glibc: updated to 2.23

author: Fredrik Rinnestam <fredrik@crux.nu> 2016-06-12 16:44:44 +0200
committer: Fredrik Rinnestam <fredrik@crux.nu> 2016-06-12 16:44:44 +0200
commit: 9373cce37f95662c13ab87ab59140f64470fa925 (patch)
tree: 8bfe8a81b515351af9b72c9d021a1c728fe8dab2 /glibc
parent: 4cd9051c3ac75d830a3c8b7ad5afc136b4a4997c (diff)
download: core-9373cce37f95662c13ab87ab59140f64470fa925.tar.gz
core-9373cce37f95662c13ab87ab59140f64470fa925.tar.xz
4 files changed, 238 insertions, 62 deletions
diff --git a/glibc/.footprint b/glibc/.footprint
index 66f9701c..f9e0210c 100644
--- a/glibc/.footprint
+++ b/glibc/.footprint
@@ -10,53 +10,53 @@ lrwxrwxrwx	root/root	etc/localtime -> ../usr/share/zoneinfo/UTC
 -rw-r--r--	root/root	etc/resolv.conf
 -rw-r--r--	root/root	etc/rpc
 drwxr-xr-x	root/root	lib/
--rwxr-xr-x	root/root	lib/ld-2.22.so
-lrwxrwxrwx	root/root	lib/ld-linux-x86-64.so.2 -> ld-2.22.so
--rwxr-xr-x	root/root	lib/libBrokenLocale-2.22.so
-lrwxrwxrwx	root/root	lib/libBrokenLocale.so.1 -> libBrokenLocale-2.22.so
+-rwxr-xr-x	root/root	lib/ld-2.23.so
+lrwxrwxrwx	root/root	lib/ld-linux-x86-64.so.2 -> ld-2.23.so
+-rwxr-xr-x	root/root	lib/libBrokenLocale-2.23.so
+lrwxrwxrwx	root/root	lib/libBrokenLocale.so.1 -> libBrokenLocale-2.23.so
 -rwxr-xr-x	root/root	lib/libSegFault.so
--rwxr-xr-x	root/root	lib/libanl-2.22.so
-lrwxrwxrwx	root/root	lib/libanl.so.1 -> libanl-2.22.so
--rwxr-xr-x	root/root	lib/libc-2.22.so
-lrwxrwxrwx	root/root	lib/libc.so.6 -> libc-2.22.so
--rwxr-xr-x	root/root	lib/libcidn-2.22.so
-lrwxrwxrwx	root/root	lib/libcidn.so.1 -> libcidn-2.22.so
--rwxr-xr-x	root/root	lib/libcrypt-2.22.so
-lrwxrwxrwx	root/root	lib/libcrypt.so.1 -> libcrypt-2.22.so
--rwxr-xr-x	root/root	lib/libdl-2.22.so
-lrwxrwxrwx	root/root	lib/libdl.so.2 -> libdl-2.22.so
--rwxr-xr-x	root/root	lib/libm-2.22.so
-lrwxrwxrwx	root/root	lib/libm.so.6 -> libm-2.22.so
+-rwxr-xr-x	root/root	lib/libanl-2.23.so
+lrwxrwxrwx	root/root	lib/libanl.so.1 -> libanl-2.23.so
+-rwxr-xr-x	root/root	lib/libc-2.23.so
+lrwxrwxrwx	root/root	lib/libc.so.6 -> libc-2.23.so
+-rwxr-xr-x	root/root	lib/libcidn-2.23.so
+lrwxrwxrwx	root/root	lib/libcidn.so.1 -> libcidn-2.23.so
+-rwxr-xr-x	root/root	lib/libcrypt-2.23.so
+lrwxrwxrwx	root/root	lib/libcrypt.so.1 -> libcrypt-2.23.so
+-rwxr-xr-x	root/root	lib/libdl-2.23.so
+lrwxrwxrwx	root/root	lib/libdl.so.2 -> libdl-2.23.so
+-rwxr-xr-x	root/root	lib/libm-2.23.so
+lrwxrwxrwx	root/root	lib/libm.so.6 -> libm-2.23.so
 -rwxr-xr-x	root/root	lib/libmemusage.so
--rwxr-xr-x	root/root	lib/libmvec-2.22.so
-lrwxrwxrwx	root/root	lib/libmvec.so.1 -> libmvec-2.22.so
--rwxr-xr-x	root/root	lib/libnsl-2.22.so
-lrwxrwxrwx	root/root	lib/libnsl.so.1 -> libnsl-2.22.so
--rwxr-xr-x	root/root	lib/libnss_compat-2.22.so
-lrwxrwxrwx	root/root	lib/libnss_compat.so.2 -> libnss_compat-2.22.so
--rwxr-xr-x	root/root	lib/libnss_db-2.22.so
-lrwxrwxrwx	root/root	lib/libnss_db.so.2 -> libnss_db-2.22.so
--rwxr-xr-x	root/root	lib/libnss_dns-2.22.so
-lrwxrwxrwx	root/root	lib/libnss_dns.so.2 -> libnss_dns-2.22.so
--rwxr-xr-x	root/root	lib/libnss_files-2.22.so
