Context Navigation

← Previous Changeset
Next Changeset →

Changeset bb189b0

Timestamp:

04/24/2015 03:19:38 AM (9 years ago)

Author:

Bruce Dubbs <bdubbs@…>

Branches:

10.0, 10.0-rc1, 10.1, 10.1-rc1, 11.0, 11.0-rc1, 11.0-rc2, 11.0-rc3, 11.1, 11.1-rc1, 11.2, 11.2-rc1, 11.3, 11.3-rc1, 12.0, 12.0-rc1, 12.1, 12.1-rc1, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, arm, bdubbs/gcc13, ml-11.0, multilib, renodr/libudev-from-systemd, s6-init, trunk, xry111/arm64, xry111/arm64-12.0, xry111/clfs-ng, xry111/lfs-next, xry111/loongarch, xry111/loongarch-12.0, xry111/loongarch-12.1, xry111/mips64el, xry111/pip3, xry111/rust-wip-20221008, xry111/update-glibc

Children:

320fdc6

Parents:

41727289

Message:

Added a fix for security issue in Glibc (CVE-2015-1781).
Thanks to Ken Moffat for identifying the proplem and the fix.

Fixed Ncurses and Perl build with GCC 5. Thanks to Ken Moffat and
Douglas R. Reno for providing the patches.

Updated to GCC-5.1.0. Imported changes from systemd version.

git-svn-id: http://svn.linuxfromscratch.org/LFS/trunk/BOOK@10903 4aa44e1e-78dd-0310-a6d2-fbcd4c07a689

Files:

: 12 edited

chapter01/changelog.xml (modified) (1 diff)
chapter01/whatsnew.xml (modified) (2 diffs)
chapter03/patches.xml (modified) (1 diff)
chapter05/glibc.xml (modified) (4 diffs)
chapter05/libstdc++.xml (modified) (2 diffs)
chapter05/ncurses.xml (modified) (1 diff)
chapter06/glibc.xml (modified) (2 diffs)
chapter06/ncurses.xml (modified) (1 diff)
chapter06/perl.xml (modified) (1 diff)
general.ent (modified) (2 diffs)
packages.ent (modified) (1 diff)
patches.ent (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

chapter01/changelog.xml

-              r41727289
+              rbb189b0
     <listitem>
+      <para>2015-04-24</para>
+      <itemizedlist>
+        <listitem>
+          <para>[krejzi] - Added a fix for security issue
+          in Glibc (CVE-2015-1781). Thanks to Ken Moffat
+          for identifying the proplem and the fix.</para>
+        </listitem>
+        <listitem>
+          <para>[krejzi] - Fixed Ncurses and Perl build
+          with GCC 5. Thanks to Ken Moffat and Douglas
+          R. Reno for providing the patches.</para>
+        </listitem>
+        <listitem>
+          <para>[krejzi] - Updated to GCC-5.1.0. Fixes
+          <ulink url="&lfs-ticket-root;3779">#3779</ulink>.</para>
+        </listitem>
+      </itemizedlist>
+    </listitem>
+    <listitem>
       <para>2015-04-21</para>
       <itemizedlist>

chapter01/whatsnew.xml

-              r41727289
+              rbb189b0
       <para>Gawk &gawk-version;</para>
     </listitem>-->
     <!--<listitem>
+    <listitem>
       <para>GCC &gcc-version;</para>
     </listitem>-->
+    </listitem>
     <!--<listitem>
       <para>GDBM &gdbm-version;</para>
 …
     </listitem>
+    <listitem>
+      <para>&ncurses-gcc5-buildfixes-patch;</para>
+    </listitem>
+    <listitem>
+      <para>&perl-gcc5-fixes-patch;</para>
+    </listitem>
     <!--<listitem>
       <para>&bash-fixes-patch;</para>

chapter03/patches.xml

-              r41727289
+              rbb189b0
       </listitem>
     </varlistentry>
+<!--
     <varlistentry>
       <term>Perl Data::Dumper Patch - <token>&perl-fix-patch-size;</token>:</term>
+      <term>Ncurses GCC 5 Fixes Patch - <token>&ncurses-gcc5-buildfixes-patch-size;</token>:</term>
       <listitem>
         <para>Download: <ulink url="&patches-root;&perl-fix-patch;"/></para>
         <para>MD5 sum: <literal>&perl-fix-patch-md5;</literal></para>
+        <para>Download: <ulink url="&patches-root;&ncurses-gcc5-buildfixes-patch;"/></para>
+        <para>MD5 sum: <literal>&ncurses-gcc5-buildfixes-patch-md5;</literal></para>
       </listitem>
     </varlistentry>
+-->
+    <varlistentry>
+      <term>Perl GCC 5 Fixes Patch - <token>&perl-gcc5-fixes-patch-size;</token>:</term>
+      <listitem>
+        <para>Download: <ulink url="&patches-root;&perl-gcc5-fixes-patch;"/></para>
+        <para>MD5 sum: <literal>&perl-gcc5-fixes-patch-md5;</literal></para>
+      </listitem>
+    </varlistentry>
     <varlistentry>
       <term>Readline Upstream Fixes Patch - <token>&readline-fixes-patch-size;</token>:</term>

