Remove glibc backport prior to update of poky

This removes the fix for CVE-2017-1000366.backport.patch
as it is in the next upstream version that is being
merged.

Change-Id: Ifdb95e680194dca2e54119dc0d8b5f29c2a9047d
Signed-off-by: Jan-Simon Möller <jsmoeller@linuxfoundation.org>

diff --git a/meta-agl-bsp/meta-core/recipes-core/glibc/files/CVE-2017-1000366.backport.patch b/meta-agl-bsp/meta-core/recipes-core/glibc/files/CVE-2017-1000366.backport.patch
deleted file mode 100644 (file)
index 8ce5ca2..0000000
--- a/meta-agl-bsp/meta-core/recipes-core/glibc/files/CVE-2017-1000366.backport.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-# Source: https://sourceware.org/git/?p=glibc.git;a=patch;h=87bd4186da10371f46e2f1a7bf7c0a45bb04f1ac
-# Modified: removed Changelog and NEWS from patch to apply across multiple revisions
-# Upstream status: backport
-# 
-# 2017-09-05 jsmoeller@linuxfoundation.org
-
-From 87bd4186da10371f46e2f1a7bf7c0a45bb04f1ac Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Mon, 19 Jun 2017 18:33:26 +0200
-Subject: [PATCH] CVE-2017-1000366: Ignore LD_LIBRARY_PATH for AT_SECURE=1
- programs [BZ #21624]
-
-LD_LIBRARY_PATH can only be used to reorder system search paths, which
-is not useful functionality.
-
-This makes an exploitable unbounded alloca in _dl_init_paths unreachable
-for AT_SECURE=1 programs.
-
-(cherry picked from commit f6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d)
----
- ChangeLog  | 7 +++++++
- NEWS       | 1 +
- elf/rtld.c | 3 ++-
- 3 files changed, 10 insertions(+), 1 deletion(-)
-
-# removed to apply on older version ...
-# 
-#diff --git a/ChangeLog b/ChangeLog
-#index 1795e28..e37f14f 100644
-#--- a/ChangeLog
-#+++ b/ChangeLog
-#@@ -1,3 +1,10 @@
-#+2017-06-19  Florian Weimer  <fweimer@redhat.com>
-#+
-#+     [BZ #21624]
-#+     CVE-2017-1000366
-#+     * elf/rtld.c (process_envvars): Ignore LD_LIBRARY_PATH for
-#+     __libc_enable_secure.
-#+
-# 2017-02-01  Andreas Schwab  <schwab@linux-m68k.org>
-# 
-#      * sysdeps/m68k/m680x0/m68020/atomic-machine.h
-#diff --git a/NEWS b/NEWS
-#index 82a718f..d42af91 100644
-#--- a/NEWS
-#+++ b/NEWS
-#@@ -25,6 +25,7 @@ The following bugs are resolved with this release:
-# 
-#   [21289] Fix symbol redirect for fts_set
-#   [21386] Assertion in fork for distinct parent PID is incorrect
-#+  [21624] Unsafe alloca allows local attackers to alias stack and heap (CVE-2017-1000366)
-# \f
-# Version 2.24
-# 
-diff --git a/elf/rtld.c b/elf/rtld.c
-index 647661c..215a9ae 100644
---- a/elf/rtld.c
-+++ b/elf/rtld.c
-@@ -2437,7 +2437,8 @@ process_envvars (enum mode *modep)
- 
-       case 12:
-         /* The library search path.  */
--        if (memcmp (envline, "LIBRARY_PATH", 12) == 0)
-+        if (!__libc_enable_secure
-+            && memcmp (envline, "LIBRARY_PATH", 12) == 0)
-           {
-             library_path = &envline[13];
-             break;
--- 
-2.9.3
-

diff --git a/meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.24.bbappend b/meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.24.bbappend
deleted file mode 100644 (file)
index 99786fb..0000000
--- a/meta-agl-bsp/meta-core/recipes-core/glibc/glibc_2.24.bbappend
+++ /dev/null
@@ -1,4 +0,0 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-
-# include fix for CVE-2017-1000366
-SRC_URI_append = " file://CVE-2017-1000366.backport.patch"
\ No newline at end of file