-lrwxrwxrwx	root/root	lib/libnss_files.so.2 -> libnss_files-2.22.so
--rwxr-xr-x	root/root	lib/libnss_hesiod-2.22.so
-lrwxrwxrwx	root/root	lib/libnss_hesiod.so.2 -> libnss_hesiod-2.22.so
--rwxr-xr-x	root/root	lib/libnss_nis-2.22.so
-lrwxrwxrwx	root/root	lib/libnss_nis.so.2 -> libnss_nis-2.22.so
--rwxr-xr-x	root/root	lib/libnss_nisplus-2.22.so
-lrwxrwxrwx	root/root	lib/libnss_nisplus.so.2 -> libnss_nisplus-2.22.so
+-rwxr-xr-x	root/root	lib/libmvec-2.23.so
+lrwxrwxrwx	root/root	lib/libmvec.so.1 -> libmvec-2.23.so
+-rwxr-xr-x	root/root	lib/libnsl-2.23.so
+lrwxrwxrwx	root/root	lib/libnsl.so.1 -> libnsl-2.23.so
+-rwxr-xr-x	root/root	lib/libnss_compat-2.23.so
+lrwxrwxrwx	root/root	lib/libnss_compat.so.2 -> libnss_compat-2.23.so
+-rwxr-xr-x	root/root	lib/libnss_db-2.23.so
+lrwxrwxrwx	root/root	lib/libnss_db.so.2 -> libnss_db-2.23.so
+-rwxr-xr-x	root/root	lib/libnss_dns-2.23.so
+lrwxrwxrwx	root/root	lib/libnss_dns.so.2 -> libnss_dns-2.23.so
+-rwxr-xr-x	root/root	lib/libnss_files-2.23.so
+lrwxrwxrwx	root/root	lib/libnss_files.so.2 -> libnss_files-2.23.so
+-rwxr-xr-x	root/root	lib/libnss_hesiod-2.23.so
+lrwxrwxrwx	root/root	lib/libnss_hesiod.so.2 -> libnss_hesiod-2.23.so
+-rwxr-xr-x	root/root	lib/libnss_nis-2.23.so
+lrwxrwxrwx	root/root	lib/libnss_nis.so.2 -> libnss_nis-2.23.so
+-rwxr-xr-x	root/root	lib/libnss_nisplus-2.23.so
+lrwxrwxrwx	root/root	lib/libnss_nisplus.so.2 -> libnss_nisplus-2.23.so
 -rwxr-xr-x	root/root	lib/libpcprofile.so
--rwxr-xr-x	root/root	lib/libpthread-2.22.so
-lrwxrwxrwx	root/root	lib/libpthread.so.0 -> libpthread-2.22.so
--rwxr-xr-x	root/root	lib/libresolv-2.22.so
-lrwxrwxrwx	root/root	lib/libresolv.so.2 -> libresolv-2.22.so
--rwxr-xr-x	root/root	lib/librt-2.22.so
-lrwxrwxrwx	root/root	lib/librt.so.1 -> librt-2.22.so
+-rwxr-xr-x	root/root	lib/libpthread-2.23.so
+lrwxrwxrwx	root/root	lib/libpthread.so.0 -> libpthread-2.23.so
+-rwxr-xr-x	root/root	lib/libresolv-2.23.so
+lrwxrwxrwx	root/root	lib/libresolv.so.2 -> libresolv-2.23.so
+-rwxr-xr-x	root/root	lib/librt-2.23.so
+lrwxrwxrwx	root/root	lib/librt.so.1 -> librt-2.23.so
 -rwxr-xr-x	root/root	lib/libthread_db-1.0.so
 lrwxrwxrwx	root/root	lib/libthread_db.so.1 -> libthread_db-1.0.so
--rwxr-xr-x	root/root	lib/libutil-2.22.so
-lrwxrwxrwx	root/root	lib/libutil.so.1 -> libutil-2.22.so
+-rwxr-xr-x	root/root	lib/libutil-2.23.so
+lrwxrwxrwx	root/root	lib/libutil.so.1 -> libutil-2.23.so
 drwxr-xr-x	root/root	sbin/
 -rwxr-xr-x	root/root	sbin/ldconfig
 -rwxr-xr-x	root/root	sbin/sln
@@ -226,7 +226,6 @@ drwxr-xr-x	root/root	usr/include/bits/
 -rw-r--r--	root/root	usr/include/bits/ioctls.h
 -rw-r--r--	root/root	usr/include/bits/ipc.h
 -rw-r--r--	root/root	usr/include/bits/ipctypes.h
--rw-r--r--	root/root	usr/include/bits/libc-lock.h
 -rw-r--r--	root/root	usr/include/bits/libio-ldbl.h
 -rw-r--r--	root/root	usr/include/bits/libm-simd-decl-stubs.h
 -rw-r--r--	root/root	usr/include/bits/link.h
@@ -279,7 +278,6 @@ drwxr-xr-x	root/root	usr/include/bits/
 -rw-r--r--	root/root	usr/include/bits/statfs.h
 -rw-r--r--	root/root	usr/include/bits/statvfs.h