chapter05/glibc.xml

-              r41727289
+              rbb189b0
     <title>Installation of Glibc</title>
+<!-- The enable-obsolete-rpc should handle this just fine.
     <para>In some cases, particularly LFS 7.1, the rpc headers were not
     installed properly.  Test to see if they are installed in the host system
 …
   su -c 'cp -v sunrpc/rpc/*.h /usr/include/rpc'
 fi</userinput></screen>
+-->
     <para>Fix a regression in the package that affects 32-bit architectures:</para>
 …
       --disable-profile                             \
       --enable-kernel=&min-kernel;                        \
+      --enable-obsolete-rpc                         \
       --with-headers=/tools/include                 \
       libc_cv_forced_unwind=yes                     \
 …
           for &min-kernel; and later Linux kernels.  Workarounds for older
           kernels are not enabled.</para>
+        </listitem>
+      </varlistentry>
+      <varlistentry>
+        <term><parameter>--enable-obsolete-rpc</parameter></term>
+        <listitem>
+          <para>This installs NIS and RPC related headers that are not
+          installed by default. They are required to build GCC and by
+          several BLFS packages.</para>
         </listitem>
       </varlistentry>

chapter05/libstdc++.xml

-              r41727289
+              rbb189b0
     <para>Create a directory for Libstdc++ and enter it:</para>
 <screen><userinput remap="pre">mkdir -pv ../gcc-build
+<screen><userinput remap="pre">mkdir -v ../gcc-build
 cd ../gcc-build</userinput></screen>
 …
     --prefix=/tools                 \
     --disable-multilib              \
-    --disable-shared                \
     --disable-nls                   \
     --disable-libstdcxx-threads     \

chapter05/ncurses.xml

-              r41727289
+              rbb189b0
   <sect2 role="installation">
     <title>Installation of Ncurses</title>
+    <para>First, apply a patch to prevent a build failure
+    when building with GCC 5:</para>
+<screen><userinput remap="pre">patch -Np1 -i ../&ncurses-gcc5-buildfixes-patch;</userinput></screen>
     <para>Prepare Ncurses for compilation:</para>

chapter06/glibc.xml

-              r41727289
+              rbb189b0
     -i  sysdeps/i386/i686/multiarch/mempcpy_chk.S</userinput></screen>
+    <para>Fix a potential security issue identified upstream:</para>
+<screen><userinput remap="pre">sed -i '/glibc.*pad/{i\  buflen = buflen > pad ? buflen - pad : 0;
+                     s/ + pad//}' resolv/nss_dns/dns-host.c</userinput></screen>
+    <para>Fix a test case that fails when built using GCC 5:</para>
+<screen><userinput remap="pre">sed -e '/tst-audit2-ENV/i CFLAGS-tst-audit2.c += -fno-builtin' \
+    -i elf/Makefile</userinput></screen>
     <para>The Glibc documentation recommends building Glibc outside of the source
     directory in a dedicated build directory:</para>
 …
     --enable-kernel=&min-kernel; \
     --enable-obsolete-rpc</userinput></screen>
-    <variablelist>
-      <title>The meaning of the new configure options:</title>
-      <varlistentry>
-        <term><parameter>--enable-obsolete-rpc</parameter></term>
-        <listitem>
-          <para>Installs NIS and RPC related headers that are not installed by
-          default; these are required to rebuild Glibc and by several BLFS
-          packages.</para>
-        </listitem>
-      </varlistentry>
-    </variablelist>
     <para>Compile the package:</para>

chapter06/ncurses.xml

-              r41727289
+              rbb189b0
   <sect2 role="installation">
     <title>Installation of Ncurses</title>
+    <para>First, apply a patch to prevent a build failure
+    when building with GCC 5:</para>
+<screen><userinput remap="pre">patch -Np1 -i ../&ncurses-gcc5-buildfixes-patch;</userinput></screen>
     <para>Don't install a static library that is not handled by configure:</para>

