kumquat-buildroot/package/glibc/glibc.hash

# Locally calculated (fetched from Github)
sha256  0766875391224153502c5542a71b6e46db53b44691078b3130e1a0df41586430     glibc-glibc-2.26-107-g73a92363619e52c458146e903dfb9b1ba823aa40.tar.gz
# Locally calculated (fetched from Github)
sha256  5aa9adeac09727db0b8a52794186563771e74d70410e9fd86431e339953fd4bb     glibc-arc-2017.09-release.tar.gz
package/glibc: switch to using the maintenance branch glibc upstream has ruled against doing regular point-releases, but they do have a lot of interesting and important fixes for regressions and security. Backporting each patch, or cherry-picking individual patches is off limits for us, so we just switch to using the currently-latest HEAD of the maintenance branch instead. The version number is obtained with: $ git describe --match 'glibc-*' --abbrev=40 origin/release/2.26/master The alternative options were: - download the tarball from the git tree --> does not work; not an option - download the 2.26 tarball, and bundle the individual patches in Buildroot --> maintenance of patches is a burden; not an option - download the 2.26 tarball, maintain the list of patches to download from the git tree --> not an option for the same reason So we end up just doing a git clone. The git tree is today about ten times the size of the tarball, so a rough estimate makes it at about ten times the download time. Also upstream doesn't officially provide an https download location [1]. There is one but it's not reliable, sometimes the connection time out and end-up with a corrupted git repo: fatal: unable to access 'https://sourceware.org/git/glibc.git/': Failed to connect to sourceware.org port 443: Connection timed out So switch to using a git mirror from github which is updated once a day [2]. This allow at the same time to clone the git repository faster. Note: The glibc 2.26 patches are not kept for the arc toolchain since they are fixing an issue with the new float128 support introduced in x86, x86_64 and powerpc64le. [1] https://sourceware.org/git/?p=glibc.git;a=summary [2] https://github.com/bminor/glibc.git Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Romain Naour <romain.naour@openwide.fr> Cc: Peter Korsgaard <peter@korsgaard.com> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Cc: Arnout Vandecappelle <arnout@mind.be> Cc: Evgeniy Didin <didin@synopsys.com> CC: Alexey Brodkin <abrodkin@synopsys.com> [Romain: bump 4b692dffb95ac4812b161eb6a16113d7e824982e] Signed-off-by: Romain Naour <romain.naour@gmail.com> [yann.morin.1998@free.fr: update comment to never decide on the mirror] Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Reviewed-by: Romain Naour <romain.naour@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-10-29 10:52:48 +01:00			`# Locally calculated (fetched from Github)`
glibc: security bump to the latest 2.26 branch List of fixes from the 2.26 branch NEWS files: CVE-2017-15670: The glob function, when invoked with GLOB_TILDE, suffered from a one-byte overflow during ~ operator processing (either on the stack or the heap, depending on the length of the user name). Reported by Tim Rühsen. CVE-2017-15671: The glob function, when invoked with GLOB_TILDE, would sometimes fail to free memory allocated during ~ operator processing, leading to a memory leak and, potentially, to a denial of service. CVE-2017-15804: The glob function, when invoked with GLOB_TILDE and without GLOB_NOESCAPE, could write past the end of a buffer while unescaping user names. Reported by Tim Rühsen. CVE-2017-17426: The malloc function, when called with an object size near the value SIZE_MAX, would return a pointer to a buffer which is too small, instead of NULL. This was a regression introduced with the new malloc thread cache in glibc 2.26. Reported by Iain Buclaw. Cc: Waldemar Brodkorb <wbx@openadk.org> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2017-12-08 08:12:56 +01:00			`sha256 0766875391224153502c5542a71b6e46db53b44691078b3130e1a0df41586430 glibc-glibc-2.26-107-g73a92363619e52c458146e903dfb9b1ba823aa40.tar.gz`
toolchain: add glibc support for ARCv2 Finally there's working ARC port of glibc thanks to Vineet and Cuper! This port is based on pretty recent glibc's master branch and ARC changes are being reviewed now in glibc's mailing list. Thus we again have to use sources from our GitHub but as soon as there's a glibc release with our patches applied we'll switch to upstream releases and will drop our glibc GitHub repo alltogether. Note now we cut tags in glibc repo simultaneously with tags in Binutils and GCC repos and so to make sure everything works in the best way we plan to update glibc tag together with Binutils and GCC. Also note as of today ARCompact (AKA ARCv1 ISA) is not supported in glibc but we plan to fix it soonish so for now we make glibc intentionally dependent on archs38. Also note we are not creating directory "2.26" because all patches for glibc ver 2.26 applies to arc glibc port. Signed-off-by: Evgeniy Didin <didin@synopsys.com> CC: Alexey Brodkin <abrodkin@synopsys.com> CC: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> CC: Waldemar Brodkorb <wbx@openadk.org> CC: Romain Naour <romain.naour@gmail.com> Cc: Cupertino Miranda <cmiranda@synopsys.com> Cc: Vineet Gupta <vgupta@synopsys.com> Cc: Anton Kolesov <akolesov@synopsys.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-10-10 15:31:50 +02:00			`# Locally calculated (fetched from Github)`
toolchain: Bump ARC tools to arc-2017.09 release This commit finally bumps ARC tools to the most recent arc-2017.09 release version. ARC GNU tools of version arc-2017.09 bring some quite significant changes like: * Binutils v2.29 with additional ARC patches * GCC 7.1.1 with additional ARC patches * glibc 2.26 with additional ARC patches More information on this release could be found here: https://github.com/foss-for-synopsys-dwc-arc-processors/toolchain/releases/tag/arc-2017.09-release Signed-off-by: Evgeniy Didin <didin@synopsys.com> Cc: Alexey Brodkin <abrodkin@synopsys.com> Cc: arc-buildroot@synopsys.com Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> 2017-11-01 15:04:31 +01:00			`sha256 5aa9adeac09727db0b8a52794186563771e74d70410e9fd86431e339953fd4bb glibc-arc-2017.09-release.tar.gz`