 -rw-r--r--	root/root	usr/include/bits/stdio-ldbl.h
--rw-r--r--	root/root	usr/include/bits/stdio-lock.h
 -rw-r--r--	root/root	usr/include/bits/stdio.h
 -rw-r--r--	root/root	usr/include/bits/stdio2.h
 -rw-r--r--	root/root	usr/include/bits/stdio_lim.h
@@ -1218,7 +1216,6 @@ drwxr-xr-x	root/root	usr/include/sys/
 -rw-r--r--	root/root	usr/include/sys/ioctl.h
 -rw-r--r--	root/root	usr/include/sys/ipc.h
 -rw-r--r--	root/root	usr/include/sys/kd.h
--rw-r--r--	root/root	usr/include/sys/kdaemon.h
 -rw-r--r--	root/root	usr/include/sys/klog.h
 -rw-r--r--	root/root	usr/include/sys/mman.h
 -rw-r--r--	root/root	usr/include/sys/mount.h
@@ -1602,6 +1599,7 @@ lrwxrwxrwx	root/root	usr/lib/libdl.so -> ../../lib/libdl.so.2
 -rw-r--r--	root/root	usr/lib/libmcheck.a
 -rw-r--r--	root/root	usr/lib/libmvec.a
 lrwxrwxrwx	root/root	usr/lib/libmvec.so -> ../../lib/libmvec.so.1
+-rw-r--r--	root/root	usr/lib/libmvec_nonshared.a
 -rw-r--r--	root/root	usr/lib/libnsl.a
 lrwxrwxrwx	root/root	usr/lib/libnsl.so -> ../../lib/libnsl.so.1
 lrwxrwxrwx	root/root	usr/lib/libnss_compat.so -> ../../lib/libnss_compat.so.2
diff --git a/glibc/.md5sum b/glibc/.md5sum
index eb5c5be7..f2d939be 100644
--- a/glibc/.md5sum
+++ b/glibc/.md5sum
@@ -1,11 +1,5 @@
-49019f98ab824254ebeca5aba2f22ab1  CVE-2015-7547.patch
-3972ff7405c89be7f5694bdc28fbd798  CVE-2015-8776.patch
-c0e4a708857a0a50b9a3d1a5cc315763  CVE-2015-8777.patch
-5cd75bfc0789559553b9c708c6b986ac  CVE-2015-8778.patch
-9623a770f7a9781272b8f30761cbe256  CVE-2015-8779.patch
 aaad345ff18993dafe3e44ac947f7157  glibc-2.20-multilib-dirs.patch
-e51e02bf552a0a1fbbdc948fb2f5e83c  glibc-2.22.tar.xz
-a3089fb4572929628052c4509ac85a93  glibc-rh1252570.patch
+456995968f3acadbed39f5eba31678df  glibc-2.23.tar.xz
 96156bec8e05de67384dc93e72bdc313  host.conf
 fbbc215a9b15ba4846f326cc88108057  hosts
 87bb2a93d7887505a39fd65a2ee86b8e  kernel-headers-4.1.tar.xz
diff --git a/glibc/Pkgfile b/glibc/Pkgfile
index dcdf11b9..6d9cef92 100644
--- a/glibc/Pkgfile
+++ b/glibc/Pkgfile
@@ -3,13 +3,11 @@
 # Maintainer:  CRUX System Team, core-ports at crux dot nu
 
 name=glibc
-version=2.22
-release=3
+version=2.23
+release=1
 source=(http://ftp.gnu.org/gnu/glibc/glibc-$version.tar.xz \
 	http://crux.nu/files/distfiles/kernel-headers-4.1.tar.xz \
 	$name-2.20-multilib-dirs.patch \
-	CVE-2015-8779.patch CVE-2015-8778.patch CVE-2015-8777.patch \
-	CVE-2015-8776.patch CVE-2015-7547.patch glibc-rh1252570.patch \
 	hosts resolv.conf nsswitch.conf host.conf ld.so.conf)
 
 build() {
@@ -19,12 +17,6 @@ build() {
 	chown root:root $PKG/usr
 
         patch -p1 -d $SRC/$name-$version -i $SRC/$name-2.20-multilib-dirs.patch
-	patch -p1 -d $SRC/$name-$version -i $SRC/CVE-2015-8779.patch
-	patch -p1 -d $SRC/$name-$version -i $SRC/CVE-2015-8778.patch
-	patch -p1 -d $SRC/$name-$version -i $SRC/CVE-2015-8777.patch
-	patch -p1 -d $SRC/$name-$version -i $SRC/CVE-2015-8776.patch
-	patch -p1 -d $SRC/$name-$version -i $SRC/glibc-rh1252570.patch
-	patch -p1 -d $SRC/$name-$version -i $SRC/CVE-2015-7547.patch
 
 	mkdir $SRC/build