chapter06/perl.xml

-              r41727289
+              rbb189b0
 <screen><userinput remap="pre">export BUILD_ZLIB=False
 export BUILD_BZIP2=0</userinput></screen>
+<!--
+    <para>Fix a potential security problem:</para>
+<screen><userinput remap="pre">patch -Np1 -i ../&perl-fix-patch;</userinput></screen>
+-->
+    <para>Apply a patch to allow the Errno.pm module and the h2ph
+    program to build correctly when building with GCC 5:</para>
+<screen><userinput remap="pre">patch -Np1 -i ../&perl-gcc5-fixes-patch;</userinput></screen>
     <para>To have full control over the way Perl is set up, you can remove the
     <quote>-des</quote> options from the following command and hand-pick the way

general.ent

-              r41727289
+              rbb189b0
 <!ENTITY version         "SVN-20150421">
+<!ENTITY version         "SVN-20150424">
 <!ENTITY short-version   "svn">  <!-- Used below in &blfs-book;. Change to x.y for release
                                       but not -rc releases -->
 <!ENTITY releasedate     "April 21, 2015">
+<!ENTITY releasedate     "April 24, 2015">
 <!ENTITY copyrightdate   "1999-2015"><!-- jhalfs needs a literal dash, not &ndash; -->
 <!ENTITY milestone       "7.8">
 …
 <!ENTITY lfs-root        "http://www.linuxfromscratch.org/">
 <!ENTITY blfs-root       "&lfs-root;blfs/">
 <!ENTITY blfs-book       "&blfs-root;view/&short-version;/">
+<!ENTITY blfs-book       "&blfs-root;view/&short-version;/">
 <!ENTITY faq-root        "&lfs-root;faq/">
 <!ENTITY hints-root      "&lfs-root;hints/downloads/files/">

packages.ent

-              r41727289
+              rbb189b0
 <!ENTITY gawk-ch6-sbu "0.3 SBU">
 <!ENTITY gcc-version "4.9.2">
 <!ENTITY gcc-size "87,832 KB">
+<!ENTITY gcc-version "5.1.0">
+<!ENTITY gcc-size "92,736 KB">
 <!ENTITY gcc-url "&gnu;gcc/gcc-&gcc-version;/gcc-&gcc-version;.tar.bz2">
 <!ENTITY gcc-md5 "4df8ee253b7f3863ad0b86359cd39c43">
+<!ENTITY gcc-md5 "d5525b1127d07d215960e6051c5da35e">
 <!ENTITY gcc-home "http://gcc.gnu.org/">
 <!ENTITY gcc-ch5p1-du "2.0 GB">
 <!ENTITY gcc-ch5p1-sbu "5.9 SBU">
 <!ENTITY gcc-ch5p2-du "2.6 GB">
 <!ENTITY gcc-ch5p2-sbu "7.7 SBU">
 <!ENTITY gcc-ch6-du "2.9 GB ">
 <!ENTITY gcc-ch6-sbu "63 SBU (with tests)">
 <!ENTITY libstdcpp-ch5-du "798 MB">
 <!ENTITY libstdcpp-ch5-sbu "0.3 SBU">
+<!ENTITY gcc-ch5p1-du "2.4 GB">
+<!ENTITY gcc-ch5p1-sbu "8.0 SBU">
+<!ENTITY gcc-ch5p2-du "2.8 GB">
+<!ENTITY gcc-ch5p2-sbu "10.2 SBU">
+<!ENTITY gcc-ch6-du "2.6 GB ">
+<!ENTITY gcc-ch6-sbu "92 SBU (with tests)">
+<!ENTITY libstdcpp-ch5-du "838 MB">
+<!ENTITY libstdcpp-ch5-sbu "0.4 SBU">
 <!ENTITY gdbm-version "1.11">

patches.ent

-              r41727289
+              rbb189b0
 <!ENTITY mpfr-fixes-patch-size "38 KB">
+<!--
+<!ENTITY perl-fix-patch "perl-&perl-version;-infinite_recurse_fix-1.patch">
+<!ENTITY perl-fix-patch-md5 "579dfed34e97e0a2fe21b74aa53946ac">
+<!ENTITY perl-fix-patch-size "11 KB">
+-->
+<!ENTITY ncurses-gcc5-buildfixes-patch "ncurses-&ncurses-version;-gcc5_buildfixes-1.patch">
+<!ENTITY ncurses-gcc5-buildfixes-patch-md5 "f9015f670940350a3fc3c2ef347e2b33">
+<!ENTITY ncurses-gcc5-buildfixes-patch-size "4 KB">
+<!ENTITY perl-gcc5-fixes-patch "perl-&perl-version;-gcc5_fixes-1.patch">
+<!ENTITY perl-gcc5-fixes-patch-md5 "30f4907f63ec3ef7d50fa55e12d2923e">
+<!ENTITY perl-gcc5-fixes-patch-size "8 KB">
 <!ENTITY readline-fixes-patch "readline-&readline-version;-upstream_fixes-3.patch">

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset bb189b0

Legend:

Download in other formats: