
- Also, the error constants should, if at all possible, expand to
- simple decimal or hexadecimal numbers. */
+#ifdef _ERRNO_H
+
+# include <linux/errno.h>
+
+/* Linux has no ENOTSUP error code. */
+/* Older Linux headers do not define these constants. */
+# ifndef ENOTSUP
+# define ENOTSUP EOPNOTSUPP
+# endif
+
+/* Older Linux versions also had no ECANCELED error code. */
+# ifndef ECANCELED
......@@ -109,25 +98,41 @@
+# define EILSEQ 84 /* Illegal byte sequence. */
+# define ERANGE 34 /* Math result not representable. */
+#endif /* !_ERRNO_H && __need_Emath */
--- glibc-2.25/bits/endian.h.bak 2018-11-08 15:51:55.110637120 +0200
+++ glibc-2.25/bits/endian.h 2018-11-08 15:52:20.538742585 +0200
@@ -1,13 +1,10 @@
-/* This file should define __BYTE_ORDER as appropriate for the machine
- in question. See string/endian.h for how to define it.
-
- If only the stub bits/endian.h applies to a particular configuration,
- bytesex.h is generated by running a program on the host machine.
- So if cross-compiling to a machine with a different byte order,
- the bits/endian.h file for that machine must exist. */
#endif /* bits/errno.h. */
diff --git a/bits/wordsize.h b/bits/wordsize.h
index 14edae3..46ac7fd 100644
--- a/bits/wordsize.h
+++ b/bits/wordsize.h
@@ -1,27 +1,25 @@
-#error "This file must be written based on the data type sizes of the target"
-
#ifndef _ENDIAN_H
# error "Never use <bits/endian.h> directly; include <endian.h> instead."
#endif
/* The following entries are a template for what defines should be in the
wordsize.h header file for a target. */
-#error Machine byte order unknown.
+/* ARM can be either big or little endian. */
+#ifdef __ARMEB__
+#define __BYTE_ORDER __BIG_ENDIAN
+#else
+#define __BYTE_ORDER __LITTLE_ENDIAN
+#endif
/* Size in bits of the 'long int' and pointer types. */
-#define __WORDSIZE
+#define __WORDSIZE 32
/* This should be set to 1 if __WORDSIZE is 32 and size_t is type
'unsigned long' instead of type 'unsigned int'. This will ensure
that SIZE_MAX is defined as an unsigned long constant instead of an
unsigned int constant. Set to 0 if __WORDSIZE is 32 and size_t is
'unsigned int' and leave undefined if __WORDSIZE is 64. */
-#define __WORDSIZE32_SIZE_ULONG
+#define __WORDSIZE32_SIZE_ULONG 0
/* This should be set to 1 if __WORDSIZE is 32 and ptrdiff_t is type 'long'
instead of type 'int'. This will ensure that PTRDIFF_MIN and PTRDIFF_MAX
are defined as long constants instead of int constants. Set to 0 if
__WORDSIZE is 32 and ptrdiff_t is type 'int' and leave undefined if
__WORDSIZE is 64. */
-#define __WORDSIZE32_PTRDIFF_LONG
+#define __WORDSIZE32_PTRDIFF_LONG 0
/* Set to 1 in order to force time types to be 32 bits instead of 64 bits in
struct lastlog and struct utmp{,x} on 64-bit ports. This may be done in
order to make 64-bit ports compatible with 32-bit ports. Set to 0 for
64-bit ports where the time types are 64-bits or for any 32-bit ports. */
-#define __WORDSIZE_TIME64_COMPAT32
+#define __WORDSIZE_TIME64_COMPAT32 0
Index: eglibc-2.19/elf/dl-load.c
===================================================================
--- eglibc-2.19.orig/elf/dl-load.c
+++ eglibc-2.19/elf/dl-load.c
@@ -482,7 +482,7 @@ static size_t max_dirnamelen;
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 7554a99..eb34a7a 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -385,7 +385,8 @@ static size_t max_dirnamelen;
static struct r_search_path_elem **
fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
int check_trusted, const char *what, const char *where,
- struct link_map *l)
+ struct link_map *l, const char *rpath_prefix)
- const char *what, const char *where, struct link_map *l)
+ const char *what, const char *where, struct link_map *l,
+ const char *rpath_prefix)
{
char *cp;
size_t nelems = 0;
@@ -520,9 +520,23 @@ fillin_rpath (char *rpath, struct r_sear
@@ -425,9 +426,23 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
}
/* See if this directory is already known. */
......@@ -38,7 +39,7 @@ Index: eglibc-2.19/elf/dl-load.c
if (dirp != NULL)
{
@@ -540,22 +554,43 @@ fillin_rpath (char *rpath, struct r_sear
@@ -445,22 +460,43 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
size_t cnt;
enum r_dir_status init_val;
size_t where_len = where ? strlen (where) + 1 : 0;
......@@ -87,7 +88,7 @@ Index: eglibc-2.19/elf/dl-load.c
/* We have to make sure all the relative directories are
never ignored. The current directory might change and
@@ -566,7 +601,8 @@ fillin_rpath (char *rpath, struct r_sear
@@ -471,7 +507,8 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
dirp->what = what;
