Message ID | 8785405a214b5af5da0b5deae559539531b1c237.1643917717.git.steve@sakoman.com |
---|---|
State | Accepted, archived |
Commit | eb03d3f72472539b10de49a32bdd3c68c34b658e |
Headers | show |
Series | [dunfell,01/20] glibc: update to lastest 2.31 release HEAD | expand |
It seems in commit message you have mentioned 2 times CVE-2022-23218 instead of CVE-2022-23218 and CVE-2022-23219. On Fri, 4 Feb, 2022, 1:21 am Steve Sakoman, <steve@sakoman.com> wrote: > Includes the following fixes: > > 3ef8be9b89 CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug > 28768) > e5c8da9826 <shlib-compat.h>: Support compat_symbol_reference for _ISOMAC > 412aaf1522 sunrpc: Test case for clnt_create "unix" buffer overflow (bug > 22542) > c4c833d3dd CVE-2022-23219: Buffer overflow in sunrpc clnt_create for > "unix" (bug 22542) > 547b63bf6d socket: Add the __sockaddr_un_set function > b061e95277 Revert "Fix __minimal_malloc segfaults in __mmap due to > stack-protector" > 95e206b67f Fix __minimal_malloc segfaults in __mmap due to stack-protector > e26a2db141 gconv: Do not emit spurious NUL character in ISO-2022-JP-3 (bug > 28524) > 094618d401 x86_64: Remove unneeded static PIE check for undefined weak > diagnostic > > Also add CVE-2022-23218 and CVE-2022-23218 to ignore list since they are > fixed > by the above changes. > > Signed-off-by: Steve Sakoman <steve@sakoman.com> > --- > meta/recipes-core/glibc/glibc-version.inc | 2 +- > meta/recipes-core/glibc/glibc_2.31.bb | 1 + > 2 files changed, 2 insertions(+), 1 deletion(-) > > diff --git a/meta/recipes-core/glibc/glibc-version.inc > b/meta/recipes-core/glibc/glibc-version.inc > index aac0d9b3bf..68efd09ece 100644 > --- a/meta/recipes-core/glibc/glibc-version.inc > +++ b/meta/recipes-core/glibc/glibc-version.inc > @@ -1,6 +1,6 @@ > SRCBRANCH ?= "release/2.31/master" > PV = "2.31+git${SRCPV}" > -SRCREV_glibc ?= "4f0a61f75385c9a5879cbe7202042e88f692a3c8" > +SRCREV_glibc ?= "3ef8be9b89ef98300951741f381eb79126ac029f" > SRCREV_localedef ?= "cd9f958c4c94a638fa7b2b4e21627364f1a1a655" > > GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" > diff --git a/meta/recipes-core/glibc/glibc_2.31.bb > b/meta/recipes-core/glibc/glibc_2.31.bb > index 4a545cb97d..0c37467fe4 100644 > --- a/meta/recipes-core/glibc/glibc_2.31.bb > +++ b/meta/recipes-core/glibc/glibc_2.31.bb > @@ -3,6 +3,7 @@ require glibc-version.inc > > CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2020-6096 CVE-2016-10228 > CVE-2020-1751 CVE-2020-1752 \ > CVE-2021-27645 CVE-2021-3326 CVE-2020-27618 > CVE-2020-29562 CVE-2019-25013 \ > + CVE-2022-23218 CVE-2022-23219 \ > " > > # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022 > -- > 2.25.1 > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#161296): > https://lists.openembedded.org/g/openembedded-core/message/161296 > Mute This Topic: https://lists.openembedded.org/mt/88891348/6360406 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > ranjitsinhrathod1991@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index aac0d9b3bf..68efd09ece 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.31/master" PV = "2.31+git${SRCPV}" -SRCREV_glibc ?= "4f0a61f75385c9a5879cbe7202042e88f692a3c8" +SRCREV_glibc ?= "3ef8be9b89ef98300951741f381eb79126ac029f" SRCREV_localedef ?= "cd9f958c4c94a638fa7b2b4e21627364f1a1a655" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" diff --git a/meta/recipes-core/glibc/glibc_2.31.bb b/meta/recipes-core/glibc/glibc_2.31.bb index 4a545cb97d..0c37467fe4 100644 --- a/meta/recipes-core/glibc/glibc_2.31.bb +++ b/meta/recipes-core/glibc/glibc_2.31.bb @@ -3,6 +3,7 @@ require glibc-version.inc CVE_CHECK_WHITELIST += "CVE-2020-10029 CVE-2020-6096 CVE-2016-10228 CVE-2020-1751 CVE-2020-1752 \ CVE-2021-27645 CVE-2021-3326 CVE-2020-27618 CVE-2020-29562 CVE-2019-25013 \ + CVE-2022-23218 CVE-2022-23219 \ " # glibc https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1010022
Includes the following fixes: 3ef8be9b89 CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768) e5c8da9826 <shlib-compat.h>: Support compat_symbol_reference for _ISOMAC 412aaf1522 sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542) c4c833d3dd CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542) 547b63bf6d socket: Add the __sockaddr_un_set function b061e95277 Revert "Fix __minimal_malloc segfaults in __mmap due to stack-protector" 95e206b67f Fix __minimal_malloc segfaults in __mmap due to stack-protector e26a2db141 gconv: Do not emit spurious NUL character in ISO-2022-JP-3 (bug 28524) 094618d401 x86_64: Remove unneeded static PIE check for undefined weak diagnostic Also add CVE-2022-23218 and CVE-2022-23218 to ignore list since they are fixed by the above changes. Signed-off-by: Steve Sakoman <steve@sakoman.com> --- meta/recipes-core/glibc/glibc-version.inc | 2 +- meta/recipes-core/glibc/glibc_2.31.bb | 1 + 2 files changed, 2 insertions(+), 1 deletion(-)