Code Review / AGL / meta-agl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 17fb0f4) | patch
Fix for CVE-2017-1000366 in glibc 33/9933/2
authorJan-Simon Möller <jsmoeller@linuxfoundation.org>
Wed, 28 Jun 2017 20:01:03 +0000 (22:01 +0200)
committerJan-Simon Moeller <jsmoeller@linuxfoundation.org>
Thu, 29 Jun 2017 09:13:47 +0000 (09:13 +0000)
commit377b4d835cd4924efb4cd905eed642497960a239
treeddc7dd2d0ebcad673284d43ca7c7f5915541ffd7tree | snapshot
parent17fb0f43d38e3e9ae7356eea0fac2aff8f66fa0ecommit | diff
Fix for CVE-2017-1000366 in glibc

This changeset fixes CVE-2017-1000366 by using the latest glibc
revision from the 2.24 glibc git as of today which includes the needed fix.
One patch file had to be adapted and overlayed with our custom version
(patching just conflicts on ChangeLog, no source file affected).

Bug-AGL: SPEC-705 SPEC-707

Change-Id: I1fbb6bc5862ada6b8b5479796c6a488a11c53ed4
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9933
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
meta-agl-bsp/meta-core/recipes-core/glibc/files/0028-Bug-20116-Fix-use-after-free-in-pthread_create.patch [new file with mode: 0644] blob
meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.24.bbappend [new file with mode: 0644] blob
meta-agl layer (core AGL)