This changeset fixes CVE-2017-
1000366 by using the latest glibc
revision from the 2.23 glibc git as of today which includes the needed fix.
A few patch files included in poky had to be skipped as they're already
included in this later version.
Bug-AGL: SPEC-705 SPEC-706
Change-Id: Ie7ec64e524c68a4d5f2ca2a5363392c0588eb7d3
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>
Reviewed-on: https://gerrit.automotivelinux.org/gerrit/9935
Tested-by: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-build: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
ci-image-boot-test: Jenkins Job builder account <agl-jobbuilder@automotivelinux.org>
--- /dev/null
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+# include fix for CVE-2017-1000366
+SRCREV = "d990d79610362f823292f9d869b84b4ec4491159"
+
+# already in above revision
+SRC_URI_remove = "file://CVE-2016-3706.patch"
+SRC_URI_remove = "file://CVE-2016-4429.patch"
+SRC_URI_remove = "file://CVE-2016-1234.patch"
+SRC_URI_remove = "file://CVE-2016-3075.patch"
+SRC_URI_remove = "file://CVE-2016-5417.patch"