[packages/glibc] - up to 2.22; fixes CVE-2015-1781, CVE-2014-8121

arekm arekm at pld-linux.org
Wed Aug 5 20:50:55 CEST 2015 

commit ed35cb325dd3c676523eaf8d39b6b4f326f6f7b3
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date:   Wed Aug 5 20:50:45 2015 +0200

    - up to 2.22; fixes CVE-2015-1781, CVE-2014-8121

 fix-broken-echo.patch    | 46 ----------------------------------------------
 glibc-locale_fixes.patch |  4 ++--
 glibc-morelocales.patch  | 11 ++++++-----
 glibc-new-charsets.patch | 18 +++---------------
 glibc.spec               | 15 ++++++++-------
 5 files changed, 19 insertions(+), 75 deletions(-)
---
diff --git a/glibc.spec b/glibc.spec
index cc5f469..806af5a 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -27,7 +27,7 @@
 %undefine	with_memusage
 %endif
 
-%define		core_version	2.21
+%define		core_version	2.22
 %define		llh_version	7:2.6.32.1-1
 
 Summary:	GNU libc
@@ -41,12 +41,12 @@ Summary(tr.UTF-8):	GNU libc
 Summary(uk.UTF-8):	GNU libc версії
 Name:		glibc
 Version:	%{core_version}
-Release:	6
+Release:	0.1
 Epoch:		6
 License:	LGPL v2.1+
 Group:		Libraries
 Source0:	http://ftp.gnu.org/gnu/glibc/%{name}-%{version}.tar.xz
-# Source0-md5:	9cb398828e8f84f57d1f7d5588cf40cd
+# Source0-md5:	e51e02bf552a0a1fbbdc948fb2f5e83c
 Source2:	nscd.init
 Source3:	nscd.sysconfig
 Source4:	nscd.logrotate
@@ -88,7 +88,6 @@ Patch28:	%{name}-locale-C-pld.patch
 Patch29:	%{name}-arm-alignment-fix.patch
 Patch30:	glibc-rh1124987.patch
 
-Patch33:	fix-broken-echo.patch
 Patch38:	1055_all_glibc-resolv-dynamic.patch
 URL:		http://www.gnu.org/software/libc/
 %{?with_selinux:BuildRequires:	audit-libs-devel}
@@ -988,8 +987,6 @@ exit 1
 %patch29 -p1
 %patch30 -p1
 
-%patch33 -p1
-
 %patch38 -p1
 
 # cleanup backups after patching
@@ -1094,7 +1091,7 @@ install -p glibc-postinst				$RPM_BUILD_ROOT/sbin
 mv -f $RPM_BUILD_ROOT/%{_lib}/libpcprofile.so	$RPM_BUILD_ROOT%{_libdir}
 
