Code Review / AGL / meta-agl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: f6f141b) | patch
Fix for CVE-2017-1000366 in glibc 31/9931/2
authorJan-Simon Möller <jsmoeller@linuxfoundation.org>
Wed, 28 Jun 2017 20:01:03 +0000 (22:01 +0200)
committerJan-Simon Moeller <jsmoeller@linuxfoundation.org>
Thu, 29 Jun 2017 09:13:49 +0000 (09:13 +0000)
commit462bcd1521094624bddad4c336007b18117a3846
tree26449f1028020a5e946ed4589678d1e91464c33etree | snapshot
parentf6f141ba96c41c613d51a650da6562793d4bacedcommit | diff
Fix for CVE-2017-1000366 in glibc

This changeset fixes CVE-2017-1000366 by using the latest glibc
revision from the 2.24 glibc git as of today which includes the needed fix.
One patch file had to be adapted and overlayed with our custom version
(patching just conflicts on ChangeLog, no source file affected).

Bug-AGL: SPEC-705

Change-Id: Ia38344537523808f533c2732deb5ad2ca1202a89
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9931
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
meta-agl-bsp/meta-core/recipes-core/glibc/files/0028-Bug-20116-Fix-use-after-free-in-pthread_create.patch [new file with mode: 0644] blob
meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.24.bbappend [new file with mode: 0644] blob
meta-agl layer (core AGL)