projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 55e9290) | patch
package/glibc: bump version for post-2.30 security fixes
authorPeter Korsgaard <peter@korsgaard.com>
Fri, 13 Dec 2019 13:55:52 +0000 (14:55 +0100)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Sat, 14 Dec 2019 20:55:42 +0000 (21:55 +0100)
commitbda95544b90af692fe9a33234caaa9f77b9a1e9e
tree909a6846111c2668a22a3aaf053c4b83e81fff23tree
parent55e9290603b21e3b88085cba2349eb8af6b7535bcommit | diff
package/glibc: bump version for post-2.30 security fixes

Fixes the following security vulnerability:

- CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
  environment variable during program execution after a security
  transition, allowing local attackers to restrict the possible mapping
  addresses for loaded libraries and thus bypass ASLR for a setuid
  program.  Reported by Marcin Koƛcielnicki.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/glibc/2.30-1-gbe9a328c93834648e0bec106a1f86357d1a8c7e1/glibc.hash [deleted file] blob | history
package/glibc/2.30-20-g50f20fe506abb8853641006a7b90a81af21d7b91/glibc.hash [new file with mode: 0644] blob
package/glibc/glibc.mk diff | blob | history