 # make symlinks across top-level directories absolute
-for l in BrokenLocale anl cidn crypt dl m nsl resolv rt thread_db util; do
+for l in BrokenLocale anl cidn crypt dl mvec nsl resolv rt thread_db util; do
 	test -L $RPM_BUILD_ROOT%{_libdir}/lib${l}.so || exit 1
 	%{__rm} $RPM_BUILD_ROOT%{_libdir}/lib${l}.so
 	ln -sf /%{_lib}/$(basename $RPM_BUILD_ROOT/%{_lib}/lib${l}.so.*) $RPM_BUILD_ROOT%{_libdir}/lib${l}.so
@@ -1416,6 +1413,8 @@ fi
 %else
 %attr(755,root,root) /%{_lib}/libm.so.6
 %endif
+%attr(755,root,root) /%{_lib}/libmvec-%{core_version}.so
+%attr(755,root,root) /%{_lib}/libmvec.so.1
 %attr(755,root,root) /%{_lib}/libnsl-%{core_version}.so
 %ifarch alpha
 %attr(755,root,root) /%{_lib}/libnsl.so.1.1
@@ -1800,6 +1799,7 @@ fi
 %attr(755,root,root) %{_libdir}/libcidn.so
 %attr(755,root,root) %{_libdir}/libdl.so
 %attr(755,root,root) %{_libdir}/libm.so
+%attr(755,root,root) %{_libdir}/libmvec.so
 %attr(755,root,root) %{_libdir}/libnsl.so
 %attr(755,root,root) %{_libdir}/libpcprofile.so
 %attr(755,root,root) %{_libdir}/libresolv.so
@@ -1939,6 +1939,7 @@ fi
 %{_libdir}/libdl.a
 %{_libdir}/libm.a
 %{_libdir}/libmcheck.a
+%{_libdir}/libmvec.a
 %{_libdir}/libnsl.a
 %{_libdir}/libpthread.a
 %{_libdir}/libresolv.a
diff --git a/fix-broken-echo.patch b/fix-broken-echo.patch
deleted file mode 100644
index fe0f3f4..0000000
--- a/fix-broken-echo.patch
+++ /dev/null
@@ -1,46 +0,0 @@
---- glibc-2.20/sysdeps/unix/make-syscalls.sh.orig	2014-09-07 10:09:09.000000000 +0200
-+++ glibc-2.20/sysdeps/unix/make-syscalls.sh	2014-12-21 17:54:48.973388216 +0100
-@@ -276,28 +276,33 @@
-     vdso_symbol="${vdso_syscall%@*}"
-     vdso_symver="${vdso_syscall#*@}"
-     vdso_symver=`echo "$vdso_symver" | sed 's/\./_/g'`
--    echo "\
-+    cat <<EOF
-+
- \$(foreach p,\$(sysd-rules-targets),\$(objpfx)\$(patsubst %,\$p,$file).os): \\
--		\$(..)sysdeps/unix/make-syscalls.sh\
-+		\$(..)sysdeps/unix/make-syscalls.sh
- 	\$(make-target-directory)
- 	(echo '#include <dl-vdso.h>'; \\
--	 echo 'extern void *${strong}_ifunc (void) __asm (\"${strong}\");'; \\
-+	 echo 'extern void *${strong}_ifunc (void) __asm ("${strong}");'; \\
- 	 echo 'void *'; \\
- 	 echo '${strong}_ifunc (void)'; \\
- 	 echo '{'; \\
- 	 echo '  PREPARE_VERSION_KNOWN (symver, ${vdso_symver});'; \\
--	 echo '  return _dl_vdso_vsym (\"${vdso_symbol}\", &symver);'; \\
-+	 echo '  return _dl_vdso_vsym ("${vdso_symbol}", &symver);'; \\
- 	 echo '}'; \\
--	 echo 'asm (\".type ${strong}, %gnu_indirect_function\");'; \\"
-+	 echo 'asm (".type ${strong}, %gnu_indirect_function");'; \\
-+EOF
-     # This is doing "libc_hidden_def (${strong})", but the compiler
-     # doesn't know that we've defined ${strong} in the same file, so
-     # we can't do it the normal way.
--    echo "\
--	 echo 'asm (\".globl __GI_${strong}\\n\"'; \\
--	 echo '     \"__GI_${strong} = ${strong}\");'; \\"
-+    cat <<EOF
-+	 echo 'asm (".globl __GI_${strong}");'; \\
-+	 echo 'asm ("__GI_${strong} = ${strong}");'; \\
-+EOF
-     emit_weak_aliases
--    echo '	) | $(compile-stdin.c) '"\
--\$(foreach p,\$(patsubst %$file,%,\$(basename \$(@F))),\$(\$(p)CPPFLAGS))"
-+    cat <<EOF
-+	) | \$(compile-stdin.c) \
-+\$(foreach p,\$(patsubst %$file,%,\$(basename \$(@F))),\$(\$(p)CPPFLAGS))
-+EOF
-   fi
- 
-   if test $shared_only = t; then
diff --git a/glibc-locale_fixes.patch b/glibc-locale_fixes.patch
index 1f018ed..1d0350b 100644
--- a/glibc-locale_fixes.patch
+++ b/glibc-locale_fixes.patch
@@ -587,7 +587,7 @@
  LC_NAME
  % FIXME
  
--name_fmt  ""
+-name_fmt  " "
 +name_fmt  "<U0025><U0070><U0025><U0074><U0025><U0066><U0025><U0074><U0025><U0067>"
  % name_gen	"FIXME"
  % name_miss	"FIXME"
@@ -608,7 +608,7 @@
  
