package/glibc: security bump to 2.27

See: https://sourceware.org/ml/libc-announce/2018/msg00000.html https://sourceware.org/glibc/wiki/Release/2.27 Fixes the following CVEs: CVE-2017-1000408 CVE-2017-1000409 CVE-2017-16997 CVE-2018-1000001 CVE-2018-6485 While at it, add license file hashes. Signed-off-by: Romain Naour <romain.naour@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-02-05 21:57:16 +01:00 · 2018-02-05 21:57:16 +01:00 · c032e6825a
commit c032e6825a
parent 98b68d08fa
2 changed files with 6 additions and 2 deletions
--- a/package/glibc/glibc.hash
+++ b/package/glibc/glibc.hash
@ -1,4 +1,8 @@
 # Locally calculated (fetched from Github)
-sha256  0766875391224153502c5542a71b6e46db53b44691078b3130e1a0df41586430     glibc-glibc-2.26-107-g73a92363619e52c458146e903dfb9b1ba823aa40.tar.gz
+sha256  a74489d14f4017bee6a6c6fe76f1de0dbf7d66c8695116de5aadd141c4757892     glibc-glibc-2.27.tar.gz
 # Locally calculated (fetched from Github)
 sha256  5aa9adeac09727db0b8a52794186563771e74d70410e9fd86431e339953fd4bb     glibc-arc-2017.09-release.tar.gz
+
+sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  COPYING
+sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  COPYING.LIB
+sha256  61abdd6930c9c599062d89e916b3e7968783879b6be0ee1c6229dd6169def431  LICENSES
--- a/package/glibc/glibc.mk
+++ b/package/glibc/glibc.mk
@ -10,7 +10,7 @@ GLIBC_SITE = $(call github,foss-for-synopsys-dwc-arc-processors,glibc,$(GLIBC_VE
 else
 # Generate version string using:
 #   git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master
-GLIBC_VERSION = glibc-2.26-107-g73a92363619e52c458146e903dfb9b1ba823aa40
+GLIBC_VERSION = glibc-2.27
 # Upstream doesn't officially provide an https download link.
 # There is one (https://sourceware.org/git/glibc.git) but it's not reliable,
 # sometimes the connection times out. So use an unofficial github mirror.