[iconv] Fix CVE-2020-27618. Contributes to JB#54165

See merge request !41

[PATCH] iconv: Accept redundant shift sequences in IBM1364 [BZ #26224]

The IBM1364, IBM1371, IBM1388, IBM1390 and IBM1399 character sets
share converter logic (iconvdata/ibm1364.c) which would reject
redundant shift sequences when processing input in these character
sets.  This led to a hang in the iconv program (CVE-2020-27618).

This commit adjusts the converter to ignore redundant shift sequences
and adds test cases for iconv_prog hangs that would be triggered upon
their rejection.  This brings the implementation in line with other
converters that also ignore redundant shift sequences (e.g. IBM930
etc., fixed in commit 692de4b3960d).
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

Upstream bug: https://sourceware.org/bugzilla/show_bug.cgi?id=26224
Fix commit: https://sourceware.org/git/?p=glibc.git;a=commit;h=9a99c682144bdbd40792ebf822fe9264e0376fb5

Signed-off-by: Matti Kosola <matti.kosola@jolla.com>

[glibc] Add fix for GLIBC#11053. Contributes to JB#44353

See merge request !40

This patches that fixes GLIBC#11053 then in turn fixes GNU-GREP#29613.

[glibc] Fix CVE-2020-6096. JB#49988

See merge request !39

Cherry pick upstream commits:

- arm: CVE-2020-6096: Fix multiarch memcpy for negative length [BZ #25620]
- arm: CVE-2020-6096: fix memcpy and memmove for negative length [BZ #25620]
Signed-off-by: E.V.Eremin <e.eremin@omprussia.ru>

[glibc] Use global RPM_OPT_FLAGS for arm builds. Contributes to JB#48210

See merge request !37

Revert: elf: Refuse to dlopen PIE objects.

See merge request !36

Booster cannot open applications as it is using dlopen.
Signed-off-by: Matti Kosola <matti.kosola@jolla.com>

Update glibc to latest 2.30 version.

See merge request !35

Signed-off-by: Marko Lemmetty <marko.lemmetty@jollamobile.com>

[glibc] Remove hardcoded libdir for aarch64. Contributes to JB#47986

See merge request !33

[Security] Various security fixes. Fixes JB#46726

See merge request !32

Fixes CVE-2019-9169 CVE-2019-7309 CVE-2016-10739 CVE-2018-19591

[glibc] Get rid of quilt build-requires. Contributes to JB#46706

See merge request !31

Signed-off-by: Matti Kosola <matti.kosola@jolla.com>

[glibc] Use an absolute path in ld.so.conf. Contributes to JB#46501

See merge request !30

sb2 executes ldconfig with -r, in which case it would complain: "need
absolute file name for configuration file when using -r"

[glibc] Do not prefix RPATHs under /home. Contributes to JB#46168

See merge request !29

Scratchbox2 uses the --rpath-prefix option to make the linker search for
required libraries under the target rootfs. Packages that run their own
binaries as a build step may use RPATH to resolve dependencies located
under the build tree - such RPATHs must not be redirected under the
target rootfs. It is a common assumption in Scratchbox2 that builds
happen under user's home directory.

[glibc] Add debuginfo handling, doc package. Contributes to JB#45154

See merge request !27

[glibc] Update to 2.28. Fixes JB#45154

See merge request !26

Fixes CVE-2016-10739, CVE-2016-6261, CVE-2016-6263, CVE-2017-14062,
CVE-2017-18269, CVE-2018-11236, CVE-2018-11237, CVE-2018-19591,
CVE-2019-6488, CVE-2019-7309, CVE-2019-9169

Add debuginfo handling. Supersedes https://git.merproject.org/mer-core/glibc/merge_requests/22

See merge request !23

[glibc] Add debuginfo handling. Fixes JB#45224

Apply diff from ubuntu 2.25.6.

See merge request !21

[glibc] Apply ubuntu 2.25.6. Contributes to JB#45152

Fixes CVE-2017-15670, CVE-2017-15671, CVE-2017-15804, CVE-2017-1000408,
CVE-2017-1000409, CVE-2017-16997.
Signed-off-by: Marko Saukko <marko.saukko@jolla.com>

Add glibc-doc subpackage and fix compiling with busybox find.

See merge request !18

Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>

Signed-off-by: Tomi Leppänen <tomi.leppanen@jolla.com>