kumquat-buildroot/package/glibc
Peter Korsgaard c87fdfb605 glibc: add upstream security patches fixing CVE-2017-1000366 (stack clash)
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH
values to manipulate the heap/stack, causing them to alias, potentially
resulting in arbitrary code execution.  Please note that additional
hardening changes have been made to glibc to prevent manipulation of stack
and heap memory but these issues are not directly exploitable, as such they
have not been given a CVE.

https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

Patches are identical to upstream, except that the ChangeLog modifications
have been stripped.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-28 23:28:47 +02:00
..
0001-sh-Fix-building-with-gcc5-6.patch glibc: remove version choice 2017-06-24 17:42:50 +02:00
0002-CVE-2017-1000366-Ignore-LD_LIBRARY_PATH-for-AT_SECUR.patch glibc: add upstream security patches fixing CVE-2017-1000366 (stack clash) 2017-06-28 23:28:47 +02:00
0003-ld.so-Reject-overly-long-LD_PRELOAD-path-elements.patch glibc: add upstream security patches fixing CVE-2017-1000366 (stack clash) 2017-06-28 23:28:47 +02:00
0004-ld.so-Reject-overly-long-LD_AUDIT-path-elements.patch glibc: add upstream security patches fixing CVE-2017-1000366 (stack clash) 2017-06-28 23:28:47 +02:00
Config.in glibc: remove version choice 2017-06-24 17:42:50 +02:00
glibc.hash glibc: remove version choice 2017-06-24 17:42:50 +02:00
glibc.mk glibc: remove version choice 2017-06-24 17:42:50 +02:00
nsswitch.conf