]> git.ipfire.org Git - ipfire-2.x.git/commit - src/patches/glibc-2.38/0038-NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eadffeb) | patch
glibc: Import latest patches from upstream
authorMichael Tremer <michael.tremer@ipfire.org>
Wed, 31 Jan 2024 11:09:41 +0000 (11:09 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Wed, 31 Jan 2024 11:09:41 +0000 (11:09 +0000)
commita61a21ef7573726bb5d9d115f24e576a44c1d8be
tree58be956387c45a512a1298f7d0753b8aa2647fc7tree | snapshot
parenteadffeb43f47e8c1561e62f5d4a6bae0fef3ada6commit | diff
glibc: Import latest patches from upstream

These include (amongst others) fixes for:

GLIBC-SA-2024-0001:
===================
syslog: Heap buffer overflow in __vsyslog_internal (CVE-2023-6246)

__vsyslog_internal did not handle a case where printing a SYSLOG_HEADER
containing a long program name failed to update the required buffer
size, leading to the allocation and overflow of a too-small buffer on
the heap.

GLIBC-SA-2024-0002:
===================
syslog: Heap buffer overflow in __vsyslog_internal (CVE-2023-6779)

__vsyslog_internal used the return value of snprintf/vsnprintf to
calculate buffer sizes for memory allocation.  If these functions (for
any reason) failed and returned -1, the resulting buffer would be too
small to hold output.

GLIBC-SA-2024-0003:
===================
syslog: Integer overflow in __vsyslog_internal (CVE-2023-6780)

__vsyslog_internal calculated a buffer size by adding two integers, but
did not first check if the addition would overflow.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
45 files changed:
lfs/glibc diff | blob | blame | history
src/patches/glibc-2.38/0001-stdlib-Improve-tst-realpath-compatibility-with-sourc.patch diff | blob | blame | history
src/patches/glibc-2.38/0002-x86-Fix-for-cache-computation-on-AMD-legacy-cpus.patch diff | blob | blame | history
src/patches/glibc-2.38/0003-nscd-Do-not-rebuild-getaddrinfo-bug-30709.patch diff | blob | blame | history
src/patches/glibc-2.38/0004-x86-Fix-incorrect-scope-of-setting-shared_per_thread.patch diff | blob | blame | history
src/patches/glibc-2.38/0005-x86_64-Fix-build-with-disable-multiarch-BZ-30721.patch diff | blob | blame | history
src/patches/glibc-2.38/0006-i686-Fix-build-with-disable-multiarch.patch diff | blob | blame | history
src/patches/glibc-2.38/0007-malloc-Enable-merging-of-remainders-in-memalign-bug-.patch diff | blob | blame | history
src/patches/glibc-2.38/0008-malloc-Remove-bin-scanning-from-memalign-bug-30723.patch diff | blob | blame | history
src/patches/glibc-2.38/0009-sysdeps-tst-bz21269-fix-test-parameter.patch diff | blob | blame | history
src/patches/glibc-2.38/0010-sysdeps-tst-bz21269-handle-ENOSYS-skip-appropriately.patch diff | blob | blame | history
src/patches/glibc-2.38/0011-sysdeps-tst-bz21269-fix-Wreturn-type.patch diff | blob | blame | history
src/patches/glibc-2.38/0012-io-Fix-record-locking-contants-for-powerpc64-with-__.patch diff | blob | blame | history
src/patches/glibc-2.38/0013-libio-Fix-oversized-__io_vtables.patch diff | blob | blame | history
src/patches/glibc-2.38/0014-elf-Do-not-run-constructors-for-proxy-objects.patch diff | blob | blame | history
src/patches/glibc-2.38/0015-elf-Always-call-destructors-in-reverse-constructor-o.patch diff | blob | blame | history
src/patches/glibc-2.38/0016-elf-Remove-unused-l_text_end-field-from-struct-link_.patch diff | blob | blame | history
src/patches/glibc-2.38/0017-elf-Move-l_init_called_next-to-old-place-of-l_text_e.patch diff | blob | blame | history
src/patches/glibc-2.38/0018-NEWS-Add-the-2.38.1-bug-list.patch diff | blob | blame | history
src/patches/glibc-2.38/0019-CVE-2023-4527-Stack-read-overflow-with-large-TCP-res.patch diff | blob | blame | history
src/patches/glibc-2.38/0020-getaddrinfo-Fix-use-after-free-in-getcanonname-CVE-2.patch diff | blob | blame | history
src/patches/glibc-2.38/0021-iconv-restore-verbosity-with-unrecognized-encoding-n.patch diff | blob | blame | history
src/patches/glibc-2.38/0022-string-Fix-tester-build-with-fortify-enable-with-gcc.patch diff | blob | blame | history
src/patches/glibc-2.38/0023-manual-jobs.texi-Add-missing-item-EPERM-for-getpgid.patch diff | blob | blame | history
src/patches/glibc-2.38/0024-Fix-leak-in-getaddrinfo-introduced-by-the-fix-for-CV.patch diff | blob | blame | history
src/patches/glibc-2.38/0025-Document-CVE-2023-4806-and-CVE-2023-5156-in-NEWS.patch diff | blob | blame | history
src/patches/glibc-2.38/0026-Propagate-GLIBC_TUNABLES-in-setxid-binaries.patch diff | blob | blame | history
src/patches/glibc-2.38/0027-tunables-Terminate-if-end-of-input-is-reached-CVE-20.patch diff | blob | blame | history
src/patches/glibc-2.38/0028-Revert-elf-Remove-unused-l_text_end-field-from-struc.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0029-Revert-elf-Always-call-destructors-in-reverse-constr.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0030-Revert-elf-Move-l_init_called_next-to-old-place-of-l.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0031-sysdeps-sem_open-Clear-O_CREAT-when-semaphore-file-i.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0032-elf-Fix-wrong-break-removal-from-8ee878592c.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0033-LoongArch-Delete-excessively-allocated-memory.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0034-elf-Fix-TLS-modid-reuse-generation-assignment-BZ-290.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0035-elf-Add-TLS-modid-reuse-test-for-bug-29039.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0036-x86-64-Fix-the-dtv-field-load-for-x32-BZ-31184.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0037-x86-64-Fix-the-tcb-field-load-for-x32-BZ-31185.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0038-NEWS-Mention-bug-fixes-for-29039-30694-30709-30721.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0039-NEWS-Mention-bug-fixes-for-30745-30843.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0040-getaddrinfo-translate-ENOMEM-to-EAI_MEMORY-bug-31163.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0041-libio-Check-remaining-buffer-size-in-_IO_wdo_write-b.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0042-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0043-syslog-Fix-heap-buffer-overflow-in-__vsyslog_interna.patch [new file with mode: 0644] blob
src/patches/glibc-2.38/0044-syslog-Fix-integer-overflow-in-__vsyslog_internal-CV.patch [new file with mode: 0644] blob
IPFire 2.x development tree