if (__glibc_likely (where != NULL))
......@@ -97,29 +98,29 @@ Index: eglibc-2.19/elf/dl-load.c
+ (ncapstr * sizeof (enum r_dir_status)),
where, where_len);
else
@@ -668,7 +704,7 @@ decompose_rpath (struct r_search_path_st
@@ -570,7 +607,7 @@ decompose_rpath (struct r_search_path_struct *sps,
_dl_signal_error (ENOMEM, NULL, NULL, errstring);
}
- fillin_rpath (copy, result, ":", 0, what, where, l);
+ fillin_rpath (copy, result, ":", 0, what, where, l, GLRO(dl_rpath_prefix));
- fillin_rpath (copy, result, ":", what, where, l);
+ fillin_rpath (copy, result, ":", what, where, l, GLRO(dl_rpath_prefix));
/* Free the copied RPATH string. `fillin_rpath' make own copies if
necessary. */
@@ -871,7 +907,7 @@ _dl_init_paths (const char *llp)
@@ -755,7 +792,7 @@ _dl_init_paths (const char *llp)
}
(void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
__libc_enable_secure, "LD_LIBRARY_PATH",
- NULL, l);
+ NULL, l, NULL/*no prefix*/);
- "LD_LIBRARY_PATH", NULL, l);
+ "LD_LIBRARY_PATH", NULL, l, NULL/*no prefix*/);
if (env_path_list.dirs[0] == NULL)
{
Index: eglibc-2.19/elf/dl-support.c
===================================================================
--- eglibc-2.19.orig/elf/dl-support.c
+++ eglibc-2.19/elf/dl-support.c
@@ -61,6 +61,9 @@ const char *_dl_profile_output;
diff --git a/elf/dl-support.c b/elf/dl-support.c
index 114f77a..502399f 100644
--- a/elf/dl-support.c
+++ b/elf/dl-support.c
@@ -58,6 +58,9 @@ const char *_dl_profile_output;
ignored. */
const char *_dl_inhibit_rpath;
......@@ -129,27 +130,27 @@ Index: eglibc-2.19/elf/dl-support.c
/* The map for the object we will profile. */
struct link_map *_dl_profile_map;
Index: eglibc-2.19/elf/rtld.c
===================================================================
--- eglibc-2.19.orig/elf/rtld.c
+++ eglibc-2.19/elf/rtld.c
@@ -991,6 +991,15 @@ dl_main (const ElfW(Phdr) *phdr,
_dl_argc -= 2;
_dl_argv += 2;
}
diff --git a/elf/rtld.c b/elf/rtld.c
index 453f56e..c6bdd02 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -965,6 +965,15 @@ dl_main (const ElfW(Phdr) *phdr,
{
GLRO(dl_inhibit_rpath) = _dl_argv[2];
+ _dl_skip_args += 2;
+ _dl_argc -= 2;
+ _dl_argv += 2;
+ }
+ else if (! strcmp (_dl_argv[1], "--rpath-prefix")
+ && _dl_argc > 2)
+ {
+ GLRO(dl_rpath_prefix) = _dl_argv[2];
+
+ _dl_skip_args += 2;
+ _dl_argc -= 2;
+ _dl_argv += 2;
+ }
else if (! strcmp (_dl_argv[1], "--audit") && _dl_argc > 2)
{
process_dl_audit (_dl_argv[2]);
@@ -1025,6 +1034,7 @@ of this helper program; chances are you
_dl_skip_args += 2;
_dl_argc -= 2;
_dl_argv += 2;
@@ -1003,6 +1012,7 @@ of this helper program; chances are you did not intend to run this program.\n\
--inhibit-cache Do not use " LD_SO_CACHE "\n\
--library-path PATH use given PATH instead of content of the environment\n\
variable LD_LIBRARY_PATH\n\
......@@ -157,11 +158,11 @@ Index: eglibc-2.19/elf/rtld.c
--inhibit-rpath LIST ignore RUNPATH and RPATH information in object names\n\
in LIST\n\
--audit LIST use objects named in LIST as auditors\n");
Index: eglibc-2.19/sysdeps/generic/ldsodefs.h
===================================================================
--- eglibc-2.19.orig/sysdeps/generic/ldsodefs.h
+++ eglibc-2.19/sysdeps/generic/ldsodefs.h
@@ -600,6 +600,12 @@ struct rtld_global_ro
diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
index 0ea2786..a9bff29 100644
--- a/sysdeps/generic/ldsodefs.h
+++ b/sysdeps/generic/ldsodefs.h
@@ -608,6 +608,12 @@ struct rtld_global_ro
/* List of auditing interfaces. */
struct audit_ifaces *_dl_audit;
unsigned int _dl_naudit;
......@@ -173,4 +174,4 @@ Index: eglibc-2.19/sysdeps/generic/ldsodefs.h
+#ifdef SHARED
};
# define __rtld_global_attribute__
# ifdef IS_IN_rtld
# if IS_IN (rtld)
* Thu Apr 25 2019 Niels Breet <niels.breet@jolla.com> - 2.28+git1
- Update to 2.28. Fixes JB#45154
- Fixes CVE-2016-10739, CVE-2016-6261, CVE-2016-6263, CVE-2017-14062,
CVE-2017-18269, CVE-2018-11236, CVE-2018-11237, CVE-2018-19591,
CVE-2019-6488, CVE-2019-7309, CVE-2019-9169
* Thu Mar 28 2019 Marko Saukko <marko.saukko@jolla.com> - 2.27+git1
- Update to 2.27. Fixes JB#45152
- Drop already integrated patch glibc-2.25-posix-spawn-fix.patch
- Drop not needed patch glibc-2.25-no-timestamping.patch
- Fixes CVE-2009-5064, CVE-2017-15670, CVE-2017-15671, CVE-2017-15804,
CVE-2017-17426, CVE-2017-1000408, CVE-2017-1000409, CVE-2017-16997,
CVE-2018-1000001,CVE-2018-6485
2.26 Fixes CVE-2017-1000366, CVE-2010-3192, CVE-2010-3192,
CVE-2017-12132
* Wed Mar 27 2019 Marko Kenttälä <marko.kenttala@jolla.com> - 2.25+git5
- Added debuginfo handling, fixes jb#45224
......
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment