kumquat-buildroot/package/localedef/2.34-109-gd64b08d5ba7ffbc9155630f4843cf2e271b1629c/0001-HACK-only-build-and-install-localedef.patch
Peter Korsgaard 1983d2e6a3 package/{glibc, localedef}: security bump for additional post-2.34.x fixes
Fixes the following security issues:

  CVE-2022-23219: Passing an overlong file name to the clnt_create
  legacy function could result in a stack-based buffer overflow when
  using the "unix" protocol.  Reported by Martin Sebor.

  CVE-2022-23218: Passing an overlong file name to the svcunix_create
  legacy function could result in a stack-based buffer overflow.

  CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath
  function could result in a memory leak and potential access of
  uninitialized memory.  Reported by Qualys.

  CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd
  function may result in an off-by-one buffer underflow and overflow
  when the current working directory is longer than PATH_MAX and also
  corresponds to the / directory through an unprivileged mount
  namespace.  Reported by Qualys.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-02-05 13:51:09 +01:00

66 lines
2.4 KiB
Diff

From 442e9a3f262c49cf61f9e7bdf12882f0a427666b Mon Sep 17 00:00:00 2001
From: Michael Olbrich <m.olbrich@pengutronix.de>
Date: Mon, 21 May 2018 16:45:02 +0200
Subject: [PATCH] HACK: only build and install localedef
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Upstream: https://git.pengutronix.de/cgit/ptxdist/plain/patches/localedef-glibc-2.27/0001-HACK-only-build-and-install-localedef.patch?id=47116f66f411d4dadfce42c2fdd6d41b351ccfd4
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
---
Rules | 14 ++++++++++----
locale/Makefile | 6 +++---
2 files changed, 13 insertions(+), 7 deletions(-)
diff --git a/Rules b/Rules
index b1137afe71..2aeac31922 100644
--- a/Rules
+++ b/Rules
@@ -216,10 +216,16 @@ binaries-shared-notests = $(filter-out $(binaries-pie) $(binaries-static), \
$(binaries-all-notests))
ifneq "$(strip $(binaries-shared-notests))" ""
-$(addprefix $(objpfx),$(binaries-shared-notests)): %: %.o \
- $(sort $(filter $(common-objpfx)lib%,$(link-libc))) \
- $(addprefix $(csu-objpfx),start.o) $(+preinit) $(+postinit)
- $(+link)
+$(addprefix $(objpfx),$(binaries-shared-notests)): %: %.o
+ $(CC) -o $@ \
+ $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \
+ $(combreloc-LDFLAGS) $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \
+ $(filter-out $(addprefix $(csu-objpfx),start.o \
+ $(start-installed-name))\
+ $(+preinit) \
+ $(link-extra-libs) \
+ $(common-objpfx)libc% $(+postinit),$^) \
+ $(link-extra-libs)
endif
ifneq "$(strip $(binaries-shared-tests))" ""
diff --git a/locale/Makefile b/locale/Makefile
index b7c60681fa..de4cf4003f 100644
--- a/locale/Makefile
+++ b/locale/Makefile
@@ -33,15 +33,15 @@ categories = ctype messages monetary numeric time paper name \
address telephone measurement identification collate
aux = $(categories:%=lc-%) $(categories:%=C-%) SYS_libc C_name \
xlocale localename global-locale coll-lookup
-others = localedef locale
+others = localedef
#others-static = localedef locale
-install-bin = localedef locale
+install-bin = localedef
extra-objs = $(localedef-modules:=.o) $(localedef-aux:=.o) \
$(locale-modules:=.o) $(lib-modules:=.o)
generated += C-translit.h
before-compile += $(objpfx)C-translit.h
-extra-libs = libBrokenLocale
+#extra-libs = libBrokenLocale
extra-libs-others = $(extra-libs)
libBrokenLocale-routines = broken_cur_max
--
2.33.0