8519de517e
Fixes the following security issues: CVE-2023-4527: If the system is configured in no-aaaa mode via /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address family, and a DNS response is received over TCP that is larger than 2048 bytes, getaddrinfo may potentially disclose stack contents via the returned address data, or crash. CVE-2023-4806: When an NSS plugin only implements the _gethostbyname2_r and _getcanonname_r callbacks, getaddrinfo could use memory that was freed during buffer resizing, potentially causing a crash or read or write to arbitrary memory. CVE-2023-5156: The fix for CVE-2023-4806 introduced a memory leak when an application calls getaddrinfo for AF_INET6 with AI_CANONNAME, AI_ALL and AI_V4MAPPED flags set. CVE-2023-4911: If a tunable of the form NAME=NAME=VAL is passed in the environment of a setuid program and NAME is valid, it may result in a buffer overflow, which could be exploited to achieve escalated privileges. This flaw was introduced in glibc 2.34. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
57 lines
1.8 KiB
Makefile
57 lines
1.8 KiB
Makefile
################################################################################
|
|
#
|
|
# localedef
|
|
#
|
|
################################################################################
|
|
|
|
# Use the same VERSION and SITE as target glibc
|
|
# As in glibc.mk, generate version string using:
|
|
# git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master | cut -d '-' -f 2-
|
|
LOCALEDEF_VERSION = 2.38-27-g750a45a783906a19591fb8ff6b7841470f1f5701
|
|
LOCALEDEF_SOURCE = glibc-$(LOCALEDEF_VERSION).tar.gz
|
|
LOCALEDEF_SITE = $(call github,bminor,glibc,$(LOCALEDEF_VERSION))
|
|
HOST_LOCALEDEF_DL_SUBDIR = glibc
|
|
|
|
HOST_LOCALEDEF_DEPENDENCIES = \
|
|
$(BR2_MAKE_HOST_DEPENDENCY) \
|
|
$(BR2_PYTHON3_HOST_DEPENDENCY) \
|
|
host-bison \
|
|
host-gawk
|
|
|
|
HOST_LOCALEDEF_CONF_ENV += ac_cv_prog_MAKE="$(BR2_MAKE)"
|
|
|
|
# Even though we use the autotools-package infrastructure, we have to override
|
|
# the default configure commands for since we have to build out-of-tree, but we
|
|
# can't use the same 'symbolic link to configure' used with the gcc packages.
|
|
define HOST_LOCALEDEF_CONFIGURE_CMDS
|
|
mkdir -p $(@D)/build
|
|
# Do the configuration
|
|
(cd $(@D)/build; \
|
|
$(HOST_LOCALEDEF_CONF_ENV) \
|
|
$(HOST_CONFIGURE_OPTS) \
|
|
$(SHELL) $(@D)/configure \
|
|
libc_cv_forced_unwind=yes \
|
|
libc_cv_ssp=no \
|
|
--target=$(GNU_HOST_NAME) \
|
|
--host=$(GNU_HOST_NAME) \
|
|
--build=$(GNU_HOST_NAME) \
|
|
--prefix=/usr \
|
|
--with-pkgversion="Buildroot" \
|
|
--without-cvs \
|
|
--disable-profile \
|
|
--without-gd \
|
|
--enable-obsolete-rpc)
|
|
endef
|
|
|
|
define HOST_LOCALEDEF_BUILD_CMDS
|
|
$(HOST_MAKE_ENV) $(BR2_MAKE1) $(HOST_LOCALEDEF_MAKE_OPTS) \
|
|
-C $(@D)/build locale/others
|
|
endef
|
|
|
|
# The makefile does not implement an install target for localedef
|
|
define HOST_LOCALEDEF_INSTALL_CMDS
|
|
$(INSTALL) -D -m 0755 $(@D)/build/locale/localedef $(HOST_DIR)/bin/localedef
|
|
endef
|
|
|
|
$(eval $(host-autotools-package))
|