id	summary	reporter	owner	description	type	status	priority	milestone	component	version	severity	resolution	keywords	cc
4097	Create glibc upstream security patch	Douglas R. Reno	Douglas R. Reno	"As discussed privately, this is to fix concerns raised by this page:

[https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt]

We discussed privately that there was one commit that we should include. A couple more have been added since release that I would like to add, but want approval from the rest of the folks here first:

[https://sourceware.org/git/?p=glibc.git;a=commit;h=3c7cd21290cabdadd72984fb69bc51e64ff1002d] - Sec Commit 1

[https://sourceware.org/git/?p=glibc.git;a=commit;h=46703a3995aa3ca2b816814aa4ad05ed524194dd] - Sec Commit 2

[https://sourceware.org/git/?p=glibc.git;a=commit;h=c69d4a0f680a24fdbe323764a50382ad324041e9] - Sec Commit 3

[https://sourceware.org/git/?p=glibc.git;a=commit;h=ccb4fd7a657b0fbc4890c98f4586d58a135fc583] - i686 Overflow Fix

[https://sourceware.org/git/?p=glibc.git;a=commit;h=df29db0bec24211cfc917db52024bf8deecac2c9] - segfault fix with GCC 7 Overflow Checking

[https://sourceware.org/git/?p=glibc.git;a=commit;h=045e368799cd253ddbf8bdec42ed92e8ebb3ce67] - Use After Free security fix in SunRPC (RPCBOMB)

I would like to test this on both x86_64 and i686 before committing."	task	closed	highest	8.1	Book	SVN	normal	fixed