 	cd $SRC/build
diff --git a/glibc/iconv-gconv_trans.c.patch b/glibc/iconv-gconv_trans.c.patch
new file mode 100644
index 00000000..8aec86f9
--- /dev/null
+++ b/glibc/iconv-gconv_trans.c.patch
@@ -0,0 +1,192 @@
+X-Git-Url: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=blobdiff_plain;f=iconv%2Fgconv_trans.c;h=e0835fc66684e63964b1376a0c730a70225f63f4;hp=1e25854ccfa84e4f612320f61e6cafa2f955a7d9;hb=a1a6a401ab0a3c9f15fb7eaebbdcee24192254e8;hpb=e4e7cfd287686d26fce2218ed5b2d383db5e338a
+
+diff --git a/iconv/gconv_trans.c b/iconv/gconv_trans.c
+index 1e25854..e0835fc 100644
+--- a/iconv/gconv_trans.c
++++ b/iconv/gconv_trans.c
+@@ -238,181 +238,12 @@ __gconv_transliterate (struct __gconv_step *step,
+   return __GCONV_ILLEGAL_INPUT;
+ }
+ 
+-
+-/* Structure to represent results of found (or not) transliteration
+-   modules.  */
+-struct known_trans
+-{
+-  /* This structure must remain the first member.  */
+-  struct trans_struct info;
+-
+-  char *fname;
+-  void *handle;
+-  int open_count;
+-};
+-
+-
+-/* Tree with results of previous calls to __gconv_translit_find.  */
+-static void *search_tree;
+-
+-/* We modify global data.   */
+-__libc_lock_define_initialized (static, lock);
+-
+-
+-/* Compare two transliteration entries.  */
+-static int
+-trans_compare (const void *p1, const void *p2)
+-{
+-  const struct known_trans *s1 = (const struct known_trans *) p1;
+-  const struct known_trans *s2 = (const struct known_trans *) p2;
+-
+-  return strcmp (s1->info.name, s2->info.name);
+-}
+-
+-
+-/* Open (maybe reopen) the module named in the struct.  Get the function
+-   and data structure pointers we need.  */
+-static int
+-open_translit (struct known_trans *trans)
+-{
+-  __gconv_trans_query_fct queryfct;
+-
+-  trans->handle = __libc_dlopen (trans->fname);
+-  if (trans->handle == NULL)
+-    /* Not available.  */
+-    return 1;
+-
+-  /* Find the required symbol.  */
+-  queryfct = __libc_dlsym (trans->handle, "gconv_trans_context");
+-  if (queryfct == NULL)
+-    {
+-      /* We cannot live with that.  */
+-    close_and_out:
+-      __libc_dlclose (trans->handle);
+-      trans->handle = NULL;
+-      return 1;
+-    }
+-
+-  /* Get the context.  */
+-  if (queryfct (trans->info.name, &trans->info.csnames, &trans->info.ncsnames)
+-      != 0)
+-    goto close_and_out;
+-
+-  /* Of course we also have to have the actual function.  */
+-  trans->info.trans_fct = __libc_dlsym (trans->handle, "gconv_trans");
+-  if (trans->info.trans_fct == NULL)
+-    goto close_and_out;
+-
+-  /* Now the optional functions.  */
+-  trans->info.trans_init_fct =
+-    __libc_dlsym (trans->handle, "gconv_trans_init");
+-  trans->info.trans_context_fct =
+-    __libc_dlsym (trans->handle, "gconv_trans_context");
+-  trans->info.trans_end_fct =
+-    __libc_dlsym (trans->handle, "gconv_trans_end");
+-
+-  trans->open_count = 1;
+-
+-  return 0;
+-}
+-
+-
+ int
+ internal_function
+ __gconv_translit_find (struct trans_struct *trans)
+ {
+-  struct known_trans **found;
+-  const struct path_elem *runp;
