Opened 4 years ago

Closed 4 years ago

#4097 closed task (fixed)

Create glibc upstream security patch

Reported by: Douglas R. Reno Owned by: Douglas R. Reno
Priority: highest Milestone: 8.1
Component: Book Version: SVN
Severity: normal Keywords:
Cc:

Description

As discussed privately, this is to fix concerns raised by this page:

https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

We discussed privately that there was one commit that we should include. A couple more have been added since release that I would like to add, but want approval from the rest of the folks here first:

https://sourceware.org/git/?p=glibc.git;a=commit;h=3c7cd21290cabdadd72984fb69bc51e64ff1002d - Sec Commit 1

https://sourceware.org/git/?p=glibc.git;a=commit;h=46703a3995aa3ca2b816814aa4ad05ed524194dd - Sec Commit 2

https://sourceware.org/git/?p=glibc.git;a=commit;h=c69d4a0f680a24fdbe323764a50382ad324041e9 - Sec Commit 3

https://sourceware.org/git/?p=glibc.git;a=commit;h=ccb4fd7a657b0fbc4890c98f4586d58a135fc583 - i686 Overflow Fix

https://sourceware.org/git/?p=glibc.git;a=commit;h=df29db0bec24211cfc917db52024bf8deecac2c9 - segfault fix with GCC 7 Overflow Checking

https://sourceware.org/git/?p=glibc.git;a=commit;h=045e368799cd253ddbf8bdec42ed92e8ebb3ce67 - Use After Free security fix in SunRPC (RPCBOMB)

I would like to test this on both x86_64 and i686 before committing.

Change History (2)

comment:1 by Douglas R. Reno, 4 years ago

Owner: changed from lfs-book@… to Douglas R. Reno
Status: newassigned

comment:2 by bdubbs@…, 4 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 11269.

Note: See TracTickets for help on using tickets.