  LC_NAME
  % FIXME
--name_fmt	""
+-name_fmt	" "
 +name_fmt	"<U0025><U0070><U0025><U0074><U0025><U0066><U0025><U0074><U0025><U0067>"
  % name_gen	"FIXME"
  % name_miss	"FIXME"
diff --git a/glibc-morelocales.patch b/glibc-morelocales.patch
index 953d3b1..54a0d9b 100644
--- a/glibc-morelocales.patch
+++ b/glibc-morelocales.patch
@@ -6500,7 +6500,7 @@ diff -Nur glibc/localedata/locales.orig/shn_MM glibc/localedata/locales/shn_MM
  ber_MA/UTF-8 \
  bg_BG.UTF-8/UTF-8 \
  bg_BG/CP1251 \
- bh_IN.UTF-8/UTF-8 \
+ bhb_IN.UTF-8/UTF-8 \
  bho_IN/UTF-8 \
  bn_BD/UTF-8 \
  bn_IN/UTF-8 \
@@ -6712,7 +6712,7 @@ diff -Nur glibc/localedata/locales.orig/shn_MM glibc/localedata/locales/shn_MM
  ss_ZA/UTF-8 \
  st_ZA.UTF-8/UTF-8 \
  st_ZA/ISO-8859-1 \
-@@ -396,14 +455,20 @@
+@@ -396,15 +455,21 @@
  sv_FI at euro/ISO-8859-15 \
  sv_SE.UTF-8/UTF-8 \
  sv_SE/ISO-8859-1 \
@@ -6725,6 +6725,7 @@ diff -Nur glibc/localedata/locales.orig/shn_MM glibc/localedata/locales/shn_MM
  szl_PL/UTF-8 \
  ta_IN/UTF-8 \
  ta_LK/UTF-8 \
+ tcy_IN.UTF-8/UTF-8 \
  te_IN/UTF-8 \
 +tg_TJ.KOI8-K/KOI8-K \
  tg_TJ.UTF-8/UTF-8 \
@@ -6749,10 +6750,10 @@ diff -Nur glibc/localedata/locales.orig/shn_MM glibc/localedata/locales/shn_MM
 +tt_RU.TATAR-CYR/TATAR-CYR \
  tt_RU/UTF-8 \
  tt_RU at iqtelif/UTF-8 \
- tu_IN.UTF-8/UTF-8 \
  ug_CN/UTF-8 \
  uk_UA.UTF-8/UTF-8 \
  uk_UA/KOI8-U \
+ unm_US/UTF-8 \
 @@ -426,8 +495,9 @@
  uk_UA/KOI8-U \
  unm_US/UTF-8 \
@@ -6765,7 +6766,7 @@ diff -Nur glibc/localedata/locales.orig/shn_MM glibc/localedata/locales/shn_MM
  ve_ZA/UTF-8 \
 --- glibc-2.19/locale/iso-639.def.orig	2014-02-07 10:04:38.000000000 +0100
 +++ glibc-2.19/locale/iso-639.def	2014-02-13 20:30:45.341452266 +0100
-@@ -238,6 +239,7 @@
+@@ -238,6 +238,7 @@
  DEFINE_LANGUAGE_CODE ("Kanuri", kr, kau, kau)
  DEFINE_LANGUAGE_CODE3 ("Kara-Kalpak", kaa, kaa)
  DEFINE_LANGUAGE_CODE3 ("Karachay-Balkar", krc, krc)
@@ -6773,7 +6774,7 @@ diff -Nur glibc/localedata/locales.orig/shn_MM glibc/localedata/locales/shn_MM
  DEFINE_LANGUAGE_CODE3 ("Karelian", krl, krl)
  DEFINE_LANGUAGE_CODE3 ("Karen", kar, kar)
  DEFINE_LANGUAGE_CODE ("Kashmiri", ks, kas, kas)
-@@ -400,6 +402,7 @@
+@@ -400,6 +401,7 @@
  DEFINE_LANGUAGE_CODE3 ("Samaritan Aramaic", sam, sam)
  DEFINE_LANGUAGE_CODE3 ("Sami languages (Other)", smi, smi)
  DEFINE_LANGUAGE_CODE ("Samoan", sm, smo, smo)
diff --git a/glibc-new-charsets.patch b/glibc-new-charsets.patch
index 02b628b..69554ea 100644
--- a/glibc-new-charsets.patch
+++ b/glibc-new-charsets.patch
@@ -742,21 +742,9 @@ diff -uNr libc/localedata/charmaps/ISIRI-3342 libc.charsets/localedata/charmaps/
 +%      the change in the mirroring behaviour of U+00AB and U+00BB
 +%      between versions 2.1.5 and 2.1.8 of the Unicode Standard.
 +
- % I think the mnemonic for upper space (0xA0) should be different from
- % lower space (0x20). Because the semantics are different, although they
- % are mapped to a single Unicode character. This is specially important
-@@ -18,9 +27,9 @@
- % invented on the pattern of Unicode character names. --RP
- %
- % NOTE: Some entries were missing in the mnemonics.ds file; We invented our
--% own. Those are: <zwnj>, <zwj>, <!+>, <Rl>, <%+>, <.+>, <,f>, <(+>,
-+% own. Those are: <zwnj>, <zwj>, <!+>, <Rl>, <%+>, <.a>, <,f>, <(+>,
- % <)+>, <*X+>, <+f>, <-f>, <.f>, <//f>, <0f>..<9f>, <:f>, <<f>, <=f>,
--% </>f>, <kf>, <yf>, <)/>+>, <<(+>, <!)+>, <(!+>, <<<+>, </>/>+>, <*+>,
-+% </>f>, <yf>, <)/>+>, <<(+>, <!)+>, <(!+>, <<<+>, </>/>+>, <*+>,
- % <!!+>, and <////+>. Also, all character sequences
- % <NU>..<US>, <SP>, <DT> have counter-parts <NU+>..<US+>, <SP+>, <DT+>
-  
+ % Please note that the Unicode equivalents of the Persian part (0x80..0xFF)
+ % are for compatiblity purposes only. I have also changed the fourth
+ % column consisting of names to reflect the difference. The names are
 @@ -153,6 +162,7 @@
  <U007D>     /x7d         RIGHT CURLY BRACKET
  <U007E>     /x7e         TILDE
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/glibc.git/commitdiff/ed35cb325dd3c676523eaf8d39b6b4f326f6f7b3

More information about the pld-cvs-commit mailing list