+-  int res = 1;
+-
+-  /* We have to have a name.  */
+-  assert (trans->name != NULL);
+-
+-  /* Acquire the lock.  */
+-  __libc_lock_lock (lock);
+-
+-  /* See whether we know this module already.  */
+-  found = __tfind (trans, &search_tree, trans_compare);
+-  if (found != NULL)
+-    {
+-      /* Is this module available?  */
+-      if ((*found)->handle != NULL)
+-	{
+-	  /* Maybe we have to reopen the file.  */
+-	  if ((*found)->handle != (void *) -1)
+-	    /* The object is not unloaded.  */
+-	    res = 0;
+-	  else if (open_translit (*found) == 0)
+-	    {
+-	      /* Copy the data.  */
+-	      *trans = (*found)->info;
+-	      (*found)->open_count++;
+-	      res = 0;
+-	    }
+-	}
+-    }
+-  else
+-    {
+-      size_t name_len = strlen (trans->name) + 1;
+-      int need_so = 0;
+-      struct known_trans *newp;
+-
+-      /* We have to continue looking for the module.  */
+-      if (__gconv_path_elem == NULL)
+-	__gconv_get_path ();
+-
+-      /* See whether we have to append .so.  */
+-      if (name_len <= 4 || memcmp (&trans->name[name_len - 4], ".so", 3) != 0)
+-	need_so = 1;
+-
+-      /* Create a new entry.  */
+-      newp = (struct known_trans *) malloc (sizeof (struct known_trans)
+-					    + (__gconv_max_path_elem_len
+-					       + name_len + 3)
+-					    + name_len);
+-      if (newp != NULL)
+-	{
+-	  char *cp;
+-
+-	  /* Clear the struct.  */
+-	  memset (newp, '\0', sizeof (struct known_trans));
+-
+-	  /* Store a copy of the module name.  */
+-	  newp->info.name = cp = (char *) (newp + 1);
+-	  cp = __mempcpy (cp, trans->name, name_len);
+-
+-	  newp->fname = cp;
+-
+-	  /* Search in all the directories.  */
+-	  for (runp = __gconv_path_elem; runp->name != NULL; ++runp)
+-	    {
+-	      cp = __mempcpy (__stpcpy ((char *) newp->fname, runp->name),
+-			      trans->name, name_len);
+-	      if (need_so)
+-		memcpy (cp, ".so", sizeof (".so"));
+-
+-	      if (open_translit (newp) == 0)
+-		{
+-		  /* We found a module.  */
+-		  res = 0;
+-		  break;
+-		}
+-	    }
+-
+-	  if (res)
+-	    newp->fname = NULL;
+-
+-	  /* In any case we'll add the entry to our search tree.  */
+-	  if (__tsearch (newp, &search_tree, trans_compare) == NULL)
+-	    {
+-	      /* Yickes, this should not happen.  Unload the object.  */
+-	      res = 1;
+-	      /* XXX unload here.  */
+-	    }
+-	}
+-    }
+-
+-  __libc_lock_unlock (lock);
+-
+-  return res;
++  /* Transliteration module loading has been removed because it never
++     worked as intended and suffered from a security vulnerability.
++     Consequently, this function always fails.  */
++  return 1;
+ }
author	Fredrik Rinnestam <fredrik@crux.nu>	2016-06-12 16:44:44 +0200
committer	Fredrik Rinnestam <fredrik@crux.nu>	2016-06-12 16:44:44 +0200
commit	9373cce37f95662c13ab87ab59140f64470fa925 (patch)
tree	8bfe8a81b515351af9b72c9d021a1c728fe8dab2 /glibc
parent	4cd9051c3ac75d830a3c8b7ad5afc136b4a4997c (diff)
download	core-9373cce37f95662c13ab87ab59140f64470fa925.tar.gz core-9373cce37f95662c13ab87ab59140f64470fa925.tar.xz